Skip to content

Releases: zain534102/why-does-this-exist

v1.0.2 — Security Hardening

08 Apr 12:47
@zain534102 zain534102
v1.0.2
f9c8224

Choose a tag to compare

View all tags
v1.0.2 — Security Hardening Latest
Latest

Security Fixes

This release addresses 19 security findings from a comprehensive audit plus 4 residual findings discovered during re-audit.

Critical

High

  • SSRF prevention: GITHUB_API_BASE enforces HTTPS, rejects embedded credentials
  • SSRF prevention: Ollama and OpenAI base URLs validated (scheme, no credentials)
  • Credential protection: promptSecret() uses terminal raw mode — API keys no longer echoed
  • Credential protection: Fallback path no longer prints actual API keys to stdout
  • Input validation: --provider and --model CLI args validated at runtime

Medium

  • GitHub API error bodies no longer leaked in error messages
  • HTTP header injection via WDE_USER_AGENT blocked (CRLF check)
  • Path traversal protection in findFunctionLine() and searchFunction()
  • Integer config values validated with min/max bounds (prevents DoS via zero/NaN)
  • Auth validation logic bug fixed (no longer re-prompts for API key)
  • GitHub token cache invalidated after auth flow
  • Config file schema validated before merge

Low & Info

  • Input length capped on prompts, search pattern length capped
  • Warning for non-localhost HTTP Ollama hosts
  • Git SHAs validated before shell use
  • Request timeouts (15s) on all GitHub API calls
  • CI and publish workflows use batched test runner

Stats

  • 805 tests passing across 14 files
Assets 2
Loading

v1.0.1 — Security Hardening

08 Apr 12:45
@zain534102 zain534102
v1.0.1
74baa29

Choose a tag to compare

View all tags
v1.0.1 — Security Hardening

Security Fixes

This release addresses 19 security findings from a comprehensive audit plus 4 residual findings discovered during re-audit.

Critical

High

  • SSRF prevention: GITHUB_API_BASE now enforces HTTPS and rejects embedded credentials
  • SSRF prevention: Ollama and OpenAI base URLs validated (scheme, no credentials)
  • Credential protection: promptSecret() uses terminal raw mode — API keys are no longer echoed
  • Credential protection: Fallback path no longer prints actual API keys to stdout
  • Input validation: --provider and --model CLI args validated at runtime

Medium

  • GitHub API error bodies no longer leaked in error messages
  • HTTP header injection via WDE_USER_AGENT blocked (CRLF check)
  • Path traversal protection in findFunctionLine() and searchFunction()
  • Integer config values validated with min/max bounds (prevents DoS via zero/NaN)
  • Auth validation logic bug fixed (no longer re-prompts for API key)
  • GitHub token cache invalidated after auth flow
  • Config file schema validated before merge

Low

  • Input length capped at 1024 chars on prompts
  • Warning for non-localhost HTTP Ollama hosts
  • Git SHAs validated before shell use
  • Static env var map replaces dynamic key access
  • Search pattern length capped at 256 chars
  • Request timeouts (15s) on all GitHub API calls

Other

  • CI now uses batched test runner for proper mock.module isolation
  • Test runner shows combined totals across all batches
  • 805 tests passing
Loading