Add security tests for path traversal and SQL injection fixes - doot.git - doot

diff options

author	Peter Stone <thepeterstone@gmail.com>	2026-01-12 13:50:23 -1000
committer	Peter Stone <thepeterstone@gmail.com>	2026-01-12 13:50:23 -1000
commit	e57671031d0e792926d12701aace4ffbff6a5bdf (patch)
tree	a1b0889f5ff218c6f38e0bfd3449a7a6274911db /.env.example
parent	6a899485b079ab96b71a2c2c7ed8a61302680f38 (diff)

Add security tests for path traversal and SQL injection fixes

Created comprehensive test coverage for security fixes: - internal/api/obsidian_test.go: * TestGetNotes_SymlinkSecurity: Verifies symlinks are not followed * TestGetNotes_BasicFunctionality: Tests basic limit and ordering * Uses t.TempDir() for isolated test environments - internal/store/sqlite_test.go: * TestGetNotes_LimitClause: Validates LIMIT parameter handling * TestGetNotes_EmptyDatabase: Tests empty state * TestSaveNotes_Upsert: Verifies INSERT OR REPLACE behavior * TestGetNotes_SQLInjectionAttempt: Confirms parameterized queries * All tests use temporary SQLite databases for isolation All tests passing (7 new test cases). Security fixes from commits 325811c and 4c03e9c now have full test coverage. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

Diffstat (limited to '.env.example')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: