Commit f72b854
authored
Phase 10: Code Cleanups (#470)
* docs(10): capture phase context
* docs(state): record phase 10 context session
* docs(10): research phase domain
* docs(phase-10): add validation strategy
* docs(10): create phase plan
* refactor(10-01): extract shared pathutil package from duplicated provider code
- Create pkg/internal/pathutil with ContainsDotDot, ValidateFilePath, SafePath
- Replace local containsDotDot in gemini/content.go and voyage/content.go
- Replace local safePath in default_ef/download_utils.go
- Add comprehensive unit tests for all three functions
* fix(10-01): replace *context.Context pointer-to-interface with context.Context value
- Fix Gemini DefaultContext from *context.Context to context.Context
- Fix Nomic DefaultContext from *context.Context to context.Context
- Fix Mistral DefaultContext from *context.Context to context.Context
- Remove unnecessary pointer indirection and address-of operations
* docs(10-01): complete path safety and context anti-pattern plan
- Add 10-01-SUMMARY.md with execution results
- Update STATE.md with phase 10 progress
- Update ROADMAP.md plan progress
- Mark CLN-01, CLN-02, CLN-03, CLN-06 requirements complete
* feat(10-02): add URL path extension fallback to resolveMIME in Gemini and Voyage
- Add net/url import and URL path parsing as 3rd fallback in resolveMIME
- URL query strings and fragments are stripped by url.Parse before extension check
- Update error message to mention file/URL with known extension
- Add 4 new test cases per provider (URL fallback, query string, fragment, no-ext)
- Remove dead TestVoyageContainsDotDot test referencing removed containsDotDot function
* refactor(10-02): add registry unregister helpers and t.Cleanup to all tests
- Add 4 unexported unregister helpers (dense, sparse, multimodal, content)
- Add t.Cleanup with unregister calls to all 22 registration test sites
- Replace inline mu.Lock/delete/mu.Unlock with unregister helper calls
- Tests pass with -count=2 proving no global state leaks
* docs(10-02): complete URL MIME inference and registry test cleanup plan
- SUMMARY.md documents URL path fallback and registry cleanup changes
- STATE.md updated with position, metrics, and decisions
- ROADMAP.md reflects Phase 10 complete (2/2 plans)
- REQUIREMENTS.md marks CLN-04, CLN-05, CLN-06 complete
* docs(phase-10): complete phase execution and verification
* fix(10): harden input validation, error handling, and test coverage
- Add empty-string guards to ValidateFilePath and SafePath
- Surface URL parse errors in resolveMIME instead of silently discarding
- Wrap ValidateFilePath/SafePath errors with caller context
- Make containsDotDot unexported, remove dead SafePath branch
- Remove stale TODO(#469), use defer for unregister mutex consistency
- Add tests for malformed URLs, multi-level traversal, edge cases
* fix(10): handle root destPath in SafePath, strip URL from error messages
- Special-case root "/" in SafePath prefix check to avoid false rejection
- Remove raw URL from resolveMIME parse error to prevent credential leaks
- Add test for SafePath with root destPath
* fix(10): add MIME format validation, Gemini modality default case, clarify ValidateFilePath scope
- Clarify ValidateFilePath doc: only rejects relative ".." traversal, not
absolute path manipulation; point callers to SafePath for confinement
- Add default case to Gemini validateMIMEModality matching Voyage's pattern,
rejecting unknown modalities instead of silently passing
- Add MIME type format validation in BinarySource.Validate() using RFC 2045
type/subtype regex to block injection via malformed MIME strings
- Add tests for all three changes
* refactor(10): simplify MIME regex init to regexp.Compile with nolint
* fix(10): remove weak MIME validation fallback, reject all if regex unavailable1 parent c2f4229 commit f72b854
27 files changed
Lines changed: 2151 additions & 101 deletions
File tree
- .planning
- phases/10-code-cleanups
- pkg
- embeddings
- default_ef
- gemini
- mistral
- nomic
- voyage
- internal/pathutil
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
51 | 51 | | |
52 | 52 | | |
53 | 53 | | |
| 54 | + | |
| 55 | + | |
| 56 | + | |
| 57 | + | |
| 58 | + | |
| 59 | + | |
| 60 | + | |
| 61 | + | |
| 62 | + | |
54 | 63 | | |
55 | 64 | | |
56 | 65 | | |
| |||
101 | 110 | | |
102 | 111 | | |
103 | 112 | | |
| 113 | + | |
| 114 | + | |
| 115 | + | |
| 116 | + | |
| 117 | + | |
| 118 | + | |
104 | 119 | | |
105 | 120 | | |
106 | | - | |
107 | | - | |
| 121 | + | |
| 122 | + | |
108 | 123 | | |
109 | 124 | | |
110 | 125 | | |
111 | 126 | | |
112 | | - | |
| 127 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
23 | 23 | | |
24 | 24 | | |
25 | 25 | | |
26 | | - | |
| 26 | + | |
27 | 27 | | |
28 | 28 | | |
29 | 29 | | |
| |||
172 | 172 | | |
173 | 173 | | |
174 | 174 | | |
175 | | - | |
176 | | - | |
| 175 | + | |
| 176 | + | |
177 | 177 | | |
178 | 178 | | |
179 | 179 | | |
| |||
202 | 202 | | |
203 | 203 | | |
204 | 204 | | |
| 205 | + | |
205 | 206 | | |
206 | 207 | | |
207 | 208 | | |
208 | 209 | | |
209 | 210 | | |
210 | 211 | | |
211 | 212 | | |
212 | | - | |
| 213 | + | |
213 | 214 | | |
214 | 215 | | |
215 | | - | |
| 216 | + | |
| 217 | + | |
216 | 218 | | |
217 | 219 | | |
218 | 220 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
2 | 2 | | |
3 | 3 | | |
4 | 4 | | |
5 | | - | |
6 | | - | |
7 | | - | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
8 | 8 | | |
9 | 9 | | |
10 | | - | |
11 | | - | |
12 | | - | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
13 | 13 | | |
14 | 14 | | |
15 | 15 | | |
| |||
19 | 19 | | |
20 | 20 | | |
21 | 21 | | |
22 | | - | |
| 22 | + | |
23 | 23 | | |
24 | 24 | | |
25 | 25 | | |
26 | | - | |
| 26 | + | |
27 | 27 | | |
28 | 28 | | |
29 | 29 | | |
| |||
66 | 66 | | |
67 | 67 | | |
68 | 68 | | |
| 69 | + | |
| 70 | + | |
69 | 71 | | |
70 | 72 | | |
71 | 73 | | |
| |||
111 | 113 | | |
112 | 114 | | |
113 | 115 | | |
| 116 | + | |
| 117 | + | |
114 | 118 | | |
115 | 119 | | |
116 | 120 | | |
| |||
143 | 147 | | |
144 | 148 | | |
145 | 149 | | |
146 | | - | |
147 | | - | |
| 150 | + | |
| 151 | + | |
148 | 152 | | |
0 commit comments