Commit c382cd5
fix(api): sanitize database constraint errors before sending to clients
Closes #914
Previously DbError::ConstraintViolation passed the raw sqlx error message
(e.g. "duplicate key value violates unique constraint
newsletter_subscribers_email_key") directly into the 409 response body,
leaking table and column names to API consumers.
Now the full constraint message is logged internally at ERROR level (where
it remains visible to operators via the tracing correlation ID) and replaced
with a generic client-safe message in the response body.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>1 parent 86cb874 commit c382cd5
1 file changed
Lines changed: 2 additions & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
92 | 92 | | |
93 | 93 | | |
94 | 94 | | |
95 | | - | |
| 95 | + | |
| 96 | + | |
96 | 97 | | |
97 | 98 | | |
98 | 99 | | |
| |||
0 commit comments