Skip to content

fix: comprehensive audit — security, perf, tech debt, tests#51

Merged
pszymkowiak merged 1 commit intomainfrom
fix/audit-round-1
Mar 21, 2026
Merged

fix: comprehensive audit — security, perf, tech debt, tests#51
pszymkowiak merged 1 commit intomainfrom
fix/audit-round-1

Conversation

@pszymkowiak
Copy link
Contributor

@pszymkowiak pszymkowiak commented Mar 21, 2026

Summary

Full codebase audit fixes: 5 parallel agents audited + fixed security, performance, redundancy, dead code, and technical debt. Added 29 new tests.

Security (5 fixes):

  • Credentials file 0o600 permissions
  • MCP input validation (topic 255 chars, content 100k)
  • FTS query hardening (10k limit, 100 tokens, quote stripping)
  • Embedding dims bounds (64-4096)
  • Search limits capped to 100

Performance (3 fixes):

  • CLI batch_update_access (N→1 DB calls)
  • Reduced cloning in search_hybrid
  • Reduced cloning in dedup

Tech debt (6 fixes):

  • eprintln→tracing::warn (6 locations)
  • Fixed unwrap() panic
  • Constants: DEFAULT_EMBEDDING_DIMS, DEDUP_SIMILARITY_THRESHOLD
  • Tracing on rollback + datetime parse failures

Redundancy (3 fixes):

  • Dead code removed (cloud.rs)
  • Shared helpers extracted to icm-core
  • Unified message constants

Tests: 182 total (was 153, +29 new)

Test plan

  • 182 tests pass
  • cargo fmt clean
  • No new warnings

🤖 Generated with Claude Code

@pszymkowiak
fix: comprehensive audit fixes — security, performance, tech debt, tests
1447c60 
Security:
- Credentials file permissions set to 0o600 on Unix
- Input validation for MCP tool_store (topic max 255, content max 100k)
- FTS query hardening (length limit, token cap, quote stripping)
- Embedding dims validated to 64-4096 range
- Search result limits capped to 100

Performance:
- CLI recall uses batch_update_access instead of N individual calls
- Reduced cloning in search_hybrid (owned keys iteration)
- Reduced cloning in tool_store dedup (struct literal vs clone)

Tech debt + Logging:
- Replaced eprintln! with tracing::warn! (6 locations)
- Fixed unwrap() panic in extract_patterns
- Replaced .expect() with proper error handling in embed command
- Added tracing on rollback paths and datetime parse failures
- Added DEFAULT_EMBEDDING_DIMS constant (replaces hardcoded 384)
- Added DEDUP_SIMILARITY_THRESHOLD constant (replaces magic 0.85)

Redundancy + Dead code:
- Removed unused delete_cloud_memory and sync_memory_background
- Extracted topic_matches/keyword_matches to icm-core (shared CLI+MCP)
- Added MSG_NO_MEMORIES constant for consistent messaging

Tests (+29 new):
- Store: empty queries, nonexistent CRUD, batch access, auto-consolidate,
  decay, prune, topics, stats, topic prefix
- MCP: empty recall, input validation (topic/content length)
- Security: FTS sanitization, embedding dims bounds, search limits,
  credentials permissions
@pszymkowiak
Copy link
Contributor Author

pszymkowiak commented Mar 21, 2026

wshm · Automated triage by AI

📊 Automated PR Analysis
♻️ Type refactor
🟡 Risk medium

Summary

Comprehensive codebase audit fixing security vulnerabilities (credential file permissions, input validation, FTS query hardening), performance improvements (batch DB calls, reduced cloning), tech debt cleanup (replacing eprintln with tracing, fixing unwrap panics, extracting constants), removing dead code, and adding 29 new tests bringing the total to 182.

Review Checklist

  • Tests present
  • Breaking change
  • Docs updated

Analyzed automatically by wshm · This is an automated analysis, not a human review.

@pszymkowiak pszymkowiak merged commit c3555c9 into main Mar 21, 2026
4 checks passed
@github-actions github-actions bot mentioned this pull request Mar 21, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

performance security tech-debt testing

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pszymkowiak