Skip to content

Add GitHub Actions CI workflow#3

Merged
0xeb merged 1 commit intomainfrom
feature/add-ci
Nov 24, 2025
Merged

Add GitHub Actions CI workflow#3
0xeb merged 1 commit intomainfrom
feature/add-ci

Conversation

@0xeb
Copy link
Copy Markdown
Owner

@0xeb 0xeb commented Nov 24, 2025

Summary

  • Adds comprehensive CI with GitHub Actions
  • 6 jobs: 3 platforms (Linux, Windows, macOS) × 2 build types (Debug, Release)
  • Examples and tests enabled
  • FetchContent caching for faster subsequent builds

Test plan

  • All 6 CI jobs pass
  • Tests run successfully on all platforms
  • Examples compile on all platforms

@0xeb
Add GitHub Actions CI workflow
74f743b 
Adds comprehensive CI with:
- 3 platforms: Linux, Windows, macOS
- 2 build types: Debug and Release
- Examples and tests enabled
- FetchContent caching for faster builds
@0xeb 0xeb merged commit 9ce4190 into main Nov 24, 2025
6 checks passed
@0xeb 0xeb deleted the feature/add-ci branch November 24, 2025 21:55
0xeb added a commit that referenced this pull request Nov 30, 2025
@0xeb
Add payload and timeout limits to HTTP/SSE servers
d219e10 
Addresses security audit issue #3: Unbounded request body parsing

- Set 10MB max payload length to prevent memory exhaustion
- Add 30 second read/write timeouts to prevent slowloris attacks
- Applied to both HttpServerWrapper and SseServerWrapper

This prevents DoS attacks via large request bodies or slow clients.
0xeb added a commit that referenced this pull request Nov 30, 2025
@0xeb
Add test for payload size limits (security issue #3)
955b97f
0xeb added a commit that referenced this pull request Nov 30, 2025
@0xeb
Security hardening and test coverage improvements
2cd0d34 
This commit addresses multiple security vulnerabilities and adds
comprehensive test coverage for HTTP client API integration.

Security Fixes:
- Add payload and timeout limits to HTTP/SSE servers (issue #3)
- Fix SSE session security with crypto-random IDs and session binding (issue #2)
- Add optional authentication and restrict CORS (issue #1)
- Fix HTTP client scheme handling and disable redirects (issue #4)
- Add security middleware for logging, rate limiting, and concurrency control (issue #5)

Test Coverage:
- Add HTTP client API integration tests (not LoopbackTransport)
- Add SSE HTTP integration tests with real network stack
- Fix SSE server test to extract and use session_id

All 45 tests passing (100% pass rate)
@0xeb 0xeb mentioned this pull request Nov 30, 2025
Merged
2 tasks
0xeb added a commit that referenced this pull request Nov 30, 2025
@0xeb
Security hardening and test coverage improvements
1672957 
This commit addresses multiple security vulnerabilities and adds
comprehensive test coverage for HTTP client API integration.

Security Fixes:
- Add payload and timeout limits to HTTP/SSE servers (issue #3)
- Fix SSE session security with crypto-random IDs and session binding (issue #2)
- Add optional authentication and restrict CORS (issue #1)
- Fix HTTP client scheme handling and disable redirects (issue #4)
- Add security middleware for logging, rate limiting, and concurrency control (issue #5)

Test Coverage:
- Add HTTP client API integration tests (not LoopbackTransport)
- Add SSE HTTP integration tests with real network stack
- Fix SSE server test to extract and use session_id

All 45 tests passing (100% pass rate)
0xeb added a commit that referenced this pull request Nov 30, 2025
@0xeb
Security hardening and test coverage improvements
997bd95 
This commit addresses multiple security vulnerabilities and adds
comprehensive test coverage for HTTP client API integration.

Security Fixes:
- Add payload and timeout limits to HTTP/SSE servers (issue #3)
- Fix SSE session security with crypto-random IDs and session binding (issue #2)
- Add optional authentication and restrict CORS (issue #1)
- Fix HTTP client scheme handling and disable redirects (issue #4)
- Add security middleware for logging, rate limiting, and concurrency control (issue #5)

Test Coverage:
- Add HTTP client API integration tests (not LoopbackTransport)
- Add SSE HTTP integration tests with real network stack
- Fix SSE server test to extract and use session_id

All 45 tests passing (100% pass rate)
0xeb added a commit that referenced this pull request Nov 30, 2025
@0xeb
Security hardening and test coverage improvements
c1902cd 
This commit addresses multiple security vulnerabilities and adds
comprehensive test coverage for HTTP client API integration.

Security Fixes:
- Add payload and timeout limits to HTTP/SSE servers (issue #3)
- Fix SSE session security with crypto-random IDs and session binding (issue #2)
- Add optional authentication and restrict CORS (issue #1)
- Fix HTTP client scheme handling and disable redirects (issue #4)
- Add security middleware for logging, rate limiting, and concurrency control (issue #5)

Test Coverage:
- Add HTTP client API integration tests (not LoopbackTransport)
- Add SSE HTTP integration tests with real network stack
- Fix SSE server test to extract and use session_id

All 45 tests passing (100% pass rate)
0xeb added a commit that referenced this pull request Nov 30, 2025
@0xeb
Security hardening and test coverage improvements
e34ba04 
This commit addresses multiple security vulnerabilities and adds
comprehensive test coverage for HTTP client API integration.

Security Fixes:
- Add payload and timeout limits to HTTP/SSE servers (issue #3)
- Fix SSE session security with crypto-random IDs and session binding (issue #2)
- Add optional authentication and restrict CORS (issue #1)
- Fix HTTP client scheme handling and disable redirects (issue #4)
- Add security middleware for logging, rate limiting, and concurrency control (issue #5)

Test Coverage:
- Add HTTP client API integration tests (not LoopbackTransport)
- Add SSE HTTP integration tests with real network stack
- Fix SSE server test to extract and use session_id

All 45 tests passing (100% pass rate)
0xeb added a commit that referenced this pull request Nov 30, 2025
@0xeb
Security hardening and test coverage improvements
b3597a6 
This commit addresses multiple security vulnerabilities and adds
comprehensive test coverage for HTTP client API integration.

Security Fixes:
- Add payload and timeout limits to HTTP/SSE servers (issue #3)
- Fix SSE session security with crypto-random IDs and session binding (issue #2)
- Add optional authentication and restrict CORS (issue #1)
- Fix HTTP client scheme handling and disable redirects (issue #4)
- Add security middleware for logging, rate limiting, and concurrency control (issue #5)

Test Coverage:
- Add HTTP client API integration tests (not LoopbackTransport)
- Add SSE HTTP integration tests with real network stack
- Fix SSE server test to extract and use session_id

All 45 tests passing (100% pass rate)
0xeb added a commit that referenced this pull request Nov 30, 2025
@0xeb
Security hardening and test coverage improvements
0709253 
This commit addresses multiple security vulnerabilities and adds
comprehensive test coverage for HTTP client API integration.

Security Fixes:
- Add payload and timeout limits to HTTP/SSE servers (issue #3)
- Fix SSE session security with crypto-random IDs and session binding (issue #2)
- Add optional authentication and restrict CORS (issue #1)
- Fix HTTP client scheme handling and disable redirects (issue #4)
- Add security middleware for logging, rate limiting, and concurrency control (issue #5)

Test Coverage:
- Add HTTP client API integration tests (not LoopbackTransport)
- Add SSE HTTP integration tests with real network stack
- Fix SSE server test to extract and use session_id

All 45 tests passing (100% pass rate)
0xeb added a commit that referenced this pull request Nov 30, 2025
@0xeb
Security hardening and test coverage improvements
f4b7b0d 
This commit addresses multiple security vulnerabilities and adds
comprehensive test coverage for HTTP client API integration.

Security Fixes:
- Add payload and timeout limits to HTTP/SSE servers (issue #3)
- Fix SSE session security with crypto-random IDs and session binding (issue #2)
- Add optional authentication and restrict CORS (issue #1)
- Fix HTTP client scheme handling and disable redirects (issue #4)
- Add security middleware for logging, rate limiting, and concurrency control (issue #5)

Test Coverage:
- Add HTTP client API integration tests (not LoopbackTransport)
- Add SSE HTTP integration tests with real network stack
- Fix SSE server test to extract and use session_id

All 45 tests passing (100% pass rate)
0xeb added a commit that referenced this pull request Dec 1, 2025
@0xeb
Security hardening and test coverage improvements (#14)
35bc40b 
This commit addresses multiple security vulnerabilities and adds
comprehensive test coverage for HTTP client API integration.

Security Fixes:
- Add payload and timeout limits to HTTP/SSE servers (issue #3)
- Fix SSE session security with crypto-random IDs and session binding (issue #2)
- Add optional authentication and restrict CORS (issue #1)
- Fix HTTP client scheme handling and disable redirects (issue #4)
- Add security middleware for logging, rate limiting, and concurrency control (issue #5)

Test Coverage:
- Add HTTP client API integration tests (not LoopbackTransport)
- Add SSE HTTP integration tests with real network stack
- Fix SSE server test to extract and use session_id

All 45 tests passing (100% pass rate)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@0xeb