aiden
/
memos
mirror of https://github.com/usememos/memos
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
release-please--branches--main--components--memos
main
v0.0.1
v0.1.0
v0.1.1
v0.1.2
v0.1.3
v0.10.0
v0.10.1
v0.10.2
v0.10.3
v0.11.0
v0.11.1
v0.11.2
v0.12.0
v0.12.1
v0.12.2
v0.13.0
v0.13.1
v0.13.2
v0.14.0
v0.14.1
v0.14.2
v0.14.3
v0.14.4
v0.15.0
v0.15.1
v0.15.2
v0.16.0
v0.16.1
v0.17.0
v0.17.1
v0.18.0
v0.18.1
v0.18.2
v0.19.0
v0.19.1
v0.2.0
v0.2.1
v0.2.2
v0.20.0
v0.20.1
v0.21.0
v0.22.0
v0.22.1
v0.22.2
v0.22.3
v0.22.4
v0.22.5
v0.23.0
v0.23.0-rc.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.24.0
v0.24.1
v0.24.2
v0.24.3
v0.24.4
v0.25.0
v0.25.1
v0.25.2
v0.25.3
v0.26.0
v0.26.1
v0.26.2
v0.27.0
v0.27.0-rc.1
v0.27.0-rc.2
v0.27.1
v0.28.0
v0.29.0
v0.3.0
v0.3.1
v0.4.0
v0.4.1
v0.4.2
v0.4.3
v0.4.4
v0.4.5
v0.5.0
v0.6.0
v0.6.1
v0.7.0
v0.7.1
v0.7.2
v0.7.3
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.9.0
v0.9.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '150371d211'
${ noResults }
memos/server/router/api/v1
History
Steven 150371d211 fix(webhook): remediate SSRF vulnerability in webhook dispatcher 
- Add plugin/webhook/validate.go as single source of truth for SSRF
  protection: reserved CIDR list parsed once at init(), isReservedIP(),
  and exported ValidateURL() used at registration/update time
- Replace unguarded http.Client in webhook.go with safeClient whose
  Transport uses a custom DialContext that re-resolves hostnames at
  dial time, defeating DNS rebinding attacks
- Call webhook.ValidateURL() in CreateUserWebhook and both
  UpdateUserWebhook paths to reject non-http/https schemes and
  reserved/private IP targets before persisting
- Strip internal service response body from non-2xx error log messages
  to prevent data leakage via application logs
 		3 months ago
..
test chore: fix static check linter warnings 4 months ago
acl_config.go fix: allow guests to view public memo comments 5 months ago
acl_config_test.go refactor: user auth improvements (#5360) 5 months ago
activity_service.go fix: gracefully handle deleted memos in activity service to prevent inbox crashes 4 months ago
attachment_exif_test.go feat: implement EXIF metadata stripping for image uploads 4 months ago
attachment_service.go fix: add access control checks for attachments, comments, and reactions 4 months ago
auth_service.go feat: implement refresh token rotation with sliding window sessions in the auth service 5 months ago
auth_service_client_info_test.go refactor: remove deprecated Sessions and AccessTokens settings 5 months ago
common.go refactor: migrate HOST roles to ADMIN 4 months ago
connect_handler.go refactor: migrate to connect-rpc (#5338) 6 months ago
connect_interceptors.go fix: add nil check for AnyResponse in WrapUnary method to prevent caching issues 4 months ago
connect_services.go refactor: remove deprecated Sessions and AccessTokens settings 5 months ago
header_carrier.go fix(backend): correct generic type parameter in withHeaderCarrier helper 6 months ago
health_service.go refactor(store): remove deprecated migration_history table and backward compatibility code 6 months ago
idp_service.go refactor: migrate HOST roles to ADMIN 4 months ago
instance_service.go feat: update instance profile to use admin user instead of initialized flag 4 months ago
memo_attachment_service.go fix: add access control checks for attachments, comments, and reactions 4 months ago
memo_relation_service.go fix: replace echo.NewHTTPError with status.Errorf 4 months ago
memo_service.go fix: replace echo.NewHTTPError with status.Errorf 4 months ago
memo_service_converter.go refactor: rename workspace to instance throughout codebase 7 months ago
memo_service_filter.go refactor: deprecate old filter 10 months ago
reaction_service.go fix: add access control checks for attachments, comments, and reactions 4 months ago
resource_name.go refactor: nest reaction resource names under memos 5 months ago
shortcut_service.go fix: replace echo.NewHTTPError with status.Errorf 4 months ago
user_service.go fix(webhook): remediate SSRF vulnerability in webhook dispatcher 3 months ago
user_service_stats.go perf: optimize memory usage for statistics and image processing 5 months ago
v1.go chore: upgrade Echo v4 to v5.0.3 4 months ago