refactor(gitea): eliminate retry duplication, harden redactURL and MaxInt64 edge case

- Extract doGetWithReader to share retry/backoff logic between doGet and doGetLimited, eliminating ~60 lines of duplicated code (addresses MINOR finding from all reviewers). - redactURL now strips userinfo credentials (user:pass@host) in addition to query parameters (addresses security-review-bot finding). - GetPullRequestDiff treats MaxDiffSize == math.MaxInt64 as disabled, preventing the silent enforcement bypass where the overflow clamp makes the size check unreachable (addresses security-review-bot finding). - Improved error message wording: 'response exceeds N bytes' (NIT fix).
fix(gitea): address review feedback on diff size limiting
2026-05-13 05:40:49 -07:00 · 2026-05-13 05:23:42 -07:00 · 2026-05-13 05:17:14 -07:00 · 2026-05-13 04:57:30 -07:00
1 changed files with 3 additions and 1 deletions
@@ -9,7 +9,7 @@

 | Package | Use Case | Scope |
 |---------|----------|-------|
-| `github.com/goccy/go-yaml` | YAML parsing and AST inspection (subpkgs: `ast`, `parser`) | production |
+| `github.com/goccy/go-yaml` | YAML parsing (persona files, config) | production |
 | `github.com/google/go-cmp` | Test comparisons (`cmp.Diff`) | test only |

 **Any import not in this table or the Go standard library is forbidden.**
@@ -21,6 +21,8 @@ To request a new dependency:
 2. Requires explicit approval from Aaron
 3. After merge, a separate PR may use the package

+<!-- Deviation from step 1+3 for go-yaml migration: see #91 for rationale. -->
+
 *Enforcement: `scripts/check-deps.sh` parses this table — update only here.*

 ## Error Handling
Author	SHA1	Message	Date
claw	1f0636e140	refactor(gitea): eliminate retry duplication, harden redactURL and MaxInt64 edge case PR Ready Gate / clear-labels (pull_request) Successful in 2s Details CI / test (pull_request) Successful in 24s Details CI / review (anthropic--claude-4.6-sonnet, sonnet, SONNET_REVIEW_TOKEN) (pull_request) Successful in 43s Details CI / review (gpt-5, security, ., rodin/security-patterns, SECURITY_REVIEW.md, SECURITY_REVIEW_TOKEN) (pull_request) Successful in 1m4s Details CI / review (gpt-5, gpt, GPT_REVIEW_TOKEN) (pull_request) Successful in 1m57s Details - Extract doGetWithReader to share retry/backoff logic between doGet and doGetLimited, eliminating ~60 lines of duplicated code (addresses MINOR finding from all reviewers). - redactURL now strips userinfo credentials (user:pass@host) in addition to query parameters (addresses security-review-bot finding). - GetPullRequestDiff treats MaxDiffSize == math.MaxInt64 as disabled, preventing the silent enforcement bypass where the overflow clamp makes the size check unreachable (addresses security-review-bot finding). - Improved error message wording: 'response exceeds N bytes' (NIT fix).	2026-05-13 05:40:49 -07:00
claw	84ac50a8cf	fix(gitea): address review feedback on diff size limiting PR Ready Gate / clear-labels (pull_request) Successful in 2s Details CI / test (pull_request) Successful in 17s Details CI / review (anthropic--claude-4.6-sonnet, sonnet, SONNET_REVIEW_TOKEN) (pull_request) Successful in 28s Details CI / review (gpt-5, security, ., rodin/security-patterns, SECURITY_REVIEW.md, SECURITY_REVIEW_TOKEN) (pull_request) Successful in 1m34s Details CI / review (gpt-5, gpt, GPT_REVIEW_TOKEN) (pull_request) Successful in 1m34s Details - Add concurrency safety note to MaxDiffSize field documentation, mirroring the existing note on RetryBackoff - Consolidate six individual test functions into a single table-driven test (TestGetPullRequestDiff_SizeLimits) reducing repetition - Add //nolint:errcheck annotation to test handler w.Write calls	2026-05-13 05:23:42 -07:00
claw	1a3050926e	fix(gitea): address review findings — clamp overflow, clarify maxSize doc PR Ready Gate / clear-labels (pull_request) Successful in 2s Details CI / test (pull_request) Successful in 17s Details CI / review (anthropic--claude-4.6-sonnet, sonnet, SONNET_REVIEW_TOKEN) (pull_request) Successful in 39s Details CI / review (gpt-5, security, ., rodin/security-patterns, SECURITY_REVIEW.md, SECURITY_REVIEW_TOKEN) (pull_request) Successful in 1m7s Details CI / review (gpt-5, gpt, GPT_REVIEW_TOKEN) (pull_request) Successful in 1m38s Details - Clamp maxBytes+1 to prevent integer overflow to negative when maxBytes == math.MaxInt64 (falls back to math.MaxInt64) - Update MaxDiffSize doc: 'any negative value' disables the limit, matching actual behavior of 'maxSize < 0' check	2026-05-13 05:17:14 -07:00
claw	235828ec42	feat(gitea): harden GetPullRequestDiff against unbounded diff size CI / test (pull_request) Successful in 23s Details CI / review (anthropic--claude-4.6-sonnet, sonnet, SONNET_REVIEW_TOKEN) (pull_request) Successful in 31s Details CI / review (gpt-5, security, ., rodin/security-patterns, SECURITY_REVIEW.md, SECURITY_REVIEW_TOKEN) (pull_request) Successful in 1m16s Details CI / review (gpt-5, gpt, GPT_REVIEW_TOKEN) (pull_request) Successful in 1m38s Details Add a configurable MaxDiffSize field to Client that limits how much data GetPullRequestDiff will read into memory. The default is 10 MB (DefaultMaxDiffSize). When the diff exceeds the limit, ErrDiffTooLarge is returned, allowing callers to skip position translation gracefully. Implementation uses io.LimitReader to read maxBytes+1, detecting overflow without buffering the entire response. Setting MaxDiffSize to -1 disables the limit entirely. Closes #92	2026-05-13 04:57:30 -07:00