1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
|
# Security & Quality Checklist
## Critical Security Issues (Must Fix Before Production)
### Database Security
- [x] **SQL Injection in GetNotes()** (15 min)
- File: `internal/store/sqlite.go:208`
- Change: Use parameterized query for LIMIT clause
- Impact: Prevents SQL injection attacks
- [ ] **SQLite Concurrency Configuration** (30 min)
- File: `internal/store/sqlite.go:22-30`
- Change: Set `MaxOpenConns(1)`, enable WAL mode
- Impact: Prevents "database is locked" errors under concurrent load
- [ ] **Database File Permissions** (15 min)
- File: `internal/store/sqlite.go:22-24`
- Change: Set file to 0600, create dir with 0700
- Impact: Prevents unauthorized access to cached data
### Input/Output Security
- [ ] **Path Traversal in Obsidian** (1 hour)
- File: `internal/api/obsidian.go:49-70`
- Change: Validate paths stay within vault, skip symlinks
- Impact: Prevents arbitrary file read attacks
### Network Security
- [ ] **HTTPS Support** (1 hour)
- File: `cmd/dashboard/main.go:86-94`
- Change: Add TLS configuration and ListenAndServeTLS
- Impact: Prevents credential theft via network sniffing
---
## High Priority Issues (Should Fix Soon)
### Concurrency & Performance
- [ ] **Context Cancellation in Goroutines** (30 min)
- File: `internal/handlers/handlers.go:151-207`
- Change: Check `ctx.Done()` before locking mutex in each goroutine
- Impact: Prevents goroutine leaks and resource exhaustion
- [ ] **Parallelize Trello Card Fetching** (1 hour)
- File: `internal/api/trello.go:196-204`
- Change: Use goroutines with bounded concurrency for card fetching
- Impact: Reduces API call time from N+1 sequential to parallel
- [ ] **Reduce Mutex Contention in aggregateData** (45 min)
- File: `internal/handlers/handlers.go:154-205`
- Change: Store results locally, lock only for final assignment
- Impact: Better parallelism, faster page loads
- [ ] **HTTP Client Connection Pooling** (30 min)
- File: `internal/api/*.go` (all clients)
- Change: Configure Transport with MaxIdleConns, MaxIdleConnsPerHost
- Impact: Prevents port exhaustion and API rate limiting
### Security Hardening
- [ ] **Rate Limiting on Endpoints** (1 hour)
- File: `cmd/dashboard/main.go:67, 73`
- Change: Add rate limiting middleware
- Impact: Prevents DoS attacks and API quota exhaustion
- [ ] **CSRF Protection** (2 hours)
- File: `cmd/dashboard/main.go:67`
- Change: Add CSRF middleware for POST endpoints
- Impact: Prevents cross-site request forgery (needed for Phase 2)
- [ ] **Sanitize API Keys in Logs** (30 min)
- File: `internal/api/*.go` (all clients)
- Change: Redact keys/tokens in error messages
- Impact: Prevents credential leaks via log files
### Error Handling
- [ ] **Check JSON Unmarshal Errors** (30 min)
- File: `internal/store/sqlite.go:155, 234`
- Change: Log errors, provide defaults
- Impact: Prevents silent data loss
- [ ] **Sanitize Error Messages** (1 hour)
- File: `internal/handlers/handlers.go` (multiple locations)
- Change: Return generic errors to users, log details internally
- Impact: Prevents information disclosure
---
## Medium Priority Issues (Nice to Have)
### Code Quality
- [ ] **Database Connection Health Check** (15 min)
- File: `internal/store/sqlite.go:22-30`
- Change: Add `db.Ping()` after opening connection
- Impact: Fail fast on database issues
- [ ] **Null Object Pattern for Optional Clients** (1 hour)
- File: `internal/handlers/handlers.go`, `cmd/dashboard/main.go`
- Change: Implement null objects instead of nil checks
- Impact: Eliminates nil pointer risks
- [ ] **Context Timeouts for Database Operations** (2 hours)
- File: `internal/store/sqlite.go` (all methods)
- Change: Use `QueryContext`, `ExecContext`, add context parameters
- Impact: Prevents indefinite blocking
- [ ] **Validate API Response Data** (2 hours)
- File: `internal/api/*.go` (all clients)
- Change: Add validation functions for API responses
- Impact: Protection against malicious API servers
### Testing
- [ ] **Add Edge Case Tests** (2 hours)
- Files: Various test files
- Tests: Empty responses, malformed JSON, network errors
- Impact: More robust error handling
### Security Headers
- [ ] **Add Security Headers Middleware** (30 min)
- File: `cmd/dashboard/main.go`
- Change: Add X-Frame-Options, CSP, X-Content-Type-Options, etc.
- Impact: Defense in depth
- [ ] **Content Security Policy** (1 hour)
- File: `cmd/dashboard/main.go`
- Change: Add CSP header with appropriate directives
- Impact: XSS protection
### Configuration
- [ ] **Validate Config at Startup** (30 min)
- File: `internal/config/config.go:61-76`
- Change: Add token strength validation, file path checks
- Impact: Fail fast on misconfiguration
- [ ] **Make HTTP Timeouts Configurable** (30 min)
- File: `internal/api/*.go` (all clients)
- Change: Add `APITimeoutSeconds` to config
- Impact: Flexibility for different environments
---
## Low Priority / Future Enhancements
### Monitoring & Observability
- [ ] **Structured Logging** (4 hours)
- Change: Replace log.Printf with structured logger (zap/zerolog)
- Impact: Better log analysis and debugging
- [ ] **Health Check Endpoint** (30 min)
- File: `cmd/dashboard/main.go`
- Change: Add `/health` endpoint checking DB, API connectivity
- Impact: Better monitoring
- [ ] **Metrics Collection** (4 hours)
- Change: Add Prometheus metrics for API calls, cache hits, errors
- Impact: Performance monitoring
### Code Organization
- [ ] **Extract Constants** (1 hour)
- Files: Various
- Change: Move magic numbers to constants
- Impact: Better maintainability
- [ ] **Standardize Error Messages** (1 hour)
- Files: Various
- Change: Consistent capitalization and formatting
- Impact: Better UX
### Database
- [ ] **Database Encryption at Rest** (2 hours)
- File: `internal/store/sqlite.go`
- Change: Use SQLCipher
- Impact: Data protection
- [ ] **Migration Versioning Table** (1 hour)
- File: `internal/store/sqlite.go:41-68`
- Change: Track which migrations have run
- Impact: Better migration management
---
## Estimated Time Summary
| Priority | Count | Estimated Time |
|----------|-------|----------------|
| Critical | 4 items | ~2.5 hours |
| High | 7 items | ~6.5 hours |
| Medium | 8 items | ~9.5 hours |
| Low | 8 items | ~14 hours |
| **Total** | **27 items** | **~32.5 hours** |
### Recommended Sprint 1 (Critical + High Priority)
- **Duration**: 1-2 weeks part-time
- **Items**: 11 items
- **Time**: ~9 hours
- **Focus**: Security hardening and performance
### Recommended Sprint 2 (Medium Priority)
- **Duration**: 1-2 weeks part-time
- **Items**: 8 items
- **Time**: ~9.5 hours
- **Focus**: Code quality and testing
---
## Quick Wins (< 30 minutes each)
These can be done in small chunks:
1. ✓ SQL injection fix (15 min)
2. ✓ Database permissions (15 min)
3. ✓ Health check endpoint (15 min)
4. ✓ Security headers middleware (30 min)
5. ✓ Database ping check (15 min)
6. ✓ Check JSON unmarshal errors (30 min)
7. ✓ Extract constants (30 min)
8. ✓ Config validation (30 min)
**Total Quick Wins**: ~3.5 hours, addresses 8 issues
---
## Notes
- Priority order considers both security impact and implementation effort
- Times are estimates for an experienced Go developer
- Some items may reveal additional issues during implementation
- Testing time not included (add ~30% for comprehensive testing)
- Code review time not included (add ~20% for peer review)
|
