- Add 30s context timeout for database transactions in hashrate.go
- Add helper function for parsing SQLite timestamps with error logging
- Implement atomic file writes (temp + rename) for profile_manager.go,
config_manager.go, and peer.go to prevent corruption on crash
- Add 5s timeout for stats collection per miner in manager.go
- Add 5s timeout for stdin writes in miner.go
- Clean up config file on failed miner start in xmrig_start.go
- Implement debounced saves (5s) for peer registry to reduce disk I/O
- Fix CheckInstallation data race in xmrig.go and ttminer.go by adding
proper mutex protection around shared field updates
- Add 10s handshake timeout for WebSocket connections in transport.go
- Update peer_test.go to call Close() before reload to flush changes
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Security fixes:
- Remove hardcoded wallet address from CLI defaults (start.go, serve.go)
Pool and wallet are now required flags or must be provided explicitly
- Change file permissions from 0644 to 0600 for sensitive config files
Affects: xmrig config, profiles, settings, config cache
- Fix path traversal in untar() - now returns error instead of silently skipping
Concurrency fix:
- Fix race condition in GetStats() - was using RLock while writing m.FullStats
Changed to Lock/Unlock in both xmrig_stats.go and ttminer_stats.go
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
