nib-v1

lerko/nib-v1

Fork 0

Commit Graph

Author	SHA1	Message	Date
lerko	6278cb1022	fix: code principles audit — correctness, security, testability - Add rows.Err() checks after all scan loops (entities, tags, resolve) - Surface time.Parse errors instead of silently discarding - Extract entityRow scan helper to eliminate Get/List duplication - Cap request body at 1MB via MaxBytesReader - Stop leaking internal errors to API clients (log server-side only) - Block javascript: URIs in link card open button (XSS) - Fix all go vet failures in api_test.go (unchecked http errors) - Add tests for display package, generateCardData, absorb-source-card - Run go mod tidy to fix direct/indirect dep markers	2026-05-14 17:41:30 -04:00
lerko	6de174e474	feat(api): add HTTP server with full REST API Chi router with all entity CRUD endpoints, promote/demote/use actions, tag listing. CORS middleware for --dev mode. Graceful shutdown on SIGINT/SIGTERM. 22 API integration tests via httptest.	2026-05-14 11:30:47 -04:00

Author

SHA1

Message

Date

lerko

6278cb1022

fix: code principles audit — correctness, security, testability

- Add rows.Err() checks after all scan loops (entities, tags, resolve)
- Surface time.Parse errors instead of silently discarding
- Extract entityRow scan helper to eliminate Get/List duplication
- Cap request body at 1MB via MaxBytesReader
- Stop leaking internal errors to API clients (log server-side only)
- Block javascript: URIs in link card open button (XSS)
- Fix all go vet failures in api_test.go (unchecked http errors)
- Add tests for display package, generateCardData, absorb-source-card
- Run go mod tidy to fix direct/indirect dep markers

2026-05-14 17:41:30 -04:00

lerko

6de174e474

feat(api): add HTTP server with full REST API

Chi router with all entity CRUD endpoints, promote/demote/use
actions, tag listing. CORS middleware for --dev mode. Graceful
shutdown on SIGINT/SIGTERM. 22 API integration tests via httptest.

2026-05-14 11:30:47 -04:00

2 Commits