Sulkta-Coop/clawdforge
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
clawdforge/clients
History
Kayos ebbd7cc553 clients/rust: apply audit findings — UTF-8 panic + Debug redaction + path-traversal (062d405 → next) 
HIGH:
- H1: truncate() uses floor_char_boundary (was panicking on multibyte boundaries)
- H2: hand-written Debug for Client/ClientBuilder/AppToken redacts bearer (was leaking via dbg!()/tracing)
- H3: revoke_token validates name client-side (rejects path traversal sequences)

MEDIUM:
- M1: From<reqwest::Error> maps timeouts to Error::Timeout (was always Transport)
- M2: revoke_token accepts 2xx empty body (was rejecting RFC-correct 204 No Content)
- M3: tests use assert!(matches!) instead of matches!().then_some().unwrap()
- M4: ClientBuilder.max_upload_bytes optional cap
- M5: lib.rs deny(missing_docs)

LOW:
- L1: cargo fmt
- L2: drop dead AUTHORIZATION import

Audit: memory/clawdforge-audits/rust-062d405.md
2026-04-28 23:26:22 -07:00
..
bash clients/bash: apply audit findings — security hardening + correctness fixes (347fdde → new) 2026-04-28 23:09:06 -07:00
c clients/c: apply audit findings — security + CVE bump (a69e924 → new) 2026-04-28 23:25:22 -07:00
cpp clients/cpp: initial C++ SDK for clawdforge 2026-04-28 23:02:51 -07:00
csharp clients/csharp: apply audit findings — JSON depth caps + stream lifecycle (09aca58 → new) 2026-04-28 23:22:58 -07:00
go clients/go: apply audit findings — fmt + doc + test coverage (3c62613 → new) 2026-04-28 23:08:46 -07:00
java clients/java: apply audit findings — true streaming upload + token redaction (0d3ee26 → next) 2026-04-28 23:20:45 -07:00
kotlin clients/kotlin: initial Kotlin SDK for clawdforge 2026-04-28 23:04:24 -07:00
mcp clients/mcp: apply audit findings — release-blocker fix on upload (093021c → new) 2026-04-28 23:10:33 -07:00
php clients/php: apply audit findings — token redaction + uploadStream + tests (1cff9b8 → next) 2026-04-28 23:12:34 -07:00
python clients/python: apply audit findings (90e158f → next) 2026-04-28 23:07:38 -07:00
ruby clients/ruby: apply audit findings (b1d6e3f -> new) 2026-04-28 23:07:49 -07:00
rust clients/rust: apply audit findings — UTF-8 panic + Debug redaction + path-traversal (062d405 → next) 2026-04-28 23:26:22 -07:00
swift clients/swift: apply audit findings — multipart fix + token redaction (e4e8192 → HEAD) 2026-04-28 23:12:17 -07:00
typescript clients/typescript: apply audit findings — uploadFile streaming + metadata + validation (15de6e7cc54cfb) 2026-04-28 23:12:27 -07:00