diff options
| author | Peter Stone <thepeterstone@gmail.com> | 2026-01-26 07:03:53 -1000 |
|---|---|---|
| committer | Peter Stone <thepeterstone@gmail.com> | 2026-01-26 07:03:53 -1000 |
| commit | 8c2b8c352f8c980c79bb4bb4772e8cbc02d14164 (patch) | |
| tree | 6913a38cf462df397b24ba0c6c4c18f128562429 /cmd/dashboard | |
| parent | ff7339acfdf533110f3ab1f902e153df739eed1b (diff) | |
Phase 3: Error handling and security hardening
- Handle JSON marshal errors in sqlite.go (log + fallback to empty array)
- Add 30s timeout to Google Calendar client initialization
- Fix CSRF timing attack by using subtle.ConstantTimeCompare
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Diffstat (limited to 'cmd/dashboard')
| -rw-r--r-- | cmd/dashboard/main.go | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/cmd/dashboard/main.go b/cmd/dashboard/main.go index d7da061..6b895d1 100644 --- a/cmd/dashboard/main.go +++ b/cmd/dashboard/main.go @@ -90,8 +90,11 @@ func main() { var googleCalendarClient api.GoogleCalendarAPI if cfg.HasGoogleCalendar() { + // Use timeout context to prevent startup hangs if credentials file is unreachable + initCtx, cancel := context.WithTimeout(context.Background(), 30*time.Second) var err error - googleCalendarClient, err = api.NewGoogleCalendarClient(context.Background(), cfg.GoogleCredentialsFile, cfg.GoogleCalendarID) + googleCalendarClient, err = api.NewGoogleCalendarClient(initCtx, cfg.GoogleCredentialsFile, cfg.GoogleCalendarID) + cancel() if err != nil { log.Printf("Warning: failed to initialize Google Calendar client: %v", err) } else { |