Merge pull request 'tidy' (#148) from fix/tidy into main

Reviewed-on: #148

go.mod

@@ -19,6 +19,7 @@ require (
 	github.com/stretchr/testify v1.11.1
 	go.uber.org/fx v1.24.0
 	golang.org/x/crypto v0.46.0
+	golang.org/x/time v0.12.0
 )
 
 require (
@@ -74,7 +75,6 @@ require (
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
 	golang.org/x/sys v0.39.0 // indirect
 	golang.org/x/text v0.32.0 // indirect
-	golang.org/x/time v0.12.0 // indirect
 	google.golang.org/protobuf v1.36.10 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	gotest.tools/v3 v3.5.2 // indirect

internal/handlers/handlers_test.go

@@ -405,13 +405,12 @@ func TestHandleDashboard(t *testing.T) {
 		assert.Contains(t, recorder.Body.String(), "Applications")
 	})
 
-	t.Run("renders dashboard with apps without CSRFField error", func(t *testing.T) {
+	t.Run("renders dashboard with apps without crashing on CSRFField", func(t *testing.T) {
 		t.Parallel()
 
 		testCtx := setupTestHandlers(t)
 
-		// Create an app so the range loop in dashboard.html executes,
-		// which triggers .CSRFField access on each AppStats item.
+		// Create an app so the template iterates over AppStats and hits .CSRFField
 		createTestApp(t, testCtx, "csrf-test-app")
 
 		request := httptest.NewRequest(http.MethodGet, "/", nil)
@@ -420,7 +419,8 @@ func TestHandleDashboard(t *testing.T) {
 		handler := testCtx.handlers.HandleDashboard()
 		handler.ServeHTTP(recorder, request)
 
-		assert.Equal(t, http.StatusOK, recorder.Code, "dashboard should render without template error")
+		assert.Equal(t, http.StatusOK, recorder.Code,
+			"dashboard should not 500 when apps exist (CSRFField must be accessible)")
 		assert.Contains(t, recorder.Body.String(), "csrf-test-app")
 	})
 }