clawdforge

History

Kayos ebbd7cc553 clients/rust: apply audit findings — UTF-8 panic + Debug redaction + path-traversal (`062d405` → next) HIGH: - H1: truncate() uses floor_char_boundary (was panicking on multibyte boundaries) - H2: hand-written Debug for Client/ClientBuilder/AppToken redacts bearer (was leaking via dbg!()/tracing) - H3: revoke_token validates name client-side (rejects path traversal sequences) MEDIUM: - M1: From<reqwest::Error> maps timeouts to Error::Timeout (was always Transport) - M2: revoke_token accepts 2xx empty body (was rejecting RFC-correct 204 No Content) - M3: tests use assert!(matches!) instead of matches!().then_some().unwrap() - M4: ClientBuilder.max_upload_bytes optional cap - M5: lib.rs deny(missing_docs) LOW: - L1: cargo fmt - L2: drop dead AUTHORIZATION import Audit: memory/clawdforge-audits/rust-062d405.md	2026-04-28 23:26:22 -07:00
..
client.rs	clients/rust: apply audit findings — UTF-8 panic + Debug redaction + path-traversal (`062d405` → next)	2026-04-28 23:26:22 -07:00

Kayos ebbd7cc553 clients/rust: apply audit findings — UTF-8 panic + Debug redaction + path-traversal (062d405 → next)

HIGH:
- H1: truncate() uses floor_char_boundary (was panicking on multibyte boundaries)
- H2: hand-written Debug for Client/ClientBuilder/AppToken redacts bearer (was leaking via dbg!()/tracing)
- H3: revoke_token validates name client-side (rejects path traversal sequences)

MEDIUM:
- M1: From<reqwest::Error> maps timeouts to Error::Timeout (was always Transport)
- M2: revoke_token accepts 2xx empty body (was rejecting RFC-correct 204 No Content)
- M3: tests use assert!(matches!) instead of matches!().then_some().unwrap()
- M4: ClientBuilder.max_upload_bytes optional cap
- M5: lib.rs deny(missing_docs)

LOW:
- L1: cargo fmt
- L2: drop dead AUTHORIZATION import

Audit: memory/clawdforge-audits/rust-062d405.md

2026-04-28 23:26:22 -07:00

client.rs clients/rust: apply audit findings — UTF-8 panic + Debug redaction + path-traversal (062d405 → next) 2026-04-28 23:26:22 -07:00