harald/zeroclaw
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3
zeroclaw/src
History
Alex Gorevski 925a352454 fix(security): enforce HTTPS for sensitive data transmission 
Add URL scheme validation before HTTP requests that transmit sensitive
data (account IDs, phone numbers, user IDs). All endpoints already use
HTTPS URLs, but this explicit check satisfies CodeQL rust/cleartext-
transmission analysis and prevents future regressions if URLs are
changed.

Affected files: composio.rs, whatsapp.rs, qq.rs

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-02-18 20:03:02 -08:00
..
agent fix(providers): harden tool fallback and refresh model catalogs 2026-02-18 22:50:02 +08:00
approval refactor(sync): migrate remaining std mutex usage to parking_lot 2026-02-18 00:45:26 +08:00
auth fix(auth): rebase PR #200 onto main and restore auth CLI flow 2026-02-18 12:57:44 +08:00
channels fix(security): enforce HTTPS for sensitive data transmission 2026-02-18 20:03:02 -08:00
config fix(providers): harden tool fallback and refresh model catalogs 2026-02-18 22:50:02 +08:00
cost refactor(sync): migrate remaining std mutex usage to parking_lot 2026-02-18 00:45:26 +08:00
cron feat(mattermost): add mention_only config for @-mention filtering 2026-02-18 21:25:28 +08:00
daemon feat(channel): add mention_only option for Telegram groups 2026-02-18 19:51:42 +08:00
doctor fix(providers): harden tool fallback and refresh model catalogs 2026-02-18 22:50:02 +08:00
gateway feat(memory): add configurable postgres storage backend 2026-02-18 20:29:26 +08:00
hardware fix(agent): parse tool-call alias tags in channel runtime 2026-02-18 00:28:08 +08:00
health refactor(sync): migrate remaining std mutex usage to parking_lot 2026-02-18 00:45:26 +08:00
heartbeat test: deepen and complete project-wide test coverage (#297) 2026-02-16 05:58:24 -05:00
integrations feat(matrix): enable e2ee flow and add channel operations docs 2026-02-18 22:45:11 +08:00
memory feat(proxy): add scoped proxy configuration and docs runbooks 2026-02-18 22:10:42 +08:00
observability fix(observability): remove duplicate no-op observer event arms 2026-02-18 22:47:22 +08:00
onboard feat(onboard): add and harden Lark/Feishu wizard support 2026-02-19 10:37:47 +08:00
peripherals fix(agent): parse tool-call alias tags in channel runtime 2026-02-18 00:28:08 +08:00
providers fix(provider): polish kimi-code wiring and onboarding parity 2026-02-19 01:15:02 +08:00
rag chore(lint): extend low-risk clippy cleanup batch 2026-02-17 16:40:58 +08:00
runtime test(runtime): stabilize docker root mount assertion 2026-02-18 14:42:39 +08:00
security test(security): enforce lowercase token hex assertion 2026-02-18 16:56:45 +08:00
service fix(gateway): persist pairing tokens and honor docker config (#630) 2026-02-17 15:05:56 -05:00
skillforge fix(providers): use Bearer auth for Gemini CLI OAuth tokens 2026-02-15 14:32:33 -05:00
skills Merge remote-tracking branch 'origin/main' into feat/glm-provider 2026-02-17 13:27:58 -05:00
tools fix(security): enforce HTTPS for sensitive data transmission 2026-02-18 20:03:02 -08:00
tunnel feat(proxy): add scoped proxy configuration and docs runbooks 2026-02-18 22:10:42 +08:00
identity.rs test: cover deterministic HashMap ordering paths 2026-02-18 21:55:40 +08:00
lib.rs fix(auth): rebase PR #200 onto main and restore auth CLI flow 2026-02-18 12:57:44 +08:00
main.rs fix(providers): harden tool fallback and refresh model catalogs 2026-02-18 22:50:02 +08:00
migration.rs readd tests, remove markdown files 2026-02-18 14:42:39 +08:00
util.rs fix(channels): check response status in send() for Telegram, Slack, and Discord 2026-02-15 09:48:58 -05:00