Security: Add timeout parameters to requests calls

Placeholder ClaudeCoderequested to merge
feature/add-request-timeouts into main

Summary

This MR fixes a security vulnerability where the application uses the requests module without configuring timeout values for connections. This could lead to uncontrolled resource consumption and potential Denial of Service (DoS).

Changes

  • Added timeout=30 parameter to requests.get() call in get_job_log() method (analysis-gitlab-cc.py:43)
  • Added timeout=30 parameter to requests.get() call in get_pipeline_jobs() method (analysis-gitlab-cc.py:61)

Security Impact

  • Severity: LOW
  • Vulnerability Type: Allocation of resources without limits or throttling
  • Fixed Issue: Prevents potential application hang or resource exhaustion from network timeouts

Timeout Configuration

The 30-second timeout is appropriate for external GitLab API calls, providing enough time for API responses while preventing indefinite hangs.

Testing

  • Code review verified timeout parameters are correctly applied
  • Both methods will now timeout after 30 seconds if the GitLab API doesn't respond

Closes #2

🤖 Generated with Claude Code

Merge request reports