feat(security): security hardening, proxy support, and GL045 HTTP include warning
Security fixes: - Path traversal guard in include: local: — paths with ../ that escape the repo root are rejected instead of reading arbitrary host files - HTTP timeout (30 s) on all fetcher requests to prevent indefinite hangs - Response size cap (10 MiB) via io.LimitReader to prevent memory exhaustion - Cache directory and file permissions tightened to 0700/0600 - LSP Content-Length cap (64 MiB) to guard against DoS from a malicious client New feature: - --proxy flag on check, graph, and lsp subcommands; also proxy: key in .glint.yml; overrides system HTTP_PROXY / HTTPS_PROXY env vars when set; cmdGraph and cmdLSP now also load .glint.yml for proxy/token/url fallbacks New lint rule: - GL045 (Warning): include: remote: using plain http:// instead of https:// Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -38,6 +38,12 @@ type Config struct {
|
||||
// CacheDir is the default directory for caching fetched remote includes.
|
||||
// Overridden by the --cache-dir flag.
|
||||
CacheDir string `yaml:"cache_dir"`
|
||||
|
||||
// Proxy is the HTTP proxy URL for fetching remote includes and GitLab API
|
||||
// calls (e.g. "http://proxy.example.com:8080"). Overridden by the --proxy
|
||||
// flag. When empty, system proxy settings (HTTP_PROXY / HTTPS_PROXY /
|
||||
// NO_PROXY env vars) are used automatically.
|
||||
Proxy string `yaml:"proxy"`
|
||||
}
|
||||
|
||||
// Load searches for a .glint.yml file starting from dir and walking up toward
|
||||
|
||||
Reference in New Issue
Block a user