akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 7 Packages Projects Releases Wiki Activity
Files
c15e5e39ff352040f5ed77a47f4cba031b6d1147
Charon/docs/reports
History
GitHub Actions 5b0d30986d fix(security): resolve CWE-918 SSRF vulnerability in notification service 
- Apply URL validation using security.ValidateWebhookURL() to all webhook
  HTTP request paths in notification_service.go
- Block private IPs (RFC 1918), cloud metadata endpoints, and loopback
- Add comprehensive SSRF test coverage
- Improve handler test coverage from 84.2% to 85.4%
- Add CodeQL VS Code tasks for local security scanning
- Update Definition of Done to include CodeQL scans
- Clean up stale SARIF files from repo root

Resolves CI CodeQL gate failure for CWE-918.
2025-12-24 05:59:16 +00:00
..
cerberus_live_logs_qa_report.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
ci_failure_diagnosis.md
fix: enhance LAPI readiness checks and update related UI feedback
2025-12-15 07:30:35 +00:00
compliance_qa_report.md
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
coverage_gap_analysis.md
test: add comprehensive frontend tests for Public URL and invite preview features
2025-12-23 16:32:19 +00:00
coverage_verification.md
test: add comprehensive frontend tests for Public URL and invite preview features
2025-12-23 16:32:19 +00:00
crowdsec_app_level_config.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_bouncer_field_investigation.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_final_validation_20251215.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_final_validation.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_fix_deployment.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_integration_summary.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
crowdsec_migration_qa_report.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_production_ready_20251215_205500.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_trusted_proxies_fix.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_validation_final.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec-preset-fix-summary.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
crowdsec-preset-pull-apply-debug.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
definition_of_done_report.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
FINAL_VERIFICATION_SSRF_REMEDIATION.md
fix(security): complete SSRF remediation with dual taint breaks (CWE-918)
2025-12-23 23:17:49 +00:00
HOTFIX_CROWDSEC_INTEGRATION_ISSUES.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
HTTP_HEADER_SCAN.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
implementation_notes.md
Add ImportSuccessModal tests, enhance AuthContext for token management, and improve useImport hook
2025-12-12 00:05:15 +00:00
precommit_fix_verification.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
precommit_performance_diagnosis.md
fix: remove invalid trusted_proxies structure causing 500 error on proxy host save
2025-12-20 05:46:03 +00:00
qa_agent_skills_migration.md
feat: migrate scripts to Agent Skills following agentskills.io specification
2025-12-20 20:37:16 +00:00
qa_crowdsec_frontend_coverage_report.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
qa_crowdsec_implementation.md
Enhance documentation and testing plans
2025-12-14 02:45:24 +00:00
qa_crowdsec_lapi_availability_fix.md
fix: enhance LAPI readiness checks and update related UI feedback
2025-12-15 07:30:35 +00:00
qa_crowdsec_startup_test_failure.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
qa_crowdsec_toggle_fix_summary.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
qa_cwe918_ssrf_triage.md
fix(security): resolve CWE-918 SSRF vulnerability in notification service
2025-12-24 03:53:35 +00:00
qa_final_crowdsec_validation.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
qa_i18n_report.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
qa_race_and_test_failures_2025-12-12.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
qa_report_bulk_apply_headers.md
feat: add security header profiles to bulk apply
2025-12-20 15:19:06 +00:00
qa_report_capi_fix.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
qa_report_crowdsec_architecture.md
fix: enhance LAPI readiness checks and update related UI feedback
2025-12-15 07:30:35 +00:00
qa_report_crowdsec_markdownlint_20251212.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
qa_report_crowdsec_startup_fix.md
fix(security): resolve CrowdSec startup and permission issues
2025-12-23 01:59:21 +00:00
qa_report_crowdsec_verification.md
fix(crowdsec): resolve non-root container migration issues
2025-12-22 04:03:04 +00:00
qa_report_docker_tag_fix_pr421.md
fix: use PR number instead of ref_name for Docker image tags
2025-12-17 20:00:44 +00:00
qa_report_final.md
test: increase test coverage to 86.1% and fix SSRF test failures
2025-12-23 05:46:44 +00:00
qa_report_geoip_v2.md
fix: enhance LAPI readiness checks and update related UI feedback
2025-12-15 07:30:35 +00:00
qa_report_i18n.md
fix: remove invalid trusted_proxies structure causing 500 error on proxy host save
2025-12-20 05:46:03 +00:00
qa_report_issue20_security_headers.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
qa_report_issue365.md
feat(docs): add comprehensive container hardening configuration and validation steps
2025-12-23 06:52:19 +00:00
qa_report_proxy_host_update_fix.md
fix: remove invalid trusted_proxies structure causing 500 error on proxy host save
2025-12-20 05:46:03 +00:00
qa_report_rate_limiting_20251212.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
qa_report_sidebar_ui.md
feat: improve sidebar and header UX with scrollable navigation and fixed header
2025-12-21 21:04:13 +00:00
qa_report_ssrf_fix.md
fix(security): complete SSRF remediation with dual taint breaks (CWE-918)
2025-12-23 23:17:49 +00:00
qa_report_standard_proxy_headers.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
qa_report.md
fix(security): resolve CWE-918 SSRF vulnerability in notification service
2025-12-24 05:59:16 +00:00
qa_security_headers_fix_2025-12-18.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
qa_security_weekly_workflow.md
feat: add weekly security workflow implementation and documentation
2025-12-14 02:03:38 +00:00
qa_ssrf_remediation_report.md
feat(security): comprehensive SSRF protection implementation
2025-12-23 15:09:22 +00:00
qa_summary_sidebar_ui.md
feat: improve sidebar and header UX with scrollable navigation and fixed header
2025-12-21 21:04:13 +00:00
qa_test_coverage_audit.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
qa_uiux_testing_report.md
Enhance documentation and testing plans
2025-12-14 02:45:24 +00:00
rate_limit_fix_summary.md
Enhance documentation and testing plans
2025-12-14 02:45:24 +00:00
rate_limit_test_status.md
fix: enhance LAPI readiness checks and update related UI feedback
2025-12-15 07:30:35 +00:00
security_headers_bug_fix_summary.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
security_headers_trace.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
SSRF_DOCUMENTATION_UPDATE_SUMMARY.md
fix(security): eliminate SSRF vulnerability in URL connectivity testing (CWE-918)
2025-12-23 17:10:12 +00:00