beads

johno/beads

Fork 0

Commit Graph

Author	SHA1	Message	Date
cerebustech-dev	3aeca3413a	fix: skip /etc/passwd check on Windows in security test (#363 ) Fixes #362 The test TestCleanupMergeArtifacts_CommandInjectionPrevention was failing on Windows because it checks for /etc/passwd, which is a Unix-specific file that doesn't exist on Windows. Added runtime.GOOS check to skip the /etc/passwd verification on Windows while maintaining the security check on Unix systems.	2025-11-22 16:49:29 -08:00
Steve Yegge	c4c5c8063a	Fix: Change default JSONL filename from beads.jsonl to issues.jsonl The canonical beads database name is issues.jsonl. Tens of thousands of users have issues.jsonl, and beads.jsonl was only used by the Beads project itself due to git history pollution. Changes: - Updated bd doctor to warn about beads.jsonl instead of issues.jsonl - Changed default config from beads.jsonl to issues.jsonl - Reversed precedence in checkGitForIssues to prefer issues.jsonl - Updated git merge driver config to use issues.jsonl - Updated all tests to expect issues.jsonl as the default issues.jsonl is now the canonical default; beads.jsonl is legacy 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-11-21 23:34:22 -08:00
Steve Yegge	74f384444b	test: Add security and error handling tests for lint warnings Added comprehensive tests to address gosec and errcheck linter warnings: 1. bd-yxy (P0): Command injection prevention tests for git rm in merge command - Added merge_security_test.go with tests for shell metacharacters - Verified exec.Command safely passes arguments (no shell interpretation) - Added #nosec G204 comment explaining why code is safe 2. bd-nbc (P1): Security tests for file path validation in clean command - Added clean_security_test.go with path traversal tests - Verified filepath.Join safely constructs paths within .beads directory - Added #nosec G304 comment documenting safety guarantees 3. bd-lln (P2): Tests for performFlush error handling in FlushManager - Added tests documenting that performFlush intentionally returns nil - Errors are handled internally by flushToJSONLWithState - Tests verify graceful degradation when store is inactive 4. bd-gra (P2): Error handling test for cmd.Help() in search command - Added search_test.go documenting Help() error handling - Help() errors intentionally ignored (already in error path, will exit anyway) - Added #nosec G104 comment explaining rationale All new tests pass. The linter warnings are false positives or intentional design decisions, now documented with tests and #nosec comments. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-11-21 19:30:48 -05:00

Author

SHA1

Message

Date

cerebustech-dev

3aeca3413a

fix: skip /etc/passwd check on Windows in security test (#363 )

Fixes #362

The test TestCleanupMergeArtifacts_CommandInjectionPrevention was failing on Windows because it checks for /etc/passwd, which is a Unix-specific file that doesn't exist on Windows.

Added runtime.GOOS check to skip the /etc/passwd verification on Windows while maintaining the security check on Unix systems.

2025-11-22 16:49:29 -08:00

Steve Yegge

c4c5c8063a

Fix: Change default JSONL filename from beads.jsonl to issues.jsonl

The canonical beads database name is issues.jsonl. Tens of thousands of users
have issues.jsonl, and beads.jsonl was only used by the Beads project itself
due to git history pollution.

Changes:
- Updated bd doctor to warn about beads.jsonl instead of issues.jsonl
- Changed default config from beads.jsonl to issues.jsonl
- Reversed precedence in checkGitForIssues to prefer issues.jsonl
- Updated git merge driver config to use issues.jsonl
- Updated all tests to expect issues.jsonl as the default

issues.jsonl is now the canonical default; beads.jsonl is legacy

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-11-21 23:34:22 -08:00

Steve Yegge

74f384444b

test: Add security and error handling tests for lint warnings

Added comprehensive tests to address gosec and errcheck linter warnings:

1. bd-yxy (P0): Command injection prevention tests for git rm in merge command
   - Added merge_security_test.go with tests for shell metacharacters
   - Verified exec.Command safely passes arguments (no shell interpretation)
   - Added #nosec G204 comment explaining why code is safe

2. bd-nbc (P1): Security tests for file path validation in clean command
   - Added clean_security_test.go with path traversal tests
   - Verified filepath.Join safely constructs paths within .beads directory
   - Added #nosec G304 comment documenting safety guarantees

3. bd-lln (P2): Tests for performFlush error handling in FlushManager
   - Added tests documenting that performFlush intentionally returns nil
   - Errors are handled internally by flushToJSONLWithState
   - Tests verify graceful degradation when store is inactive

4. bd-gra (P2): Error handling test for cmd.Help() in search command
   - Added search_test.go documenting Help() error handling
   - Help() errors intentionally ignored (already in error path, will exit anyway)
   - Added #nosec G104 comment explaining rationale

All new tests pass. The linter warnings are false positives or intentional
design decisions, now documented with tests and #nosec comments.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-11-21 19:30:48 -05:00

3 Commits