fix(security): phase 4 code quality and low-severity fixes #29

Merged

lerko merged 1 commits from security/phase-4-quality into main

2026-05-26 21:31:40 +00:00

Author	SHA1	Message	Date
lerko	986f9f1d55	fix(security): phase 4 code quality and low-severity fixes CI / test (pull_request) Successful in 4m24s Details CI / lint (pull_request) Successful in 1m1s Details - Fix limitStr to handle multi-byte UTF-8 characters correctly - Sanitize log messages: strip ANSI escape sequences and newlines - URL-encode probe node_id instead of string concatenation - Fix follower resp.Body leak on non-200 responses - Make SSH host key path configurable via UPTOP_SSH_HOST_KEY env var - Add HTTP method checks on GET-only endpoints (405 for wrong methods) - Extract magic numbers into named constants across monitor/store/server - Standardize error output to stderr for all startup errors	2026-05-26 17:25:47 -04:00

Author

SHA1

Message

Date

lerko

986f9f1d55

fix(security): phase 4 code quality and low-severity fixes

CI / test (pull_request) Successful in 4m24s

Details

CI / lint (pull_request) Successful in 1m1s

Details

- Fix limitStr to handle multi-byte UTF-8 characters correctly
- Sanitize log messages: strip ANSI escape sequences and newlines
- URL-encode probe node_id instead of string concatenation
- Fix follower resp.Body leak on non-200 responses
- Make SSH host key path configurable via UPTOP_SSH_HOST_KEY env var
- Add HTTP method checks on GET-only endpoints (405 for wrong methods)
- Extract magic numbers into named constants across monitor/store/server
- Standardize error output to stderr for all startup errors

2026-05-26 17:25:47 -04:00

fix(security): phase 4 code quality and low-severity fixes #29

1 Commits