MHSanaei b36e5e0869 fix(security): redact at source and cap marshal sizes for CodeQL ...

CodeQL kept flagging the merge logger because taint flowed Password ->
ClientMergeConflict.Old -> log even with a runtime redact helper -- the
analyzer can't prove the branch excludes credentials. Redact at the
source instead: uuid/password/auth/subId now only ever land in the
conflict struct as <redacted> placeholders, so no caller (log or
otherwise) can leak them.

For the ClientWithAttachments marshal overflow alert, replace the
MaxInt-len() arithmetic with explicit per-input size caps (256MB each),
which is the pattern CodeQL's own docs recommend and recognizes.

2026-05-19 12:48:01 +02:00

..

model_test.go

Feat/multi inbound clients (#4469)

2026-05-19 12:20:24 +02:00

model.go

fix(security): redact at source and cap marshal sizes for CodeQL

2026-05-19 12:48:01 +02:00