core/go-scm
8
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages Wiki Activity Actions 2
go-scm/pkg/api
History
Snider 175701fc93 fix(security): lock refreshMarketplace to canonical index path, isolate HOME in iter test 
- pkg/api/provider.go: remove refreshRequest struct and filepath-based
  sanitisation; always load marketplace/index.json via a package-level
  const so callers cannot influence which file is read (path traversal fix)
- forge/orgs_test.go: add t.Setenv("HOME", t.TempDir()) to
  TestClient_ListMyOrgsIter_Bad_ServerError to prevent config bleed
  between test runs

Co-Authored-By: Virgil <virgil@lethean.io>
2026-04-07 11:30:04 +01:00
..
ui/dist feat(ui): polish scm agent views 2026-04-02 07:04:25 +00:00
embed.go chore(ax): gofmt exported declaration comments 2026-03-30 05:44:09 +00:00
provider.go fix(security): lock refreshMarketplace to canonical index path, isolate HOME in iter test 2026-04-07 11:30:04 +01:00
provider_events_test.go fix(pkg/api): emit installed change events 2026-04-02 14:00:53 +00:00
provider_handlers_test.go fix(pkg/api): combine marketplace query and category filters 2026-04-01 06:40:27 +00:00
provider_security_test.go fix(security): harden installer, marketplace, and sync path handling 2026-03-23 14:32:11 +00:00
provider_test.go fix(review): address CodeRabbit PR #2 findings 2026-04-07 09:25:42 +01:00