3775bc3ee0
- Replace 9 panic() calls in smart_defaults.go with error returns - Add ErrUnknownProfile error type for better error handling - Update all callers (worker/config.go, tui/config.go, tui/cli_config.go, tui/main.go) - Update CHANGELOG.md with recent WebSocket handler improvements - Add metrics persistence, dataset handlers, and test organization notes - Config validation passes (make configlint) - All tests pass (go test ./tests/unit/api/ws)
1.3 KiB
1.3 KiB
[Unreleased]
Security
- Native: fix buffer overflow vulnerabilities in
dataset_hash(replacedstrcpywithstrncpy+ null termination) - Native: fix unsafe
memcpyinqueue_indexpriority queue (added explicit null terminators for string fields) - Native: add path traversal protection in
queue_indexstorage (rejects..and null bytes in queue directory paths) - Native: add mmap size limits (100MB max) to prevent unbounded memory mapping exposure
- Native: modularize C++ libraries with clean layering (common, queue_index, dataset_hash)
Added
- API/WebSocket: add dataset handlers (list, register, info, search) with DB integration
- API/WebSocket: add metrics persistence to
handleLogMetricwithwebsocket_metricstable - Storage: add
db_metrics.gowithRecordMetric,GetMetrics,GetMetricSummarymethods - Tests: add payload parsing tests for WebSocket handlers
Changed
- Config: replace
panic()with error returns insmart_defaults.gofor better error handling - Tests: move WebSocket handler tests to
tests/unit/api/ws/
Fixed
- Storage: remove duplicate
db_datasets.go, consolidate withdb_experiments.go
Deprecated
- Config:
ToTUIConfig()now returns(*Config, error)instead of*Config
Removed
- Storage: deleted
internal/storage/db_datasets.go(duplicate implementation)