SSRF risk: validate hostnames in GitRepositoryFactory.create_from_url

## Description

The `GitRepositoryFactory.create_from_url` method in `src/api/query/infrastructure/git_repository.py` currently accepts any hostname containing `/blob/` or `/-/blob/` patterns. If the URL is user-controlled, this could allow requests to internal services (SSRF vulnerability).

## Suggested Mitigation

Consider implementing one or both of these approaches:
- Enforce a configurable allowlist of permitted hostnames
- Block IP literals, localhost, and private/loopback/reserved IP ranges using Python's `ipaddress` module

Validation should occur in `create_from_url` after parsing the URL and before instantiating repository instances.

## References

- PR: https://github.com/openshift-hyperfleet/kartograph/pull/181
- Review comment: https://github.com/openshift-hyperfleet/kartograph/pull/181#discussion_r2761051779
- Requested by: @jsell-rh

## Context

This issue was identified during review of PR #181 and marked as out-of-scope for that PR. This issue tracks the follow-up work.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SSRF risk: validate hostnames in GitRepositoryFactory.create_from_url #183

Description

Suggested Mitigation

References

Context

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

SSRF risk: validate hostnames in GitRepositoryFactory.create_from_url #183

Description

Description

Suggested Mitigation

References

Context

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions