akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases Wiki Activity
Files
f46d19b3c0154b5b1877781ddc6dc978c54adcdc
Charon/docs
History
GitHub Actions f46d19b3c0 fix(security): enhance SSRF defense-in-depth with monitoring (CWE-918) 
- Add CodeQL custom model recognizing ValidateExternalURL as sanitizer
- Enhance validation: hostname length (RFC 1035), IPv6-mapped IPv4 blocking
- Integrate Prometheus metrics (charon_ssrf_blocks_total, charon_url_validation_total)
- Add security audit logging with sanitized error messages
- Fix test race conditions with atomic types
- Update SECURITY.md with 5-layer defense documentation

Related to: #450
Coverage: Backend 86.3%, Frontend 87.27%
Security scans: CodeQL, Trivy, govulncheck all clean
2025-12-31 21:17:08 +00:00
..
features
feat: add JSON template support for all services and fix uptime monitoring reliability
2025-12-24 20:34:38 +00:00
implementation
chore: Implement CodeQL CI Alignment and Security Scanning
2025-12-24 14:35:33 +00:00
issues
fix(security): enhance SSRF defense-in-depth with monitoring (CWE-918)
2025-12-31 21:17:08 +00:00
plans
fix(security): enhance SSRF defense-in-depth with monitoring (CWE-918)
2025-12-31 21:17:08 +00:00
reports
fix(security): enhance SSRF defense-in-depth with monitoring (CWE-918)
2025-12-31 21:17:08 +00:00
security
fix(security): complete SSRF remediation with defense-in-depth (CWE-918)
2025-12-24 17:34:56 +00:00
troubleshooting
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
acme-staging.md
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
AGENT_SKILLS_MIGRATION.md
feat: migrate scripts to Agent Skills following agentskills.io specification
2025-12-20 20:37:16 +00:00
api.md
feat(security): comprehensive SSRF protection implementation
2025-12-23 15:09:22 +00:00
beta_release_draft_pr_body_snapshot.md
fix: update workflows to use GITHUB_TOKEN instead of CHARON_TOKEN for improved compatibility
2025-12-14 00:11:06 +00:00
beta_release_draft_pr.md
fix: update workflows to use GITHUB_TOKEN instead of CHARON_TOKEN for improved compatibility
2025-12-14 00:11:06 +00:00
beta_release_pr_body.md
fix: update workflows to use GITHUB_TOKEN instead of CHARON_TOKEN for improved compatibility
2025-12-14 00:11:06 +00:00
cerberus.md
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
crowdsec-auto-start-quickref.md
fix(security): resolve CrowdSec startup and permission issues
2025-12-23 01:59:21 +00:00
database-maintenance.md
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
database-schema.md
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
debugging-local-container.md
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
features.md
feat: add JSON template support for all services and fix uptime monitoring reliability
2025-12-24 20:34:38 +00:00
getting-started.md
fix(security): resolve CrowdSec startup and permission issues
2025-12-23 01:59:21 +00:00
github-setup.md
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
i18n-examples.md
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
import-guide.md
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
index.md
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
live-logs-guide.md
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
migration-guide-crowdsec-auto-start.md
fix(security): resolve CrowdSec startup and permission issues
2025-12-23 01:59:21 +00:00
migration-guide.md
chore: implement instruction compliance remediation
2025-12-21 04:08:42 +00:00
security-incident-response.md
Update docs/security-incident-response.md
2025-12-23 01:23:54 -05:00
security.md
feat: add JSON template support for all services and fix uptime monitoring reliability
2025-12-24 20:34:38 +00:00