| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Major coverage improvements:
- safehttp: 46.7% -> 93.3% (SafeDialer, redirect checking, SSRF protection)
- api: 81.8% -> 96.4% (HandleImport 0% -> 100%, stream errors, content types)
- importer: 85.3% -> 94.7% (ImportFeeds dispatcher, OPML nesting, edge cases)
- cmd/neko: 77.1% -> 85.4% (purge, secure-cookies, minutes, allow-local flags)
New tests added:
- Security regression tests (CSRF token uniqueness, mismatch rejection,
auth cookie HttpOnly, security headers, API auth requirements)
- Stress tests for concurrent mixed operations and rapid state toggling
- SSRF protection tests for SafeDialer hostname resolution and redirect paths
https://claude.ai/code/session_01XUBh32rHpbYue1JYXSH64Q
|
|
|
Go benchmarks cover item CRUD/filter/sanitization, API endpoints (stream,
item update, feed list), middleware stack (gzip, security headers, CSRF),
and crawler pipeline (feed parsing, mocked crawl). Stress tests verify
concurrent reads/writes and large dataset handling. Frontend perf tests
measure template generation, DOM insertion, and store event throughput.
New Makefile targets: bench, bench-short, stress, test-perf.
https://claude.ai/code/session_01ChDVWFDrQoFjMYHpaLGr9s
|
