akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 6 Packages Projects Releases Wiki Activity
Files
36bdffcd0637ca3f0138caba050e6e05b3ad7a6c
Charon/backend/internal/services
T
History
GitHub Actions 323b2aa637 fix(security): resolve CWE-918 SSRF vulnerability in notification service 
- Apply URL validation using security.ValidateWebhookURL() to all webhook
  HTTP request paths in notification_service.go
- Block private IPs (RFC 1918), cloud metadata endpoints, and loopback
- Add comprehensive SSRF test coverage
- Add CodeQL VS Code tasks for local security scanning
- Update Definition of Done to include CodeQL scans
- Clean up stale SARIF files from repo root

Resolves CI security gate failure for CWE-918.
2025-12-24 03:53:35 +00:00
..
access_list_service_test.go
feat(cerberus): integrate Cerberus security features (WAF, ACLs, rate limiting, CrowdSec)
2025-12-12 17:56:30 +00:00
access_list_service.go
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
auth_service_test.go
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
auth_service.go
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
backup_service_disk_test.go
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
backup_service_test.go
fix: use PR number instead of ref_name for Docker image tags
2025-12-17 21:54:17 +00:00
backup_service.go
fix: resolve CVE-2025-68156, coverage hang, and test lifecycle issue
2025-12-17 19:41:02 +00:00
benchmark_test.go
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
certificate_service_test.go
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
certificate_service.go
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
coverage_boost_test.go
feat: Implement CrowdSec toggle fix validation and documentation updates
2025-12-15 07:30:36 +00:00
crowdsec_startup_test.go
test: improve backend test coverage to 85.4%
2025-12-16 14:10:32 +00:00
crowdsec_startup.go
fix(security): resolve CrowdSec startup and permission issues
2025-12-23 01:59:21 +00:00
doc.go
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
docker_service_test.go
fix(security): eliminate SSRF vulnerability with comprehensive test coverage (CWE-918)
2025-12-23 17:42:21 +00:00
docker_service.go
fix: resolve Docker socket permissions and notification page routing
2025-12-22 21:58:20 +00:00
geoip_service_test.go
fix: complete geoip2-golang v2 migration
2025-12-14 08:06:32 +00:00
geoip_service.go
fix: complete geoip2-golang v2 migration
2025-12-14 08:06:32 +00:00
log_service_test.go
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
log_service.go
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
log_watcher_test.go
test: improve backend test coverage to 85.4%
2025-12-16 14:10:32 +00:00
log_watcher.go
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
mail_service_test.go
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
mail_service.go
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
notification_service_template_test.go
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
notification_service_test.go
fix(security): resolve CWE-918 SSRF vulnerability in notification service
2025-12-24 03:53:35 +00:00
notification_service.go
fix(security): resolve CWE-918 SSRF vulnerability in notification service
2025-12-24 03:53:35 +00:00
proxyhost_service_test.go
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
proxyhost_service.go
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
remoteserver_service_test.go
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
remoteserver_service.go
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
security_headers_service_test.go
feat: add API-Friendly security header preset for mobile apps
2025-12-19 18:55:48 +00:00
security_headers_service.go
feat: add API-Friendly security header preset for mobile apps
2025-12-19 18:55:48 +00:00
security_notification_service_test.go
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
security_notification_service.go
feat(security): comprehensive SSRF protection implementation
2025-12-23 15:09:22 +00:00
security_score_test.go
feat: implement HTTP Security Headers management (Issue #20)
2025-12-19 18:55:48 +00:00
security_score.go
feat: implement HTTP Security Headers management (Issue #20)
2025-12-19 18:55:48 +00:00
security_service_test.go
feat(cerberus): integrate Cerberus security features (WAF, ACLs, rate limiting, CrowdSec)
2025-12-12 17:56:30 +00:00
security_service.go
feat(cerberus): integrate Cerberus security features (WAF, ACLs, rate limiting, CrowdSec)
2025-12-12 17:56:30 +00:00
update_service_test.go
fix(security): eliminate SSRF vulnerability with comprehensive test coverage (CWE-918)
2025-12-23 17:42:21 +00:00
update_service.go
feat(security): comprehensive SSRF protection implementation
2025-12-23 15:09:22 +00:00
uptime_service_notification_test.go
Add QA test outputs, build scripts, and Dockerfile validation
2025-12-11 18:26:24 +00:00
uptime_service_test.go
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
uptime_service_unit_test.go
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
uptime_service.go
fix(monitoring): resolve uptime port mismatch for non-standard ports
2025-12-23 03:28:45 +00:00
websocket_tracker_test.go
fix: improve test ID generation in concurrent test
2025-12-18 18:26:46 +00:00
websocket_tracker.go
feat: add WebSocket connection tracking backend
2025-12-18 18:04:40 +00:00