akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases Wiki Activity
Files
36bdffcd0637ca3f0138caba050e6e05b3ad7a6c
Charon/backend
History
GitHub Actions 323b2aa637 fix(security): resolve CWE-918 SSRF vulnerability in notification service 
- Apply URL validation using security.ValidateWebhookURL() to all webhook
  HTTP request paths in notification_service.go
- Block private IPs (RFC 1918), cloud metadata endpoints, and loopback
- Add comprehensive SSRF test coverage
- Add CodeQL VS Code tasks for local security scanning
- Update Definition of Done to include CodeQL scans
- Clean up stale SARIF files from repo root

Resolves CI security gate failure for CWE-918.
2025-12-24 03:53:35 +00:00
..
cmd
fix(security): resolve CrowdSec startup and permission issues
2025-12-23 01:59:21 +00:00
integration
feat: Add full integration testing for Cerberus security stack
2025-12-12 23:29:30 +00:00
internal
fix(security): resolve CWE-918 SSRF vulnerability in notification service
2025-12-24 03:53:35 +00:00
tools
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
.env.example
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
.golangci.yml
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
detailed_coverage.txt
test: increase test coverage to 86.1% and fix SSRF test failures
2025-12-23 05:46:44 +00:00
final_coverage.txt
test: increase test coverage to 86.1% and fix SSRF test failures
2025-12-23 05:46:44 +00:00
go.mod
fix(deps): update module github.com/oschwald/geoip2-golang/v2 to v2.1.0
2025-12-23 05:56:41 +00:00
go.sum
fix(deps): update module github.com/oschwald/geoip2-golang/v2 to v2.1.0
2025-12-23 05:56:41 +00:00
package-lock.json
chore(deps): update npm minor/patch
2025-12-16 15:53:48 +00:00
package.json
chore(deps): update npm minor/patch
2025-12-16 15:53:48 +00:00
README.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
test-output-final.txt
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
user_handler_coverage.txt
test: increase test coverage to 86.1% and fix SSRF test failures
2025-12-23 05:46:44 +00:00

README.md

Backend Service

This folder contains the Go API for CaddyProxyManager+.

Prerequisites

  • Go 1.24+

Getting started

cp .env.example .env # optional
cd backend
go run ./cmd/api

Tests

cd backend
go test ./...
Reference in New Issue View Git Blame Copy Permalink