5f4eb9f9d0
- 新增 backend/.gosec.yaml 配置文件,排除 G704 (SSRF) 检查 - 更新 security-scan.yml workflow,使用 gosec 配置文件 - 原因:作为 API 网关平台,需要代理请求到配置的上游服务,所有上游 URL 来自管理员配置而非用户输入
8 lines
308 B
YAML
8 lines
308 B
YAML
global:
|
|
# Exclude G704 (SSRF via taint analysis) - this is an API gateway platform
|
|
# that by design proxies requests to configurable upstream services.
|
|
# All upstream URLs are sourced from admin-configured settings or known
|
|
# third-party API endpoints, not from end-user input.
|
|
exclude:
|
|
- G704
|