Charon

akanealw/Charon

Fork 0

Commit Graph

Author	SHA1	Message	Date
GitHub Actions	4adcd9eda1	feat: add nightly branch workflow	2026-01-13 22:11:35 +00:00
GitHub Actions	f46d19b3c0	fix(security): enhance SSRF defense-in-depth with monitoring (CWE-918) - Add CodeQL custom model recognizing ValidateExternalURL as sanitizer - Enhance validation: hostname length (RFC 1035), IPv6-mapped IPv4 blocking - Integrate Prometheus metrics (charon_ssrf_blocks_total, charon_url_validation_total) - Add security audit logging with sanitized error messages - Fix test race conditions with atomic types - Update SECURITY.md with 5-layer defense documentation Related to: #450 Coverage: Backend 86.3%, Frontend 87.27% Security scans: CodeQL, Trivy, govulncheck all clean	2025-12-31 21:17:08 +00:00

Author

SHA1

Message

Date

GitHub Actions

4adcd9eda1

feat: add nightly branch workflow

2026-01-13 22:11:35 +00:00

GitHub Actions

f46d19b3c0

fix(security): enhance SSRF defense-in-depth with monitoring (CWE-918)

- Add CodeQL custom model recognizing ValidateExternalURL as sanitizer
- Enhance validation: hostname length (RFC 1035), IPv6-mapped IPv4 blocking
- Integrate Prometheus metrics (charon_ssrf_blocks_total, charon_url_validation_total)
- Add security audit logging with sanitized error messages
- Fix test race conditions with atomic types
- Update SECURITY.md with 5-layer defense documentation

Related to: #450
Coverage: Backend 86.3%, Frontend 87.27%
Security scans: CodeQL, Trivy, govulncheck all clean

2025-12-31 21:17:08 +00:00

2 Commits