mirror of
https://github.com/shankar0123/certctl.git
synced 2026-06-07 13:41:30 +00:00
shankar0123
305c7dc851
Update README, architecture guide, and feature inventory to document all changes from the security remediation pass (17 tickets): - README: Add CI pipeline section (race detection, golangci-lint, govulncheck, per-layer coverage thresholds), CORS deny-by-default behavior, input validation, SSRF protection, scheduler concurrency safety. Update test count to 1050+. Add race detection and govulncheck to development commands. - Architecture guide: Update testing strategy with scheduler tests, fuzz tests, and revised CI pipeline description. Add security model sections for input validation, CORS, and concurrency safety. Update test count. - Feature inventory: Document CORS deny-by-default behavior. - SECURITY_REMEDIATION.md: New file documenting all 17 remediated tickets with CWE classifications, before/after behavior, 3 deferred tickets with rationale, CI pipeline changes, and breaking CORS change. Missing docs flagged as future additions: - Formal threat model document - Disaster recovery runbook - Version upgrade guide - Capacity planning benchmarks Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>