claw
db7b7e66bf
PR Ready Gate / clear-labels (pull_request) Successful in 2s
CI / test (pull_request) Successful in 17s
CI / review (anthropic--claude-4.6-sonnet, sonnet, SONNET_REVIEW_TOKEN) (pull_request) Successful in 30s
CI / review (gpt-5, security, ., rodin/security-patterns, SECURITY_REVIEW.md, SECURITY_REVIEW_TOKEN) (pull_request) Successful in 56s
CI / review (gpt-5, gpt, GPT_REVIEW_TOKEN) (pull_request) Successful in 1m53s
Address review feedback on PR #113: - MAJOR (both reviews): Replace strings.HasPrefix(reqURL, "http://") with url.Parse + strings.EqualFold for case-insensitive scheme comparison per RFC 3986. Prevents bypass via HTTP:// or Http://. - MINOR (security): Enhance redactURL to strip userinfo component (user:pass@host) in addition to query params, preventing credential leakage in error messages and logs. - NIT (gpt): Remove redundant timer.Stop() after timer.C fires — it's a no-op and the comment was misleading. - Add tests for uppercase/mixed-case HTTP scheme rejection and userinfo redaction.