Skip to content

v1.52.0

Choose a tag to compare

View all tags
@erraggy erraggy released this 21 Feb 07:10
· 16 commits to main since this release
Immutable release. Only release title and notes can be modified.
v1.52.0
fe1c642
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

πŸ”’ Security Hardening: Defense-in-Depth Across All Packages

This release adds comprehensive security hardening across the parser, HTTP validator, MCP server, generator, and CLI β€” protecting against path traversal, SSRF, resource exhaustion, and code injection without changing any public API behavior.

Parser Security

New resource limits prevent denial-of-service through oversized inputs and malicious references.

  • Input size limits: WithMaxInputSize caps primary document size (default 100 MiB) for ParseReader and ParseBytes
  • File size limits: WithMaxFileSize caps external $ref file size (default 10 MB)
  • URL scheme allowlist: WithAllowedSchemes restricts remote $ref resolution to http/https by default
  • Same-origin enforcement: Remote $ref targets must share the same host as the base URL

HTTP Validator Hardening

Runtime validation now has configurable resource limits to prevent abuse.

  • Body size limits: WithMaxRequestBodySize and WithMaxResponseBodySize cap payload validation (default 10 MB)
  • Schema depth limits: Recursive schema validation capped at 100 levels to prevent stack exhaustion
  • Regex pattern cache: Bounded to 1,000 entries with automatic eviction to prevent memory growth from specs with many unique patterns
  • Concurrent safety: Validation flags are now snapshotted per-call, eliminating potential races

MCP Server Protection

The MCP server is hardened against malicious inputs from untrusted clients.

  • SSRF prevention: New safe HTTP client blocks requests to private/loopback IPs during URL-based spec resolution
  • Path traversal prevention: All file paths sanitized against directory traversal (../) attacks
  • Symlink rejection: Output paths checked for symlinks to prevent write-redirection attacks
  • Error sanitization: Filesystem paths stripped from error messages to prevent information leakage
  • Input validation: Strict limits on tool argument sizes and content

Generator & CLI

  • Code injection prevention: Discriminator property names safely escaped via strconv.Quote before embedding in generated Go struct tags
  • Output path validation: Generated file paths checked for traversal and symlink attacks
  • File permissions tightened: MCP output files written with 0600 (owner-only) instead of 0644
  • JSONPath depth limits: Recursive evaluation capped to prevent stack exhaustion

πŸ”’ User Impact

  • No breaking changes β€” all new limits have sensible defaults matching previous behavior
  • New parser/validator options are opt-in for stricter configurations
  • WithMaxFileSize signature changed from int64 to int for API consistency with WithMaxInputSize

πŸ“Š Quality Metrics

  • βœ… All tests passing (8,400+ unit tests across 27 packages)
  • βœ… Zero vulnerabilities (govulncheck clean)
  • βœ… All benchmarks passing with no regressions
  • βœ… 69 files changed, 4,400+ lines of hardening and tests

What's Changed

  • fix: security hardening for v1.52.0 by @erraggy in #338
  • chore: prepare v1.52.0 release by @erraggy in #339
  • fix(generator): escape discriminator JSON names instead of allowlist filtering by @erraggy in #340

Full Changelog: v1.51.6...v1.52.0

Contributors

erraggy
Assets 11
Loading