Hongming Wang 762d3b8b2c test(ssrf): pin dev-mode RFC-1918 allow contract (follow-up to #2103) ... PR #2103 widened the SSRF saasMode branch to also relax RFC-1918 + ULA under MOLECULE_ENV=development (so the docker-compose dev pattern stops rejecting workspace registrations on 172.18.x.x bridge IPs). The existing TestIsSafeURL_DevMode_StillBlocksOtherRanges covered the security floor (metadata / TEST-NET / CGNAT stay blocked), but no test asserted the positive side — that 10.x / 172.x / 192.168.x / fd00:: ARE now allowed under dev mode. Without this test, a future refactor that quietly drops the `|| devModeAllowsLoopback()` from isPrivateOrMetadataIP wouldn't trip any assertion, and the docker-compose dev loop would silently re-break. Adds TestIsSafeURL_DevMode_AllowsRFC1918 — table of 4 URLs covering the three RFC-1918 IPv4 ranges + IPv6 ULA fd00::/8. Sets MOLECULE_DEPLOY_MODE=self-hosted explicitly so the test exercises the devMode branch, not a SaaS-mode pass. Closes the Optional finding I left on PR #2103. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>		2026-04-26 10:32:33 -07:00
..
cmd/server	feat(#1957): wire gh-identity plugin into workspace-server	2026-04-24 15:01:41 +00:00
internal	test(ssrf): pin dev-mode RFC-1918 allow contract (follow-up to #2103)	2026-04-26 10:32:33 -07:00
migrations	feat(a2a): queue-on-busy — Phase 1 of priority queue (#1870)	2026-04-23 14:09:29 -07:00
pkg/provisionhook	feat(#1957): wire gh-identity plugin into workspace-server	2026-04-24 15:01:41 +00:00
.ci-force
.gitignore
.golangci.yaml	chore(workspace-server): add golangci.yaml disabling errcheck	2026-04-24 07:16:54 +00:00
Dockerfile	chore: extract ContextMenu Zustand fix + a2a_proxy local-docker SSRF bypass + workspace-server Dockerfile GID entrypoint	2026-04-22 20:00:16 -07:00
Dockerfile.tenant
entrypoint-tenant.sh
go.mod	feat(#1957): wire gh-identity plugin into workspace-server	2026-04-24 15:01:41 +00:00
go.sum	feat(#1957): wire gh-identity plugin into workspace-server	2026-04-24 18:28:18 +00:00