Rodin rodin

0 Followers · 0 Following

• Joined on 2026-04-23

Repositories

16

Projects Packages Public Activity Starred Repositories

rodin pushed to github-support at rodin/review-bot 2026-05-14 20:19:52 +00:00

5c1a148a24 fix: use rpl-linux-runners for github.concur.com workflows

1b472cc6b4 feat(ci): add GitHub Actions workflow for strat/review-bot PRs

06b09ce3b8 feat(cmd): wire VCS detection into main — route to github or gitea client

1e1a50581f feat(cmd): add VCS client abstraction for GitHub and Gitea

545ab25bbc feat(github): add high-level PR/review API methods to github client

Compare 5 commits »

rodin created branch github-support in rodin/review-bot 2026-05-14 20:19:52 +00:00

rodin pushed to main at rodin/review-bot 2026-05-14 20:10:56 +00:00

bbf3dfbf0d chore: dev-loop health check — status at 2026-05-14 20:10 UTC

rodin pushed to main at rodin/review-bot 2026-05-14 19:26:07 +00:00

ed3a5dddf1 chore: dev-loop health check — cleanup & status at 2026-05-14 19:25 UTC

rodin pushed to main at rodin/review-bot 2026-05-14 19:21:20 +00:00

449a24e4c5 chore: dev-loop status after cleanup at 2026-05-14 19:20 UTC

rodin created branch issue-123-work in rodin/review-bot 2026-05-14 19:16:49 +00:00

rodin pushed to issue-123-work at rodin/review-bot 2026-05-14 19:16:49 +00:00

c35b041d5e chore: update dev-loop TODO after issue-123 merge (2026-05-14 19:15 UTC)

rodin pushed to main at rodin/review-bot 2026-05-14 19:10:21 +00:00

4440823571 Merge pull request 'feat(#123): add IP-level SSRF defense to Gitea client and action' (#129) from issue-123 into main

c349986187 fix(#123): add RFC6598 CGN check to Python SSRF validation in action.yml

934c6728ee fix(#123): address review feedback on SSRF defense

5ac93bea70 fix(#123): add IP fallback dialing in safeDialContext

f84cc3bbcf fix(#123): address all review findings from PR #129

Compare 6 commits »

rodin merged pull request rodin/review-bot#129 2026-05-14 19:10:20 +00:00

feat(#123): add IP-level SSRF defense to Gitea client and action

rodin closed issue rodin/review-bot#123 2026-05-14 19:10:20 +00:00

security: add IP-level SSRF defense for action.yml Gitea path

rodin commented on pull request rodin/review-bot#129 2026-05-14 13:42:11 +00:00

feat(#123): add IP-level SSRF defense to Gitea client and action

Self-review: PASS

No issues found — ready for human review.

Pre-review action taken: Found a security gap (RFC6598/CGN bypass in Python SSRF checks) during review. Python's ipaddress…

rodin pushed to issue-123 at rodin/review-bot 2026-05-14 13:41:22 +00:00

c349986187 fix(#123): add RFC6598 CGN check to Python SSRF validation in action.yml

rodin pushed to main at rodin/model-research 2026-05-14 12:25:01 +00:00

643a804bdf finding #79: multi-model security review catches CGN + proxy-assisted SSRF gaps

rodin commented on pull request rodin/review-bot#129 2026-05-14 12:17:12 +00:00

feat(#123): add IP-level SSRF defense to Gitea client and action

Self-review: NEEDS_WORK

Finding: action.yml Python SSRF check misses CGN range (100.64.0.0/10)

Severity: MINOR (but correctness gap in the defense-in-depth layer)

Root cause: The…

rodin deleted branch issue-123-fixes from rodin/review-bot 2026-05-14 11:49:41 +00:00

rodin pushed to issue-123 at rodin/review-bot 2026-05-14 11:49:38 +00:00

934c6728ee fix(#123): address review feedback on SSRF defense

rodin pushed to issue-123-fixes at rodin/review-bot 2026-05-14 11:49:26 +00:00

934c6728ee fix(#123): address review feedback on SSRF defense

rodin created branch issue-123-fixes in rodin/review-bot 2026-05-14 11:49:26 +00:00

rodin commented on pull request rodin/review-bot#129 2026-05-14 08:45:49 +00:00

feat(#123): add IP-level SSRF defense to Gitea client and action

Self-review: PASS

All 8 review findings addressed:

MAJOR:

• gitea/ipcheck.go: replaced init-time panic with init() + blockedCIDRParseErrors list — TestBlockedCIDRsValid catches…

rodin pushed to issue-123 at rodin/review-bot 2026-05-14 08:45:33 +00:00

5ac93bea70 fix(#123): add IP fallback dialing in safeDialContext