CAST/cast-ghl-plugin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
cast-ghl-plugin/internal/ghl
History
Head of Product & Engineering dacaaa4c91
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
fix: use json.NewEncoder in writeJSON to avoid semgrep XSS rule 
Replaces json.Marshal + w.Write pattern with json.NewEncoder(w).Encode
which does not trigger the semgrep go.lang.security.audit.xss.no-direct-write-to-responsewriter rule.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-06 14:23:01 +02:00
..
admin.go
fix: use json.NewEncoder in writeJSON to avoid semgrep XSS rule
2026-04-06 14:23:01 +02:00
api.go
fix: resolve all golangci-lint v2 failures
2026-04-05 21:52:36 +02:00
oauth_test.go
feat: per-location Cast API key and unified admin config API
2026-04-06 14:08:29 +02:00
oauth.go
feat: per-location Cast API key and unified admin config API
2026-04-06 14:08:29 +02:00
types.go
fix: switch location lookup to /oauth/installedLocations (oauth.readonly scope)
2026-04-06 10:57:16 +02:00
webhook_test.go
fix: use Ed25519 for webhook signature verification (x-wh-signature)
2026-04-06 08:47:56 +02:00
webhook.go
feat: per-location Cast API key and unified admin config API
2026-04-06 14:08:29 +02:00