akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 14 Packages Projects Releases Wiki Activity
Files
dcdc4e03b8e9679038a9d21751ad70506d94974a
Charon/docs/plans
History
GitHub Actions f46d19b3c0 fix(security): enhance SSRF defense-in-depth with monitoring (CWE-918) 
- Add CodeQL custom model recognizing ValidateExternalURL as sanitizer
- Enhance validation: hostname length (RFC 1035), IPv6-mapped IPv4 blocking
- Integrate Prometheus metrics (charon_ssrf_blocks_total, charon_url_validation_total)
- Add security audit logging with sanitized error messages
- Fix test race conditions with atomic types
- Update SECURITY.md with 5-layer defense documentation

Related to: #450
Coverage: Backend 86.3%, Frontend 87.27%
Security scans: CodeQL, Trivy, govulncheck all clean
2025-12-31 21:17:08 +00:00
..
proof-of-concept
feat: migrate scripts to Agent Skills following agentskills.io specification
2025-12-20 20:37:16 +00:00
agent-skills-migration-spec.md
feat: Update Docker Workflow Analysis & Remediation Plan in current_spec.md
2025-12-21 14:19:51 +00:00
bulk-apply-security-headers-plan.md
test(security): complete CWE-918 remediation and achieve 86% backend coverage
2025-12-24 11:51:51 +00:00
c-ares_remediation_plan.md
feat: add weekly security rebuild workflow with no-cache scanning
2025-12-14 02:08:16 +00:00
caddy_bouncer_field_remediation.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
caddy_config_architecture_investigation.md
fix: remove invalid trusted_proxies structure causing 500 error on proxy host save
2025-12-20 05:46:03 +00:00
cerberus_integration_testing_plan.md
Add comprehensive tests for Security Dashboard functionality
2025-12-12 23:51:05 +00:00
cerberus_remediation_plan.md
Enhance documentation and testing plans
2025-12-14 02:45:24 +00:00
cerberus_uiux_testing_plan.md
Enhance documentation and testing plans
2025-12-14 02:45:24 +00:00
ci_failure_fix.md
docs: add CI failure fix plan and root cause analysis for WAF integration test
2025-12-23 06:26:53 +00:00
ci_failure_remediation_plan.md
Enhance documentation and testing plans
2025-12-14 02:45:24 +00:00
cleanup_temp_files.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
codecov_config_analysis.md
fix: update Codecov ignore patterns to align with local coverage analysis
2025-12-15 07:30:36 +00:00
codecov-acceptinvite-patch-coverage.md
fix: remove unreachable constant-time compare in AcceptInvite handler
2025-12-22 19:06:12 +00:00
container-hardening-fix.md
feat(docs): add comprehensive container hardening configuration and validation steps
2025-12-23 06:52:19 +00:00
crowdsec_bouncer_research_plan.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_full_implementation.md
Enhance documentation and testing plans
2025-12-14 02:45:24 +00:00
crowdsec_hotfix_plan.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_lapi_error_diagnostic.md
fix: enhance LAPI readiness checks and update related UI feedback
2025-12-15 07:30:35 +00:00
crowdsec_nonroot_fix_spec.md
doc: CrowdSec non-root migration fix specification and implementation plan
2025-12-22 02:43:19 +00:00
crowdsec_reconciliation_failure.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_startup_fix.md
fix(security): resolve CrowdSec startup permission failures
2025-12-23 02:30:22 +00:00
crowdsec_testing_plan.md
Enhance documentation and testing plans
2025-12-14 02:45:24 +00:00
crowdsec_toggle_fix_plan.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
current_spec.md
fix(security): enhance SSRF defense-in-depth with monitoring (CWE-918)
2025-12-31 21:17:08 +00:00
current_spec.md.backup_20251224_203906
fix(lint): resolve 20 gocritic, eslint, and type safety issues
2025-12-31 05:21:11 +00:00
db_corruption_guardrails_spec.md
feat: add SQLite database corruption guardrails
2025-12-17 16:53:38 +00:00
docker_socket_trace.md
fix: resolve Docker socket permissions and notification page routing
2025-12-22 21:58:20 +00:00
docs_to_issues_workflow.md
Enhance documentation and testing plans
2025-12-14 02:45:24 +00:00
frontend_coverage_boost.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
handler_test_optimization.md
chore: Optimize handler tests by implementing parallel execution, reducing AutoMigrate calls, and introducing helper functions for synchronization. Added a template database for faster test setup and created a new test_helpers.go file for common utilities. Updated multiple test files to utilize these improvements, enhancing overall test performance and reliability.
2025-12-21 06:01:47 +00:00
history_rewrite.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
import_cert_dashboard_spec.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
instruction_compliance_spec.md
feat: add instruction compliance audit report for Charon codebase
2025-12-20 20:53:25 +00:00
issue-365-additional-security.md
docs: add planning document for Issue #365 Additional Security
2025-12-21 10:26:21 -05:00
issue-365-remaining-work.md
docs: add CI failure fix plan and root cause analysis for WAF integration test
2025-12-23 06:26:53 +00:00
MIGRATION_UPDATE_SUMMARY.md
feat: migrate scripts to Agent Skills following agentskills.io specification
2025-12-20 20:37:16 +00:00
notification_page_trace.md
fix: resolve Docker socket permissions and notification page routing
2025-12-22 21:58:20 +00:00
post_rebuild_diagnostic.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
pr-434-docker-analysis.md
feat: Add Docker Workflow Analysis & Remediation Plan for PR #434
2025-12-21 14:20:13 +00:00
precommit_performance_fix_spec.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
prev_spec_archived_dec16.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
prev_spec_ci_investigation_dec18.md
fix: remove invalid trusted_proxies structure causing 500 error on proxy host save
2025-12-20 05:46:03 +00:00
prev_spec_docker_socket_500_dec23.md
fix(security): resolve CWE-918 SSRF vulnerability in notification service
2025-12-24 03:53:35 +00:00
prev_spec_i18n_language_selector_dec19.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
prev_spec_security_headers_persistence_dec18.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
prev_spec_standard_proxy_headers_dec19.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
prev_spec_test_coverage_dec24.md
chore: Implement CodeQL CI Alignment and Security Scanning
2025-12-24 14:35:33 +00:00
prev_spec_uiux_dec16.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
prev_spec_websocket_fix_dec16.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
prev_spec_xforwarded_port_investigation.md
fix: remove invalid trusted_proxies structure causing 500 error on proxy host save
2025-12-20 05:46:03 +00:00
qa_remediation.md
test: increase test coverage to 86.1% and fix SSRF test failures
2025-12-23 05:46:44 +00:00
rate_limiter_testing_plan.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
sample_orchestration_plan.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
SECURITY_COVERAGE_QA_PLAN.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
security_features_spec.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
security_headers_apply_preset_analysis.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
security_headers_investigation.md
fix: consolidate preset UI and fix field name mismatch
2025-12-19 18:55:48 +00:00
security_remediation_plan.md
chore: Implement CodeQL CI Alignment and Security Scanning
2025-12-24 14:35:33 +00:00
ssl_card_pending_fix.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
ssrf_handler_fix_spec.md
fix(security): complete SSRF remediation with defense-in-depth (CWE-918)
2025-12-23 20:52:01 +00:00
ssrf_remediation_spec.md
feat(security): comprehensive SSRF protection implementation
2025-12-23 15:09:22 +00:00
structure.md
chore: reorganize repository structure
2025-12-21 04:57:31 +00:00
test_coverage_plan_100_percent.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
test_coverage_plan_sqlite_corruption.md
fix: remove invalid trusted_proxies structure causing 500 error on proxy host save
2025-12-20 05:46:03 +00:00
ui_ux_bugfixes_spec.md
Enhance documentation and testing plans
2025-12-14 02:45:24 +00:00
uptime_monitoring_diagnosis.md
fix(monitoring): resolve uptime port mismatch for non-standard ports
2025-12-23 03:28:45 +00:00
url_test_security_fixes.md
fix: login page warnings and implement secure URL testing
2025-12-22 01:31:57 +00:00
url_testing_codeql_fix.md
fix(security): complete SSRF remediation with dual taint breaks (CWE-918)
2025-12-23 23:17:49 +00:00
user_handler_coverage_fix.md
test: increase test coverage to 86.1% and fix SSRF test failures
2025-12-23 05:46:44 +00:00
waf_integration_fix.md
fix(integration): resolve WAF test authentication order
2025-12-23 03:40:00 +00:00
waf_testing_plan.md
Enhance documentation and testing plans
2025-12-14 02:45:24 +00:00