anotherhadi/spilltea
1
Fork 0
mirror of https://github.com/anotherhadi/spilltea.git synced 2026-05-20 09:42:34 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: security hardening and code quality

Browse Source 
- SQL query mode uses read-only SQLite connection with PRAGMA query_only=ON
- Lua sandbox removes dofile/loadfile/load after OpenBase to block file access
- Plugin manager sorts by priority once at load time; GetPlugins is a plain copy
- Proxy appends [body truncated] marker when body hits size limit
- App startup exits with os.Exit(1) on DB open failure
- tickCmd uses tea.Tick instead of time.Sleep in a goroutine
- ErrMsg with non-nil error shows notification then quits
- DB stores path for use by read-only query connection
- WAL journal mode + NORMAL synchronous set in migrate()
- config.go uses errors.Is(err, os.ErrNotExist)
- main.go uses os.UserHomeDir() and removes racy port pre-check
- findings renderer is cached and rebuilt only on width change

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Hadi
2026-05-19 13:38:10 +02:00
parent 41c0e489cf
commit 172a77e13b
11 changed files with 88 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/ui/findings/model.go
+23 -8
View File
@@ -28,6 +28,9 @@ type Model struct {
pager paginator.Model
help help.Model
renderer *glamour.TermRenderer
rendererWidth int
width int
height int
}
@@ -77,6 +80,11 @@ func (m *Model) recalcSizes() {
m.bodyViewport.SetWidth(inner)
m.bodyViewport.SetHeight(bodyVH)
if m.rendererWidth != inner {
m.renderer = nil
m.rendererWidth = 0
}
m.refreshListViewport()
m.refreshBody()
}
@@ -110,12 +118,12 @@ func (m *Model) refreshBody() {
return
}
f := m.findings[m.cursor]
rendered := renderMarkdown(f.Description, m.bodyViewport.Width())
rendered := m.renderMarkdownCached(f.Description, m.bodyViewport.Width())
m.bodyViewport.SetContent(rendered)
m.bodyViewport.GotoTop()
}
func renderMarkdown(src string, width int) string {
func (m *Model) renderMarkdownCached(src string, width int) string {
if src == "" {
return style.S.Faint.Render(util.CenterLines("(ㆆ _ ㆆ)", "no description"))
}
@@ -130,14 +138,21 @@ func renderMarkdown(src string, width int) string {
if width < 10 {
width = 80
}
r, err := glamour.NewTermRenderer(
glamour.WithStyles(style.GlamourStyleConfig(config.Global)),
glamour.WithWordWrap(width),
)
if err != nil {
// Rebuild renderer if width changed or not yet built.
if m.renderer == nil || m.rendererWidth != width {
r, err := glamour.NewTermRenderer(
glamour.WithStyles(style.GlamourStyleConfig(config.Global)),
glamour.WithWordWrap(width),
)
if err == nil {
m.renderer = r
m.rendererWidth = width
}
}
if m.renderer == nil {
return buf.String()
}
out, err := r.Render(buf.String())
out, err := m.renderer.Render(buf.String())
if err != nil {
return buf.String()
}