Hongming Wang af9aae2c38 fix(security): cap webhook + config PATCH bodies (H3/H4) ... Two HIGH-severity DoS surfaces: both handlers read the entire HTTP body with io.ReadAll(r.Body) and no upper bound, so a caller streaming a multi-gigabyte request could exhaust memory on the tenant instance before we even validated the JSON. H3 (Discord webhook): wrap Body in io.LimitReader with a 1 MiB cap. Discord Interactions payloads are well under 10 KiB in practice. H4 (workspace config PATCH): wrap Body in http.MaxBytesReader with a 256 KiB cap. Real configs are <10 KiB; jsonb handles the cap comfortably. Returns 413 Request Entity Too Large on overflow. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>		2026-04-19 01:23:03 -07:00
..
cmd/server	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
internal	fix(security): cap webhook + config PATCH bodies (H3/H4)	2026-04-19 01:23:03 -07:00
migrations	Merge pull request #976 from Molecule-AI/feat/last-outbound-at-817	2026-04-19 00:30:01 -07:00
pkg/provisionhook	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
.gitignore	chore: final open-source cleanup — binary, stale paths, private refs	2026-04-18 00:38:55 -07:00
Dockerfile	fix: Dockerfile go.sum path after platform → workspace-server rename	2026-04-18 00:31:16 -07:00
Dockerfile.tenant	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
entrypoint-tenant.sh	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
go.mod	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
go.sum	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00