AX principle 2: comments show HOW with real values, not WHAT the
function name already says. "verifies if the miner is installed
correctly" restated the signature; replaced with a concrete call site.
Co-Authored-By: Charon <charon@lethean.io>
GetHashrateHistory and AddHashratePoint had comments that restated the
function name in different words (AX principle 2 violation). Replaced
with concrete call-site examples showing realistic values and return
shape.
Co-Authored-By: Charon <charon@lethean.io>
GetPath, GetBinaryPath, and Stop had comments that restated what the
signature already said. AX Principle 2: comments show HOW with real
values, not WHAT the type signature already declares.
Co-Authored-By: Charon <charon@lethean.io>
Stop() and WriteStdin() used errors.New() (banned import) instead of the
package's own MiningError constructors. Replaced with ErrMinerNotRunning()
and ErrTimeout() which carry structured codes, HTTP status, and retry hints.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 2 — comments show HOW with real values, not WHAT the signature already says.
GetHighResHistoryLength, GetLowResHistoryLength, and GetLogs all had comments that
restated the function name. Replaced with concrete call-site examples showing expected
return ranges and usage patterns.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 2: comments show HOW with real values, not WHAT the signature
already says. "GetType returns the miner type identifier" restates the
signature — replace with concrete call examples.
Co-Authored-By: Charon <charon@lethean.io>
AX Principle 2: comments must show usage, not restate the signature.
"Clear clears the log buffer." adds zero information beyond the name.
Co-Authored-By: Charon <charon@lethean.io>
Move module declaration and all internal imports from
github.com/Snider/Mining to forge.lthn.ai/Snider/Mining. Also updates
Borg, Enchantrix, and Poindexter dependency paths to forge.lthn.ai.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Error Handling:
- Fix silent Write() error in WebSocket (events.go)
- Add error context to transport handshake messages
- Check os.MkdirAll error in zip extraction (miner.go)
- Explicitly ignore io.Copy errors on drain with comments
- Add retry logic (2 attempts) for transient stats collection failures
Resource Lifecycle:
- Add shutdown mechanism to DigestAuth goroutine
- Call Service.Stop() on context cancellation
- Add NodeService transport cleanup to Service.Stop()
- Fix WriteStdin goroutine leak on timeout with non-blocking send
API Design:
- Add profile validation (name, miner type required)
- Return 404 instead of 500 for missing profile PUT
- Make DELETE profile idempotent (return success if not found)
- Standardize error responses in node_service.go handlers
Observability:
- Add logging for P2P GetAllStats failures
- Add request ID correlation helper for handler logs
- Add logging for miner process exits (xmrig_start.go)
- Rate limit debug logs in transport hot path (1 in 100)
- Add metrics infrastructure with /metrics endpoint
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Migrate all log.Printf/Println calls across the codebase to use the
new pkg/logging structured logging package. This provides consistent
log formatting with levels, timestamps, and structured key-value fields.
Files updated:
- pkg/mining/manager.go, service.go, events.go, miner.go
- pkg/mining/xmrig_start.go, ttminer_start.go
- pkg/mining/syslog_unix.go, syslog_windows.go
- pkg/database/hashrate.go
- pkg/node/worker.go, transport.go, peer.go
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add 30s context timeout for database transactions in hashrate.go
- Add helper function for parsing SQLite timestamps with error logging
- Implement atomic file writes (temp + rename) for profile_manager.go,
config_manager.go, and peer.go to prevent corruption on crash
- Add 5s timeout for stats collection per miner in manager.go
- Add 5s timeout for stdin writes in miner.go
- Clean up config file on failed miner start in xmrig_start.go
- Implement debounced saves (5s) for peer registry to reduce disk I/O
- Fix CheckInstallation data race in xmrig.go and ttminer.go by adding
proper mutex protection around shared field updates
- Add 10s handshake timeout for WebSocket connections in transport.go
- Update peer_test.go to call Close() before reload to flush changes
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Networking/Protocol fixes:
- Add HTTP server timeouts (Read/Write/Idle/ReadHeader) in service.go
- Fix CORS address parsing to use net.SplitHostPort safely
- Add request body size limit middleware (1MB max)
- Enforce MaxConns limit in WebSocket upgrade handler
- Fix WebSocket origin validation to only allow localhost
- Add read/write deadlines to WebSocket connections
Memory leak fixes:
- Add sync.Once to Manager.Stop() to prevent double-close panic
- Fix controller pending map leak by closing response channel
- Add memory reallocation for hashrate history slices when oversized
- Fix LogBuffer to truncate long lines and force reallocation on trim
- Add process wait timeout to prevent goroutine leaks on zombie processes
- Drain HTTP response body on copy error to allow connection reuse
Segfault/panic prevention:
- Add nil check in GetTotalHashrate for stats pointer
- Fix hashrate history slice reallocation to prevent capacity bloat
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Critical fixes:
- Release mutex before HTTP calls in GetStats() to prevent blocking
- Fix m.cmd race between Stop() and Wait() goroutine by capturing locally
- Add context support to GetStats() for proper request cancellation
High priority fixes:
- Add existence check in collectMinerStats() before operating on miners
- Add mutex-protected httpClient getter/setter for thread-safe test mocking
Changes:
- Miner interface now requires context.Context for GetStats()
- Stats HTTP requests timeout after 5 seconds (was 30s client default)
- All callers updated to pass context (service uses request context)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Create api/swagger.md page to properly document Swagger UI access
instead of linking raw swagger.json in mkdocs nav
- Fix Stop() state management: properly set Running=false and cmd=nil
on all exit paths, wait for process termination to avoid zombies
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix deprecated strings.Title usage with golang.org/x/text/cases
- Replace log.Fatalf in service startup with channel-based error handling
- Add graceful SIGTERM before SIGKILL in Stop() for proper cleanup
- Add mutex protection for LogBuffer access in GetLogs()
- Add instance name sanitization with regex to prevent injection
- Add error logging in updateInstallationCache for failed operations
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Security fixes:
- Remove hardcoded wallet address from CLI defaults (start.go, serve.go)
Pool and wallet are now required flags or must be provided explicitly
- Change file permissions from 0644 to 0600 for sensitive config files
Affects: xmrig config, profiles, settings, config cache
- Fix path traversal in untar() - now returns error instead of silently skipping
Concurrency fix:
- Fix race condition in GetStats() - was using RLock while writing m.FullStats
Changed to Lock/Unlock in both xmrig_stats.go and ttminer_stats.go
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add stdin pipe support for sending console commands to running miners (XMRig/TT-Miner)
- Add base64 encoding for log transport to preserve ANSI escape codes
- Add SQLite database for persistent hashrate history storage
- Enhance P2P worker to handle remote miner commands (start/stop/stats/logs)
- Add console UI page with ANSI-to-HTML rendering and command input
- Add E2E tests for navigation, UI elements, and miner start flow
- Update Dockerfile to use Go 1.24 with GOTOOLCHAIN=auto
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
