• Home
  • Features
  • Pricing
  • Docs
  • Announcements
  • Sign In

ukeeper / ukeeper-readability
78%
master: 78%

Build:
Build:
LAST BUILD BRANCH: fix/docker-gha-cache
DEFAULT BRANCH: master
Repo Added 24 Apr 2022 10:34PM UTC
Token PvVP7XZODHNMukB1VLWbVHHC4V09CWSI6 regen
Build 273 Last
Files 9
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst

LAST BUILD ON BRANCH fix-top3-review
branch: fix-top3-review
CHANGE BRANCH
x
Reset
Sync Branches
  • fix-top3-review
  • ci-dockerhub-soft-fail
  • ci/workflow-hardening
  • cleaner_frontend_structure
  • dependabot/docker/node-22
  • dependabot/github_actions/github-actions-updates-14cb627f6c
  • dependabot/github_actions/github-actions-updates-1ee787ebfb
  • dependabot/github_actions/github-actions-updates-5714300483
  • dependabot/github_actions/github-actions-updates-640176b5ab
  • dependabot/github_actions/github-actions-updates-7aa8621bec
  • dependabot/github_actions/github-actions-updates-afd9e15987
  • dependabot/go_modules/backend/go-modules-updates-08b33d1c25
  • dependabot/go_modules/backend/go-modules-updates-0bc617739e
  • dependabot/go_modules/backend/go-modules-updates-407dd4786b
  • dependabot/go_modules/backend/go-modules-updates-5e29427af7
  • dependabot/go_modules/backend/go-modules-updates-5e519fa3dd
  • dependabot/go_modules/backend/go-modules-updates-71a6db2b89
  • dependabot/go_modules/backend/go-modules-updates-751992312c
  • dependabot/go_modules/backend/go-modules-updates-a616c34cc0
  • dependabot/go_modules/backend/go-modules-updates-c1eb5b8ad9
  • dependabot/go_modules/backend/go-modules-updates-c2169da76e
  • dependabot/go_modules/backend/go-modules-updates-d01d85479d
  • dependabot/go_modules/backend/go-modules-updates-d6af324dbd
  • dependabot/go_modules/backend/go-modules-updates-ec788c1f9d
  • dependabot/go_modules/backend/go-modules-updates-f885172778
  • dependabot/go_modules/backend/golang.org/x/crypto-0.31.0
  • dependabot/go_modules/backend/golang.org/x/net-0.36.0
  • dependabot/go_modules/go-modules-updates-0b36ab2f83
  • dependabot/npm_and_yarn/frontend/npm-development-modules-updates-89027bf77e
  • dependabot/npm_and_yarn/frontend/npm-development-modules-updates-e6f6ae78c6
  • deps/update-latest-go1.25
  • fix-cf-maxretries-doc
  • fix/docker-gha-cache
  • fix/image-fetch-streaming
  • fix/ssrf-ip-guard
  • fix/textarea-crlf
  • generic-updates
  • htmx
  • master
  • modularise-retrieval
  • openai-auto-extraction
  • openai_rules_generator
  • openai_rules_improver
  • paskal/bump_modules
  • paskal/clarify_comment
  • paskal/cleanup_readme
  • paskal/fix_build
  • paskal/improve_docker_compose
  • paskal/index_to_htmx
  • paskal/migrate_to_htmx
  • paskal/offline_tests
  • paskal/remove_edit_html
  • paskal/return_rule_id_on_update
  • paskal/safe_password_check
  • refs/tags/v0.1.0
  • refs/tags/v0.1.1
  • refs/tags/v0.1.2
  • refs/tags/v0.2.0
  • remove-jquery
  • remove_chi
  • typos_fixes
  • umputun/add-chatgpt-endpoints
  • update-deps-2026-04-11
  • worktree-ci-hardening

03 Jul 2026 03:48AM UTC coverage: 77.973% (+0.03%) from 77.947%
28679477920

Pull #82

github

paskal
Fix top-3 review findings: SSRF, textarea CRLF corruption, image fetch

Block SSRF via user-supplied URLs. Extraction and image fetches now
reject targets resolving to loopback, private, link-local or other
non-public addresses via a net.Dialer Control hook (checks the actual
IP at connect time, so it also covers redirects and DNS rebinding).
Gated by BlockPrivateNetworks, wired on in main; default stays permissive
so httptest-based tests keep working. `POST /api/extract` was and remains
unauthenticated, so this is the real mitigation.

Stop corrupting multi-line rule fields. saveRule split match_url,
excludes and test_urls on "\n" only, so browser-submitted \r\n left a
trailing \r on every entry and blank lines became empty strings. New
splitTrimLines trims and drops empties; handlePreview reuses it.

Rework image sizing. getImageSize buffered every image fully into memory
with a fresh client per image, no context and unbounded per-page
goroutines. Now it streams to io.Discard behind an io.LimitReader (10MB
cap), shares one client, honors the request context and caps concurrency
at 8 probes per page.
Pull Request #82: Fix top-3 review findings: SSRF, textarea CRLF corruption, image fetch

60 of 69 new or added lines in 6 files covered. (86.96%)

800 of 1026 relevant lines covered (77.97%)

9.57 hits per line

Relevant lines Covered
Build:
Build:
1026 RELEVANT LINES 800 COVERED LINES
9.57 HITS PER LINE
Source Files on fix-top3-review
  • Tree
  • List 10
  • Changed 5
  • Source Changed 0
  • Coverage Changed 5
Coverage ∆ File Lines Relevant Covered Missed Hits/Line

Recent builds

Builds Branch Commit Type Ran Committer Via Coverage
28679477920 fix-top3-review Fix top-3 review findings: SSRF, textarea CRLF corruption, image fetch Block SSRF via user-supplied URLs. Extraction and image fetches now reject targets resolving to loopback, private, link-local or other non-public addresses via a net.Dialer Co... Pull #82 03 Jul 2026 07:19PM UTC paskal github
77.97
See All Builds (213)

Badge your Repo: ukeeper-readability

We detected this repo isn’t badged! Grab the embed code to the right, add it to your repo to show off your code coverage, and when the badge is live hit the refresh button to remove this message.

Could not find badge in README.

Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst

Refresh
  • Settings
  • Repo on GitHub
STATUS · Troubleshooting · Open an Issue · Sales · Support · CAREERS · ENTERPRISE · START FREE · SCHEDULE DEMO
ANNOUNCEMENTS · TWITTER · TOS & SLA · Supported CI Services · What's a CI service? · Automated Testing

© 2026 Coveralls, Inc