937 B
937 B
Code Hardening — Senior Dev Audit Fixes
Phase 1: Quick Wins (safety + correctness)
- Cap API list limit at 200
- Fix markdown XSS — add DOMPurify to sanitize marked output
- Add missing DB indexes (deleted_at, modified_at) via v4 migration
- Fix v2 migration error handling (swallowed ALTER TABLE errors)
- Fix ~/.nib directory permissions (0o755 → 0o700)
Phase 2: CI Pipeline
- Gitea Actions workflow: test + lint on PR
Phase 3: context.Context in Store
- Thread context.Context through all Store methods
- Use context in API handlers (from r.Context())
- Use context in CLI commands (cobra context)
Phase 4: cmd/ Tests
- Test add command
- Test ls command
- Test promote/demote commands
- Test delete command
- Test absorb command
Phase 5: Backup/Export
- nib export — dump entities to JSON
- nib backup — safe SQLite backup (handles WAL)