shankar0123 fd6f236a5c fix(security): TICKET-013 filter reserved IP ranges in network scanner ...

- Added isReservedIP() function to detect loopback, link-local, multicast, broadcast ranges
- Blocks 127.0.0.0/8 (loopback), 169.254.0.0/16 (link-local/cloud metadata), 224.0.0.0/4 (multicast), 255.255.255.255
- Preserves RFC1918 private ranges (10.x, 172.16.x, 192.168.x) for self-hosted scenarios
- Updated expandCIDR() to filter reserved IPs during CIDR expansion
- Updated expandEndpoints() to log warnings when reserved ranges are filtered
- Added 16 comprehensive tests covering loopback, link-local, multicast filtering
- Tests verify private ranges and public IPs are not blocked
- Tests verify single IP filtering and bulk CIDR expansion filtering

2026-03-27 21:36:10 -04:00

..

api

fix(quality): TICKET-012 propagate request context instead of context.Background()

2026-03-27 21:35:22 -04:00

cli

feat: M17 OpenSSL/Custom CA issuer connector + M16b CLI tool with bulk import

2026-03-23 18:12:40 -04:00

config

fix(security): TICKET-009 add HTTP timeouts to notifier clients

2026-03-27 21:33:31 -04:00

connector

fix(quality): TICKET-012 propagate request context instead of context.Background()

2026-03-27 21:35:22 -04:00

domain

feat: M25 post-deployment TLS verification + M26 Traefik/Caddy targets

2026-03-27 21:07:16 -04:00

integration

fix: use context.Context instead of interface{} in VerificationService interface

2026-03-27 21:13:48 -04:00

mcp

fix: Go 1.25 upgrade, codebase audit fixes, MCP server tests

2026-03-23 17:36:25 -04:00

repository

feat: add network certificate discovery (M21) and Prometheus metrics (M22)

2026-03-24 23:37:47 -04:00

scheduler

fix(reliability): TICKET-002 add scheduler idempotency guards and graceful shutdown

2026-03-27 21:34:07 -04:00

service

fix(security): TICKET-013 filter reserved IP ranges in network scanner

2026-03-27 21:36:10 -04:00

validation

fix(security): TICKET-009 add HTTP timeouts to notifier clients

2026-03-27 21:33:31 -04:00