NotAShelf/circus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
circus/crates/common
History
NotAShelf aa4ebf2f5b
 various: harden input validation; add SSRF protection; fix default API key role 
Default API key role was "admin", which was something that I forgot to fix during testing. We
change it to "read-only". 

Additionally repository URLs now reject `file://` scheme (another testing artifact) localhost,
private IP ranges, and cloud metadata endpoints. Nix expressions reject path traversal (`..`)
and absolute paths. Validation is called at the evaluator endtrypoint before command construction.

Signed-off-by: NotAShelf <raf@notashelf.dev>
Change-Id: I35729c6aa9ec4ff8d1ea19bd57ea93646a6a6964
2026-02-15 23:37:49 +03:00
..
migrations fc-common: add build_metrics table and repository 2026-02-14 18:08:16 +03:00
src various: harden input validation; add SSRF protection; fix default API key role 2026-02-15 23:37:49 +03:00
tests various: update tests for jobset state field changes 2026-02-08 22:23:19 +03:00
Cargo.toml chore: bump MSRV to 1.95 for nightly Rust 2026-02-08 22:23:12 +03:00