fix: code principles audit — correctness, security, test-ability #5
lerko
commented
Owner
- Add rows.Err() checks after all scan loops (entities, tags, resolve)
- Surface time.Parse errors instead of silently discarding
- Extract entityRow scan helper to eliminate Get/List duplication
- Cap request body at 1MB via MaxBytesReader
- Stop leaking internal errors to API clients (log server-side only)
- Block javascript: URIs in link card open button (XSS)
- Fix all go vet failures in api_test.go (unchecked http errors)
- Add tests for display package, generateCardData, absorb-source-card
- Run go mod tidy to fix direct/indirect dep markers
- Add rows.Err() checks after all scan loops (entities, tags, resolve)
- Surface time.Parse errors instead of silently discarding
- Extract entityRow scan helper to eliminate Get/List duplication
- Cap request body at 1MB via MaxBytesReader
- Stop leaking internal errors to API clients (log server-side only)
- Block javascript: URIs in link card open button (XSS)
- Fix all go vet failures in api_test.go (unchecked http errors)
- Add tests for display package, generateCardData, absorb-source-card
- Run go mod tidy to fix direct/indirect dep markers
lerko
added 1 commit 2026-05-14 21:55:20 +00:00
fix: code principles audit — correctness, security, testability
6278cb1022
lerko
merged commit e477e8d512 into develop
lerko
referenced this issue from a commit
Merge pull request 'fix: code principles audit — correctness, security, test-ability' (#5) from fix/code-principles-audit into develop
Assignees
lerko (Tyler Koenig)
Clear assignees
lerko (Tyler Koenig)
No Assignees
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: lerko/nib-v1#5
Reference in New Issue
Block a user
Delete Branch "fix/code-principles-audit"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?