Charon/Chiron.code-workspace at 323b2aa6376a55d6c9108af65dc2a0302b15419a - Charon - Gitea: Git with a cup of tea

akanealw/Charon

Files

GitHub Actions 323b2aa637 fix(security): resolve CWE-918 SSRF vulnerability in notification service

- Apply URL validation using security.ValidateWebhookURL() to all webhook
  HTTP request paths in notification_service.go
- Block private IPs (RFC 1918), cloud metadata endpoints, and loopback
- Add comprehensive SSRF test coverage
- Add CodeQL VS Code tasks for local security scanning
- Update Definition of Done to include CodeQL scans
- Clean up stale SARIF files from repo root

Resolves CI security gate failure for CWE-918.

2025-12-24 03:53:35 +00:00

15 lines

271 B

Plaintext

Raw Blame History

 {
     "folders": [
         {
             "path": "."
         },
         {
             "path": "../codeql"
         }
     ],
     "settings": {
         "codeQL.createQuery.qlPackLocation": "/projects/Charon",
         "sarif-viewer.connectToGithubCodeScanning": "on"
     }
 }