akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 14 Packages Projects Releases Wiki Activity
Files
dcdc4e03b8e9679038a9d21751ad70506d94974a
Charon/docs/reports
History
GitHub Actions f46d19b3c0 fix(security): enhance SSRF defense-in-depth with monitoring (CWE-918) 
- Add CodeQL custom model recognizing ValidateExternalURL as sanitizer
- Enhance validation: hostname length (RFC 1035), IPv6-mapped IPv4 blocking
- Integrate Prometheus metrics (charon_ssrf_blocks_total, charon_url_validation_total)
- Add security audit logging with sanitized error messages
- Fix test race conditions with atomic types
- Update SECURITY.md with 5-layer defense documentation

Related to: #450
Coverage: Backend 86.3%, Frontend 87.27%
Security scans: CodeQL, Trivy, govulncheck all clean
2025-12-31 21:17:08 +00:00
..
cerberus_live_logs_qa_report.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
ci_failure_diagnosis.md
fix: enhance LAPI readiness checks and update related UI feedback
2025-12-15 07:30:35 +00:00
compliance_qa_report.md
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
coverage_gap_analysis.md
test: add comprehensive frontend tests for Public URL and invite preview features
2025-12-23 16:32:19 +00:00
coverage_verification.md
test: add comprehensive frontend tests for Public URL and invite preview features
2025-12-23 16:32:19 +00:00
crowdsec_app_level_config.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_bouncer_field_investigation.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_final_validation_20251215.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_final_validation.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_fix_deployment.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_integration_summary.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
crowdsec_migration_qa_report.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_production_ready_20251215_205500.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_trusted_proxies_fix.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec_validation_final.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
crowdsec-preset-fix-summary.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
crowdsec-preset-pull-apply-debug.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
definition_of_done_report.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
FINAL_VERIFICATION_SSRF_REMEDIATION.md
fix(security): complete SSRF remediation with dual taint breaks (CWE-918)
2025-12-23 23:17:49 +00:00
HOTFIX_CROWDSEC_INTEGRATION_ISSUES.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
HTTP_HEADER_SCAN.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
implementation_notes.md
Add ImportSuccessModal tests, enhance AuthContext for token management, and improve useImport hook
2025-12-12 00:05:15 +00:00
precommit_fix_verification.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
precommit_performance_diagnosis.md
fix: remove invalid trusted_proxies structure causing 500 error on proxy host save
2025-12-20 05:46:03 +00:00
qa_agent_skills_migration.md
feat: migrate scripts to Agent Skills following agentskills.io specification
2025-12-20 20:37:16 +00:00
qa_codeql_ci_alignment.md
chore: Implement CodeQL CI Alignment and Security Scanning
2025-12-24 14:35:33 +00:00
qa_crowdsec_frontend_coverage_report.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
qa_crowdsec_implementation.md
Enhance documentation and testing plans
2025-12-14 02:45:24 +00:00
qa_crowdsec_lapi_availability_fix.md
fix: enhance LAPI readiness checks and update related UI feedback
2025-12-15 07:30:35 +00:00
qa_crowdsec_startup_test_failure.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
qa_crowdsec_toggle_fix_summary.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
qa_cwe918_ssrf_triage.md
fix(security): resolve CWE-918 SSRF vulnerability in notification service
2025-12-24 03:53:35 +00:00
qa_final_crowdsec_validation.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
qa_i18n_report.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
qa_race_and_test_failures_2025-12-12.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
qa_report_bulk_apply_headers.md
feat: add security header profiles to bulk apply
2025-12-20 15:19:06 +00:00
qa_report_capi_fix.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
qa_report_crowdsec_architecture.md
fix: enhance LAPI readiness checks and update related UI feedback
2025-12-15 07:30:35 +00:00
qa_report_crowdsec_markdownlint_20251212.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
qa_report_crowdsec_startup_fix.md
fix(security): resolve CrowdSec startup and permission issues
2025-12-23 01:59:21 +00:00
qa_report_crowdsec_verification.md
fix(crowdsec): resolve non-root container migration issues
2025-12-22 04:03:04 +00:00
qa_report_docker_tag_fix_pr421.md
fix: use PR number instead of ref_name for Docker image tags
2025-12-17 20:00:44 +00:00
qa_report_final.md
test: increase test coverage to 86.1% and fix SSRF test failures
2025-12-23 05:46:44 +00:00
qa_report_geoip_v2.md
fix: enhance LAPI readiness checks and update related UI feedback
2025-12-15 07:30:35 +00:00
qa_report_i18n.md
fix: remove invalid trusted_proxies structure causing 500 error on proxy host save
2025-12-20 05:46:03 +00:00
qa_report_issue20_security_headers.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
qa_report_issue365.md
feat(docs): add comprehensive container hardening configuration and validation steps
2025-12-23 06:52:19 +00:00
qa_report_proxy_host_update_fix.md
fix: remove invalid trusted_proxies structure causing 500 error on proxy host save
2025-12-20 05:46:03 +00:00
qa_report_rate_limiting_20251212.md
Fix Rate Limiting Issues
2025-12-12 19:21:44 +00:00
qa_report_sidebar_ui.md
feat: improve sidebar and header UX with scrollable navigation and fixed header
2025-12-21 21:04:13 +00:00
qa_report_ssrf_fix.md
fix(security): complete SSRF remediation with dual taint breaks (CWE-918)
2025-12-23 23:17:49 +00:00
qa_report_standard_proxy_headers.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
qa_report.md
fix(lint): resolve 20 gocritic, eslint, and type safety issues
2025-12-31 05:21:11 +00:00
qa_security_headers_fix_2025-12-18.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
qa_security_weekly_workflow.md
feat: add weekly security workflow implementation and documentation
2025-12-14 02:03:38 +00:00
qa_ssrf_remediation_final.md
fix(security): enhance SSRF defense-in-depth with monitoring (CWE-918)
2025-12-31 21:17:08 +00:00
qa_ssrf_remediation_report.md
feat(security): comprehensive SSRF protection implementation
2025-12-23 15:09:22 +00:00
qa_summary_sidebar_ui.md
feat: improve sidebar and header UX with scrollable navigation and fixed header
2025-12-21 21:04:13 +00:00
qa_test_coverage_audit.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
qa_uiux_testing_report.md
Enhance documentation and testing plans
2025-12-14 02:45:24 +00:00
rate_limit_fix_summary.md
Enhance documentation and testing plans
2025-12-14 02:45:24 +00:00
rate_limit_test_status.md
fix: enhance LAPI readiness checks and update related UI feedback
2025-12-15 07:30:35 +00:00
security_headers_bug_fix_summary.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
security_headers_trace.md
fix: add missing field handlers in proxy host Update endpoint
2025-12-20 01:55:52 +00:00
SSRF_DOCUMENTATION_UPDATE_SUMMARY.md
fix(security): eliminate SSRF vulnerability in URL connectivity testing (CWE-918)
2025-12-23 17:10:12 +00:00