fix: harden API, DB, and web layer from audit findings

- Cap list API limit at 200 to prevent unbounded queries - Sanitize markdown output with DOMPurify to prevent XSS - Add v4 migration with indexes on deleted_at and modified_at - Fix v2 migration swallowed ALTER TABLE errors - Tighten ~/.nib directory permissions to 0o700
2026-05-20 20:41:53 -04:00
parent 1ac4196547
commit 8663beeb96
5 changed files with 54 additions and 5 deletions
@@ -92,6 +92,9 @@ func listEntities(store *db.Store) http.HandlerFunc {
 				writeError(w, http.StatusBadRequest, "invalid_input", "limit must be a positive integer")
 				return
 			}
+			if limit > 200 {
+				limit = 200
+			}
 			p.Limit = limit
 		}
 		if offsetStr := r.URL.Query().Get("offset"); offsetStr != "" {