public/headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2026-05-24 02:58:42 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
3e2aa5814edbb7c607a7c150de11bdc8310f8a21
headscale/hscontrol
History
Kristoffer Dalby 3e2aa5814e all: annotate gosec false positives with rationale 
Each //nolint:gosec carries the gosec code and one line on why
the finding is a false positive or already mitigated.

  G124 cookies (oidc.go x3, oidc_confirm_test.go)
    Secure is set conditionally on req.TLS != nil; HttpOnly and
    SameSiteStrictMode already on. gosec misses the conditional.
    Test fixture cookie is explicitly a test fixture.

  G705 (debug.go)
    templates.PingPage(...).Render() is a templ component that
    auto-escapes user input.

  G706 (scenario.go)
    Integration log emits trusted scenario state. The pre-built
    image G706 sites in hsic.go / tsic.go ride along with the
    earlier constants commit.

  G710 (app.go, tailsql.go)
    Redirect target is "trusted ServerURL prefix + path". gosec
    cannot see past the prefix.
2026-05-19 09:55:22 +02:00
..
assets
assets: fix logo alignment and error icon centering
2026-04-13 17:23:47 +01:00
capver
capver: regenerate for tailscale v1.96
2026-04-08 13:00:22 +01:00
db
all: mechanical lint fixes
2026-05-19 09:55:22 +02:00
derp
all: fix golangci-lint issues (#3064)
2026-02-06 21:45:32 +01:00
dns
Fix typo in comment about fsnotify behavior
2026-02-27 15:23:06 +01:00
mapper
all: mechanical lint fixes
2026-05-19 09:55:22 +02:00
policy
metrics, policy/v2: drop unused scaffolding + nil-error returns
2026-05-19 09:55:22 +02:00
servertest
state, servertest: property-test HA election + invariant catalogue
2026-05-18 17:18:08 +02:00
state
state, servertest: property-test HA election + invariant catalogue
2026-05-18 17:18:08 +02:00
templates
cmd, templates, integration: extract shared production constants
2026-05-19 09:55:22 +02:00
types
hscontrol: gate proxy header trust on trusted_proxies
2026-05-18 17:17:55 +02:00
util
hscontrol: route hostname handling through dnsname and NodeStore
2026-04-18 15:12:21 +01:00
app_test.go
app: add security headers middleware
2026-04-17 16:31:49 +01:00
app.go
all: annotate gosec false positives with rationale
2026-05-19 09:55:22 +02:00
auth_tags_test.go
hscontrol: preserve nil expiry on tailscaled restart
2026-05-13 17:06:16 +02:00
auth_test.go
state: avoid nil deref in registration handlers when old user is missing
2026-05-06 07:23:02 +01:00
auth.go
hscontrol: preserve nil expiry on tailscaled restart
2026-05-13 17:06:16 +02:00
debug.go
all: mechanical lint fixes
2026-05-19 09:55:22 +02:00
grpcv1_test.go
all: rephrase prose to fit codebase voice
2026-04-29 16:22:19 +01:00
grpcv1.go
policy/v2: evaluate the tests block on user-initiated writes
2026-05-12 11:54:54 +01:00
handlers_test.go
oidc: render HTML error pages for browser-facing failures
2026-04-13 17:23:47 +01:00
handlers.go
oidc: render HTML error pages for browser-facing failures
2026-04-13 17:23:47 +01:00
metrics.go
metrics, policy/v2: drop unused scaffolding + nil-error returns
2026-05-19 09:55:22 +02:00
noise_test.go
policy/v2: align SSH check action with SaaS wire format
2026-04-17 16:31:49 +01:00
noise.go
hscontrol: gate proxy header trust on trusted_proxies
2026-05-18 17:17:55 +02:00
oidc_confirm_test.go
all: annotate gosec false positives with rationale
2026-05-19 09:55:22 +02:00
oidc_template_test.go
oidc: render HTML error pages for browser-facing failures
2026-04-13 17:23:47 +01:00
oidc_test.go
oidc: make email verification configurable
2025-12-18 11:42:32 +00:00
oidc.go
all: annotate gosec false positives with rationale
2026-05-19 09:55:22 +02:00
platform_config.go
all: fix golangci-lint issues (#3064)
2026-02-06 21:45:32 +01:00
poll_test.go
poll: fix poll test linter violations
2026-03-12 01:27:34 -07:00
poll.go
types: add node.expiry config, deprecate oidc.expiry
2026-04-08 13:00:22 +01:00
realip_test.go
hscontrol: gate proxy header trust on trusted_proxies
2026-05-18 17:17:55 +02:00
realip.go
hscontrol: gate proxy header trust on trusted_proxies
2026-05-18 17:17:55 +02:00
tailsql.go
all: annotate gosec false positives with rationale
2026-05-19 09:55:22 +02:00
templates_consistency_test.go
Update links to Tailscale documentation
2026-04-18 09:33:41 +02:00