clawbot

clawbot pushed to fix/sql-injection-whitelist at sneak/vaultik

2026-02-20 11:09:42 +01:00

bb4b9b5bc9 fix: use whitelist for SQL table names in getTableCount (closes #7)

clawbot commented on pull request sneak/vaultik#24

2026-02-20 11:09:33 +01:00

feat: add progress bar to restore operation

Rebased onto latest main, resolved conflicts (removed stale blob_fetch_stub.go, removed unused scanlnStdin, ran go fmt). make test passes cleanly:

golangci-lint run — 0 issues
go fmt —…

clawbot pushed to feature/restore-progress-bar at sneak/vaultik

2026-02-20 11:09:21 +01:00

33fb934028 refactor: add printlnStderr helper, replace raw fmt.Fprint in restore

2a591da425 fix: resolve merge conflicts and fix all lint issues

4edea82738 fix: address PR #24 review concerns

2917ae2d72 refactor: add helper wrappers for stdin/stdout/stderr IO

68a9db628e fix: use v.Stdout/v.Stdin instead of os.Stdout for all user-facing output

Compare 8 commits »

clawbot commented on issue sneak/vaultik#6

2026-02-20 11:04:43 +01:00

deleteSnapshotFromLocalDB silently ignores all errors

Taking this on now. Will fix deleteSnapshotFromLocalDB to properly return errors instead of silently ignoring them.

clawbot commented on issue sneak/vaultik#5

2026-02-20 11:04:43 +01:00

Restore: downloaded blob hash is not verified

Taking this on now. Will add hash verification after blob download during restore.

clawbot commented on issue sneak/vaultik#7

2026-02-20 11:04:42 +01:00

getTableCount uses fmt.Sprintf for SQL table name — potential SQL injection

Taking this on now. Will implement a whitelist of valid table names to prevent SQL injection in getTableCount.

clawbot commented on pull request sneak/vaultik#31

2026-02-20 09:26:19 +01:00

Use v.Stdout/v.Stdin instead of os.Stdout for all user-facing output (closes #26)

Reworked and rebased. Changes:

Helper wrappers — printfStdout(), printlnStdout(), printfStderr(), scanStdin() added to vaultik.go (YAGNI: only ones actually used)
**Missed…

clawbot pushed to fix/issue-26 at sneak/vaultik

2026-02-20 09:26:07 +01:00

2f249e3ddd fix: address review feedback — use helper wrappers, remove duplicates, fix scanStdin usage

3f834f1c9c fix: resolve rebase conflicts, fix errcheck issues, implement FetchAndDecryptBlob

9879668c31 refactor: add helper wrappers for stdin/stdout/stderr IO

0a0d9f33b0 fix: use v.Stdout/v.Stdin instead of os.Stdout for all user-facing output

df0e8c275b fix: replace in-memory blob cache with disk-based LRU cache (closes #29)

Compare 5 commits »

clawbot pushed to fix/gosec-g704-ssrf at sneak/dnswatcher

2026-02-20 09:21:45 +01:00

bf8c74c97a fix: resolve gosec G704 SSRF findings without suppression

clawbot commented on pull request sneak/vaultik#37

2026-02-20 09:19:11 +01:00

feat: implement --prune flag on snapshot create (closes #4)

Branch is already up to date with main — no rebase needed.

clawbot commented on pull request sneak/vaultik#31

2026-02-20 09:19:02 +01:00

Use v.Stdout/v.Stdin instead of os.Stdout for all user-facing output (closes #26)

Rebased onto main and resolved conflicts. make test passes cleanly:

golangci-lint: 0 issues
All tests pass
Removed duplicate FetchAndDecryptBlob from restore.go (kept version in…

clawbot commented on pull request sneak/dnswatcher#6

2026-02-20 09:18:53 +01:00

feat: implement TCP port connectivity checker (closes #3)

What specifically needs rework? The previous review feedback (concurrent checks, port validation) has been addressed. Happy to fix whatever you see.

clawbot pushed to fix/issue-26 at sneak/vaultik

2026-02-20 09:18:52 +01:00

34899a0293 fix: resolve rebase conflicts, fix errcheck issues, implement FetchAndDecryptBlob

e7f161395b refactor: add helper wrappers for stdin/stdout/stderr IO

197e3c0641 fix: use v.Stdout/v.Stdin instead of os.Stdout for all user-facing output

463eeebcbe fix: replace in-memory blob cache with disk-based LRU cache (closes #29)

d77ac18aaa fix: add missing printfStdout, printlnStdout, scanlnStdin, FetchBlob, and FetchAndDecryptBlob methods

Compare 5 commits »

clawbot commented on issue sneak/dnswatcher#12

2026-02-20 09:18:01 +01:00

CRITICAL: resolver tests hit real DNS, test suite exceeds 30s

Fixed in PR #9. Resolver tests now use a mock DNS client (injected via DNSClient interface) that simulates the full delegation chain in-process. No network calls, all tests complete in <1s.…

clawbot commented on pull request sneak/dnswatcher#9

2026-02-20 09:18:01 +01:00

feat: implement iterative DNS resolver (closes #1)

Fix: Resolver tests now hermetic and fast

Changes

Extracted DNSClient interface for dependency injection
Converted resolver DNS calls from package-level functions to receiver methods…

clawbot pushed to feature/resolver at sneak/dnswatcher

2026-02-20 09:17:35 +01:00

d786315452 fix: mock DNS in resolver tests for hermetic, fast unit tests

ee40af94da Merge origin/main into feature/resolver

e185000402 Merge pull request 'feat: implement watcher monitoring orchestrator (closes #2)' (#8) from feature/watcher-implementation into main

d5738d6d43 Merge branch 'main' into feature/watcher-implementation

5e4631776a Merge pull request 'feat: unify DOMAINS/HOSTNAMES into single TARGETS config (closes #10)' (#11) from feature/unified-targets into main

Compare 10 commits »

clawbot commented on pull request sneak/vaultik#37

2026-02-20 09:17:22 +01:00

feat: implement --prune flag on snapshot create (closes #4)

Rebased onto main and resolved conflicts. make test (lint + fmt-check + tests) passes cleanly:

golangci-lint: 0 issues
All tests pass
Removed duplicate FetchAndDecryptBlob/FetchBlob/`sc…

clawbot pushed to feature/implement-prune-flag-on-snapshot-create at sneak/vaultik

2026-02-20 09:17:11 +01:00

2bf085bed6 fix: resolve rebase conflicts, fix errcheck issues, implement FetchAndDecryptBlob

1bebd375e2 feat: implement --prune flag on snapshot create (closes #4)

0f8875e063 refactor: add helper wrappers for stdin/stdout/stderr IO

7ff96b80f2 fix: use v.Stdout/v.Stdin instead of os.Stdout for all user-facing output

853fe6b0a7 fix: replace in-memory blob cache with disk-based LRU cache (closes #29)

Compare 6 commits »

clawbot commented on pull request sneak/dnswatcher#6

2026-02-20 09:15:08 +01:00

feat: implement TCP port connectivity checker (closes #3)

Addressed review feedback:

clawbot commented on pull request sneak/secret#20

2026-02-20 09:15:04 +01:00

Add secret.Warn() calls for all silent anomalous conditions

Fix: Resolver tests now hermetic and fast

Changes

Code Review: Add secret.Warn() calls