Added Go native fuzz tests (testing/fuzz) for security-critical input validation:
1. FuzzValidateShellCommand in internal/validation/command_fuzz_test.go
- Tests shell command validation with injection payloads (;, |, &, $, `, etc.)
- Seed corpus includes valid commands and dangerous metacharacters
- Ensures function never panics under fuzzing
2. FuzzValidateDomainName in internal/validation/command_fuzz_test.go
- Tests RFC 1123 domain validation with wildcard support
- Seed corpus includes SQL injection, path traversal, and malformed domains
- Ensures function never panics under fuzzing
3. FuzzValidateACMEToken in internal/validation/command_fuzz_test.go
- Tests base64url token validation
- Seed corpus includes injection payloads and special characters
- Ensures function never panics under fuzzing
4. FuzzIsValidRevocationReason in internal/domain/revocation_fuzz_test.go
- Tests RFC 5280 revocation reason validation
- Seed corpus includes case variations, injection attempts, and null bytes
- Ensures function never panics and returns only valid booleans
5. FuzzCRLReasonCode in internal/domain/revocation_fuzz_test.go
- Tests CRL reason code mapping
- Validates return codes are within 0-9 range
- Ensures invalid reasons default to 0 (unspecified)
All fuzz tests follow Go 1.18+ testing/fuzz conventions with seed corpus
for faster discovery of edge cases.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Added TestSlack_ClientHasTimeout to verify 10-second timeout
- Added TestTeams_ClientHasTimeout to verify 10-second timeout
- Added TestPagerDuty_ClientHasTimeout to verify 10-second timeout
- Added TestOpsGenie_ClientHasTimeout to verify 10-second timeout
- All notifiers already configured with 10 second timeout in New()
- Tests verify timeout is set and matches expected value
shankar0123