DatabaseConfig field comments restated the type signature in prose
(AX §2 violation). Replaced with concrete assignment examples showing
real values and edge-case behaviour (0 → defaults to 30).
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 2 — comments must show HOW with real values, not restate the
signature in prose. The description line was redundant with the signature;
only the usage example is kept.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 2 — comments must show usage, not restate the type signature.
Type and function comments on MinerAutostartConfig, DatabaseConfig,
defaultDatabaseConfig, MinersConfig, and getMinersConfigPath all violated
this by using "represents", "holds", and "returns" prose descriptions.
Replaced with concrete usage examples showing realistic values.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 2: comments as usage examples. Both functions had prose descriptions
that restated the signature ("loads the miners configuration from the file system").
Replace with concrete call-site examples that show how to use the return value.
Co-Authored-By: Charon <charon@lethean.io>
`fn` is a single-letter abbreviation — AX principle 1 requires predictable
names over short names. `modifier` describes the parameter's role clearly.
Comment updated to a usage example per principle 2.
Co-Authored-By: Charon <charon@lethean.io>
- Add 30s context timeout for database transactions in hashrate.go
- Add helper function for parsing SQLite timestamps with error logging
- Implement atomic file writes (temp + rename) for profile_manager.go,
config_manager.go, and peer.go to prevent corruption on crash
- Add 5s timeout for stats collection per miner in manager.go
- Add 5s timeout for stdin writes in miner.go
- Clean up config file on failed miner start in xmrig_start.go
- Implement debounced saves (5s) for peer registry to reduce disk I/O
- Fix CheckInstallation data race in xmrig.go and ttminer.go by adding
proper mutex protection around shared field updates
- Add 10s handshake timeout for WebSocket connections in transport.go
- Update peer_test.go to call Close() before reload to flush changes
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add sync.RWMutex to config_manager.go for file operation synchronization
- Add deprecation warning to unsafe GetDB() function in database.go
- Fix UninstallMiner map modification during iteration in manager.go
- Add server readiness verification via TCP dial in service.go
- Add mutex-protected httpClient getter/setter in xmrig.go
- Update GetLatestVersion to use synchronized HTTP client in ttminer.go
- Update MockMiner in service_test.go to match context-aware GetStats interface
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Security fixes:
- Remove hardcoded wallet address from CLI defaults (start.go, serve.go)
Pool and wallet are now required flags or must be provided explicitly
- Change file permissions from 0644 to 0600 for sensitive config files
Affects: xmrig config, profiles, settings, config cache
- Fix path traversal in untar() - now returns error instead of silently skipping
Concurrency fix:
- Fix race condition in GetStats() - was using RLock while writing m.FullStats
Changed to Lock/Unlock in both xmrig_stats.go and ttminer_stats.go
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
