From d8932abd84e4bbff218adea8e442d8d3a8f635c6 Mon Sep 17 00:00:00 2001
From: John Kennedy <65985482+jkennedyvz@users.noreply.github.com>
Date: Sun, 8 Feb 2026 23:00:39 -0800
Subject: [PATCH] Add 30-second timeout to HTTP client

Prevents requests from hanging indefinitely if the ASHIRT server or
GitHub API is unresponsive.

Addresses: F-04 (CWE-400)
---
 network/common.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/network/common.go b/network/common.go
index e51d679..d29c31e 100644
--- a/network/common.go
+++ b/network/common.go
@@ -14,7 +14,9 @@ import (
 	"github.com/theparanoids/aterm/errors"
 )
 
-var client = &http.Client{}
+var client = &http.Client{
+	Timeout: 30 * time.Second,
+}
 
 var apiURL string
 var accessKey string