core/cli
8
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions 1
cli/pkg
History
Snider 3993d0583e Secure SSH and TLS connections, and fix CI issues 
Addresses security concerns from OWASP audit and CodeQL by enforcing strict
host key verification and TLS certificate verification.

Security Changes:
- Enforced strict SSH host key checking in pkg/container and devops.
- Removed insecure SSH host key verification from pkg/ansible.
- Added synchronous host key discovery during VM boot using ssh-keyscan.
- Updated UniFi client to enforce TLS certificate verification by default.
- Added --insecure flag and config option for UniFi to allow opt-in to
  skipping TLS verification for self-signed certificates.

CI and Maintenance:
- Fixed auto-merge workflow by providing repository context to 'gh' command.
- Resolved merge conflicts in .github/workflows/auto-merge.yml.
- Added unit tests for secured Ansible SSH client.
- Fixed formatting issues identified by QA checks.
2026-02-05 03:48:42 +00:00
..
agentic feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00
ai feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00
ansible Secure SSH commands and fix auto-merge CI failure 2026-02-05 03:26:50 +00:00
build Migrate pkg/build to io.Medium abstraction (#287) 2026-02-04 17:59:10 +00:00
cache chore(io): migrate pkg/cache to Medium abstraction (#288) 2026-02-04 15:15:46 +00:00
cli Migrate pkg/repos to Medium abstraction (#291) 2026-02-04 18:03:54 +00:00
collect feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00
config feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00
container Secure SSH and TLS connections, and fix CI issues 2026-02-05 03:48:42 +00:00
crypt feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00
deploy feat: wire release command, add tar.xz support, unified installers (#277) 2026-02-04 00:49:57 +00:00
devops Remove StrictHostKeyChecking=no and implement proper host key verification 2026-02-04 18:23:29 +00:00
errors feat(errors): Unify errors and logging (#180) 2026-02-02 06:48:40 +00:00
framework refactor(core): decompose Core into serviceManager + messageBus (#282) 2026-02-04 13:40:16 +00:00
git feat: git command, build improvements, and go fmt git-aware (#74) 2026-02-01 10:48:44 +00:00
gitea Secure SSH, fix CI auto-merge, and resolve merge conflicts 2026-02-05 03:40:28 +00:00
help feat: Batch implementation of Gemini issues (#176) 2026-02-02 04:20:18 +00:00
i18n Secure SSH and TLS connections, and fix CI issues 2026-02-05 03:48:42 +00:00
io fix(ci): gofmt base branch + auto-merge permissions (#323) 2026-02-04 18:38:41 +00:00
log feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00
mcp feat(io): Migrate pkg/mcp to use Medium abstraction (#289) 2026-02-04 15:02:47 +00:00
plugin feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00
process feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00
rag style: fix gofmt formatting across all affected files (#279) 2026-02-04 01:27:01 +00:00
release Migrate pkg/build to io.Medium abstraction (#287) 2026-02-04 17:59:10 +00:00
repos Migrate pkg/repos to Medium abstraction (#291) 2026-02-04 18:03:54 +00:00
unifi Secure SSH and TLS connections, and fix CI issues 2026-02-05 03:48:42 +00:00