lerko/nib-v1
1
1
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

fix: code principles audit — correctness, security, test-ability #5

Merged
lerko merged 1 commits from fix/code-principles-audit into develop 2026-05-14 21:55:27 +00:00
Conversation 0 Commits 1 Files Changed 12
+500 -104

1 Commits

Author SHA1 Message Date
lerko 6278cb1022 fix: code principles audit — correctness, security, testability 
- Add rows.Err() checks after all scan loops (entities, tags, resolve)
- Surface time.Parse errors instead of silently discarding
- Extract entityRow scan helper to eliminate Get/List duplication
- Cap request body at 1MB via MaxBytesReader
- Stop leaking internal errors to API clients (log server-side only)
- Block javascript: URIs in link card open button (XSS)
- Fix all go vet failures in api_test.go (unchecked http errors)
- Add tests for display package, generateCardData, absorb-source-card
- Run go mod tidy to fix direct/indirect dep markers
 2026-05-14 17:41:30 -04:00