johno/gastown
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Fix SQL injection and refresh scheduling in convoy panel

Browse Source 
- Add convoyID validation with regex pattern ^hq-[a-zA-Z0-9-]+$
  to prevent SQL injection in getTrackedIssueStatus (gt-ur4c4)
- Fix duplicate refresh scheduling: tick schedules fetch, fetch
  schedules next tick (gt-yqfrx)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
gastown/crew/gus
2025-12-30 23:23:12 -08:00
committed by Steve Yegge
parent d37bd53a90
commit 4178940d39
2 changed files with 15 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
internal/tui/feed/model.go
View File

@@ -190,11 +190,14 @@ func (m *Model) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
case convoyUpdateMsg:
if msg.state != nil {
// Fresh data arrived - update state and schedule next tick
m.convoyState = msg.state
m.updateViewContent()
cmds = append(cmds, m.convoyRefreshTick())
} else {
// Tick fired - fetch new data
cmds = append(cmds, m.fetchConvoys())
}
// Schedule next refresh
cmds = append(cmds, m.fetchConvoys(), m.convoyRefreshTick())
case tickMsg:
cmds = append(cmds, tick())