Merge pull request '[agent/claude:opus] DX audit and fix. 1) Review CLAUDE.md — update any outdate...' (#3) from agent/dx-audit-and-fix--1--review-claude-md into main
This commit is contained in:
commit
36f0582bfc
2 changed files with 4 additions and 2 deletions
|
|
@ -80,6 +80,8 @@ type ProfileManager interface {
|
|||
- Licence: EUPL-1.2 — new files need `// SPDX-License-Identifier: EUPL-1.2`
|
||||
- Security-first: do not weaken HMAC, challenge-response, Zip Slip defence, or rate limiting
|
||||
- Use `logging` package only — no `fmt.Println` or `log.Printf` in library code
|
||||
- Error handling: use `coreerr.E()` from `go-log` — never `fmt.Errorf` or `errors.New` in library code
|
||||
- File I/O: use `coreio.Local` from `go-io` — never `os.ReadFile`/`os.WriteFile` in library code (exception: `os.OpenFile` for streaming writes where `coreio` lacks support)
|
||||
- Hot-path debug logging uses sampling pattern: `if counter.Add(1)%interval == 0`
|
||||
|
||||
### Transport test helper
|
||||
|
|
|
|||
|
|
@ -311,7 +311,7 @@ func extractTarball(tarData []byte, destDir string) (string, error) {
|
|||
|
||||
f, err := os.OpenFile(fullPath, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, os.FileMode(hdr.Mode))
|
||||
if err != nil {
|
||||
return "", err
|
||||
return "", coreerr.E("extractTarball", "failed to create file "+hdr.Name, err)
|
||||
}
|
||||
|
||||
// Limit file size to prevent decompression bombs (100MB max per file)
|
||||
|
|
@ -320,7 +320,7 @@ func extractTarball(tarData []byte, destDir string) (string, error) {
|
|||
written, err := io.Copy(f, limitedReader)
|
||||
f.Close()
|
||||
if err != nil {
|
||||
return "", err
|
||||
return "", coreerr.E("extractTarball", "failed to write file "+hdr.Name, err)
|
||||
}
|
||||
if written > maxFileSize {
|
||||
coreio.Local.Delete(fullPath)
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue