From d11334c0999efb670a8eab93527a50f644fdfceb Mon Sep 17 00:00:00 2001
From: Peter Stone <thepeterstone@gmail.com>
Date: Fri, 23 Jan 2026 15:59:12 -1000
Subject: Fix high priority issues from code review
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Default password: Fatal error in production if DEFAULT_PASS not set
- API timeouts: Reduce from 30s to 15s (4 APIs × 15s < 60s global)
- Trello lists: Log warning when list fetch fails instead of silent ignore

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 cmd/dashboard/main.go | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'cmd')

diff --git a/cmd/dashboard/main.go b/cmd/dashboard/main.go
index 74cc836..ef94427 100644
--- a/cmd/dashboard/main.go
+++ b/cmd/dashboard/main.go
@@ -59,6 +59,10 @@ func main() {
 		defaultUser = "admin"
 	}
 	if defaultPass == "" {
+		if !cfg.Debug {
+			log.Fatal("CRITICAL: DEFAULT_PASS must be set in production. Set DEBUG=true for development.")
+		}
+		log.Println("WARNING: Using default password - set DEFAULT_PASS for production")
 		defaultPass = "changeme"
 	}
 	if err := authService.EnsureDefaultUser(defaultUser, defaultPass); err != nil {
-- 
cgit v1.2.3