Charon/docs/plans at 5b0d30986d88131b2f172ff43f687221e4ab1808 - Charon - Gitea: Git with a cup of tea

akanealw/Charon

Files

History

GitHub Actions 323b2aa637 fix(security): resolve CWE-918 SSRF vulnerability in notification service

- Apply URL validation using security.ValidateWebhookURL() to all webhook
  HTTP request paths in notification_service.go
- Block private IPs (RFC 1918), cloud metadata endpoints, and loopback
- Add comprehensive SSRF test coverage
- Add CodeQL VS Code tasks for local security scanning
- Update Definition of Done to include CodeQL scans
- Clean up stale SARIF files from repo root

Resolves CI security gate failure for CWE-918.

2025-12-24 03:53:35 +00:00

..

proof-of-concept

feat: migrate scripts to Agent Skills following agentskills.io specification

2025-12-20 20:37:16 +00:00

agent-skills-migration-spec.md

feat: Update Docker Workflow Analysis & Remediation Plan in current_spec.md

2025-12-21 14:19:51 +00:00

bulk-apply-security-headers-plan.md.backup

feat: migrate scripts to Agent Skills following agentskills.io specification

2025-12-20 20:37:16 +00:00

c-ares_remediation_plan.md

feat: add weekly security rebuild workflow with no-cache scanning

2025-12-14 02:08:16 +00:00

caddy_bouncer_field_remediation.md

fix: add missing field handlers in proxy host Update endpoint

2025-12-20 01:55:52 +00:00

caddy_config_architecture_investigation.md

fix: remove invalid trusted_proxies structure causing 500 error on proxy host save

2025-12-20 05:46:03 +00:00

cerberus_integration_testing_plan.md

Add comprehensive tests for Security Dashboard functionality

2025-12-12 23:51:05 +00:00

cerberus_remediation_plan.md

Enhance documentation and testing plans

2025-12-14 02:45:24 +00:00

cerberus_uiux_testing_plan.md

Enhance documentation and testing plans

2025-12-14 02:45:24 +00:00

ci_failure_fix.md

docs: add CI failure fix plan and root cause analysis for WAF integration test

2025-12-23 06:26:53 +00:00

ci_failure_remediation_plan.md

Enhance documentation and testing plans

2025-12-14 02:45:24 +00:00

cleanup_temp_files.md

Fix Rate Limiting Issues

2025-12-12 19:21:44 +00:00

codecov_config_analysis.md

fix: update Codecov ignore patterns to align with local coverage analysis

2025-12-15 07:30:36 +00:00

codecov-acceptinvite-patch-coverage.md

fix: remove unreachable constant-time compare in AcceptInvite handler

2025-12-22 19:06:12 +00:00

container-hardening-fix.md

feat(docs): add comprehensive container hardening configuration and validation steps

2025-12-23 06:52:19 +00:00

crowdsec_bouncer_research_plan.md

fix: add missing field handlers in proxy host Update endpoint

2025-12-20 01:55:52 +00:00

crowdsec_full_implementation.md

Enhance documentation and testing plans

2025-12-14 02:45:24 +00:00

crowdsec_hotfix_plan.md

fix: add missing field handlers in proxy host Update endpoint

2025-12-20 01:55:52 +00:00

crowdsec_lapi_error_diagnostic.md

fix: enhance LAPI readiness checks and update related UI feedback

2025-12-15 07:30:35 +00:00

crowdsec_nonroot_fix_spec.md

doc: CrowdSec non-root migration fix specification and implementation plan

2025-12-22 02:43:19 +00:00

crowdsec_reconciliation_failure.md

fix: add missing field handlers in proxy host Update endpoint

2025-12-20 01:55:52 +00:00

crowdsec_startup_fix.md

fix(security): resolve CrowdSec startup permission failures

2025-12-23 02:30:22 +00:00

crowdsec_testing_plan.md

Enhance documentation and testing plans

2025-12-14 02:45:24 +00:00

crowdsec_toggle_fix_plan.md

fix: add missing field handlers in proxy host Update endpoint

2025-12-20 01:55:52 +00:00

current_spec.md

fix(security): resolve CWE-918 SSRF vulnerability in notification service

2025-12-24 03:53:35 +00:00

db_corruption_guardrails_spec.md

feat: add SQLite database corruption guardrails

2025-12-17 16:53:38 +00:00

docker_socket_trace.md

fix: resolve Docker socket permissions and notification page routing

2025-12-22 21:58:20 +00:00

docs_to_issues_workflow.md

Enhance documentation and testing plans

2025-12-14 02:45:24 +00:00

frontend_coverage_boost.md

Fix Rate Limiting Issues

2025-12-12 19:21:44 +00:00

handler_test_optimization.md

chore: Optimize handler tests by implementing parallel execution, reducing AutoMigrate calls, and introducing helper functions for synchronization. Added a template database for faster test setup and created a new test_helpers.go file for common utilities. Updated multiple test files to utilize these improvements, enhancing overall test performance and reliability.

2025-12-21 06:01:47 +00:00

history_rewrite.md

Fix Rate Limiting Issues

2025-12-12 19:21:44 +00:00

import_cert_dashboard_spec.md

Fix Rate Limiting Issues

2025-12-12 19:21:44 +00:00

instruction_compliance_spec.md

feat: add instruction compliance audit report for Charon codebase

2025-12-20 20:53:25 +00:00

issue-365-additional-security.md

docs: add planning document for Issue #365 Additional Security

2025-12-21 10:26:21 -05:00

issue-365-remaining-work.md

docs: add CI failure fix plan and root cause analysis for WAF integration test

2025-12-23 06:26:53 +00:00

MIGRATION_UPDATE_SUMMARY.md

feat: migrate scripts to Agent Skills following agentskills.io specification

2025-12-20 20:37:16 +00:00

notification_page_trace.md

fix: resolve Docker socket permissions and notification page routing

2025-12-22 21:58:20 +00:00

post_rebuild_diagnostic.md

fix: add missing field handlers in proxy host Update endpoint

2025-12-20 01:55:52 +00:00

pr-434-docker-analysis.md

feat: Add Docker Workflow Analysis & Remediation Plan for PR #434

2025-12-21 14:20:13 +00:00

precommit_performance_fix_spec.md

fix: add missing field handlers in proxy host Update endpoint

2025-12-20 01:55:52 +00:00

prev_spec_archived_dec16.md

fix: add missing field handlers in proxy host Update endpoint

2025-12-20 01:55:52 +00:00

prev_spec_ci_investigation_dec18.md

fix: remove invalid trusted_proxies structure causing 500 error on proxy host save

2025-12-20 05:46:03 +00:00

prev_spec_docker_socket_500_dec23.md

fix(security): resolve CWE-918 SSRF vulnerability in notification service

2025-12-24 03:53:35 +00:00

prev_spec_i18n_language_selector_dec19.md

fix: add missing field handlers in proxy host Update endpoint

2025-12-20 01:55:52 +00:00

prev_spec_security_headers_persistence_dec18.md

fix: add missing field handlers in proxy host Update endpoint

2025-12-20 01:55:52 +00:00

prev_spec_standard_proxy_headers_dec19.md

fix: add missing field handlers in proxy host Update endpoint

2025-12-20 01:55:52 +00:00

prev_spec_uiux_dec16.md

fix: add missing field handlers in proxy host Update endpoint

2025-12-20 01:55:52 +00:00

prev_spec_websocket_fix_dec16.md

fix: add missing field handlers in proxy host Update endpoint

2025-12-20 01:55:52 +00:00

prev_spec_xforwarded_port_investigation.md

fix: remove invalid trusted_proxies structure causing 500 error on proxy host save

2025-12-20 05:46:03 +00:00

qa_remediation.md

test: increase test coverage to 86.1% and fix SSRF test failures

2025-12-23 05:46:44 +00:00

rate_limiter_testing_plan.md

Fix Rate Limiting Issues

2025-12-12 19:21:44 +00:00

sample_orchestration_plan.md

Fix Rate Limiting Issues

2025-12-12 19:21:44 +00:00

SECURITY_COVERAGE_QA_PLAN.md

Fix Rate Limiting Issues

2025-12-12 19:21:44 +00:00

security_features_spec.md

Fix Rate Limiting Issues

2025-12-12 19:21:44 +00:00

security_headers_apply_preset_analysis.md

fix: add missing field handlers in proxy host Update endpoint

2025-12-20 01:55:52 +00:00

security_headers_investigation.md

fix: consolidate preset UI and fix field name mismatch

2025-12-19 18:55:48 +00:00

ssl_card_pending_fix.md

Fix Rate Limiting Issues

2025-12-12 19:21:44 +00:00

ssrf_handler_fix_spec.md

fix(security): complete SSRF remediation with defense-in-depth (CWE-918)

2025-12-23 20:52:01 +00:00

ssrf_remediation_spec.md

feat(security): comprehensive SSRF protection implementation

2025-12-23 15:09:22 +00:00

structure.md

chore: reorganize repository structure

2025-12-21 04:57:31 +00:00

test_coverage_plan_100_percent.md

fix: add missing field handlers in proxy host Update endpoint

2025-12-20 01:55:52 +00:00

test_coverage_plan_sqlite_corruption.md

fix: remove invalid trusted_proxies structure causing 500 error on proxy host save

2025-12-20 05:46:03 +00:00

ui_ux_bugfixes_spec.md

Enhance documentation and testing plans

2025-12-14 02:45:24 +00:00

uptime_monitoring_diagnosis.md

fix(monitoring): resolve uptime port mismatch for non-standard ports

2025-12-23 03:28:45 +00:00

url_test_security_fixes.md

fix: login page warnings and implement secure URL testing

2025-12-22 01:31:57 +00:00

url_testing_codeql_fix.md

fix(security): complete SSRF remediation with dual taint breaks (CWE-918)

2025-12-23 23:17:49 +00:00

user_handler_coverage_fix.md

test: increase test coverage to 86.1% and fix SSRF test failures

2025-12-23 05:46:44 +00:00

waf_integration_fix.md

fix(integration): resolve WAF test authentication order

2025-12-23 03:40:00 +00:00

waf_testing_plan.md

Enhance documentation and testing plans

2025-12-14 02:45:24 +00:00