Skip to content

doc(loading): document security implications of using the loader#207

Merged
fredbi merged 1 commit into
go-openapi:masterfrom
fredbi:fix/vuln-loading
Jun 7, 2026
Merged

doc(loading): document security implications of using the loader#207
fredbi merged 1 commit into
go-openapi:masterfrom
fredbi:fix/vuln-loading

Conversation

@fredbi

@fredbi fredbi commented Jun 7, 2026

Copy link
Copy Markdown
Member

Expose security implications of the loader depending on the load strategy being selected.

Details available options to apply more restrictive policies on remote URLs or local file system access whenever needed.

Change type

Please select: 🆕 New feature or enhancement|🔧 Bug fix'|📃 Documentation update

Short description

Fixes

Full description

Checklist

  • I have signed all my commits with my name and email (see DCO. This does not require a PGP-signed commit
  • I have rebased and squashed my work, so only one commit remains
  • I have added tests to cover my changes.
  • I have properly enriched go doc comments in code.
  • I have properly documented any breaking change.

Expose security implications of the loader depending on the load
strategy being selected.

Details available options to apply more restrictive policies on remote
URLs or local file system access whenever needed.

Signed-off-by: Frederic BIDON <[email protected]>
@codecov

codecov Bot commented Jun 7, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 92.54%. Comparing base (3f77c79) to head (c26cd4e).
⚠️ Report is 1 commits behind head on master.
✅ All tests successful. No failed tests found.

Additional details and impacted files
@@           Coverage Diff           @@
##           master     #207   +/-   ##
=======================================
  Coverage   92.54%   92.54%           
=======================================
  Files          54       54           
  Lines        2603     2603           
=======================================
  Hits         2409     2409           
  Misses        148      148           
  Partials       46       46           

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

@fredbi fredbi enabled auto-merge (squash) June 7, 2026 11:00
@fredbi fredbi disabled auto-merge June 7, 2026 11:48
@fredbi fredbi merged commit 336c586 into go-openapi:master Jun 7, 2026
21 checks passed
@fredbi fredbi deleted the fix/vuln-loading branch June 7, 2026 11:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant