core-be fc6d7d114e [core-be-agent] ...

fix: Sanitize error messages to prevent information disclosure

- workspace_crud.go:335: Replace err.Error() with generic message
  to prevent leaking raw DB errors (e.g. pq syntax errors, table names)
- org.go:610: Replace fmt.Sprintf with body.Dir leak in 404 response

Both errors are already logged server-side; no observability lost.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-05-09 20:51:43 +00:00

..

cmd

chore: reconcile main → staging post-suspension divergence

2026-05-07 14:24:37 -07:00

internal

[core-be-agent]

2026-05-09 20:51:43 +00:00

migrations

feat(workspaces): update_tier column for canary vs production fan-out

2026-05-08 08:55:19 -07:00

pkg/provisionhook

feat(#1957): wire gh-identity plugin into workspace-server

2026-04-24 15:01:41 +00:00

.air.toml

feat(local-dev): air-based hot-reload for workspace-server

2026-05-08 08:10:50 -07:00

.ci-force

chore: force Platform(Go) CI run on main — validate go vet clean

2026-04-21 15:43:19 +00:00

.gitignore

feat(local-dev): containerize platform + canvas stack via docker-compose (closes #126)

2026-05-08 10:53:39 -07:00

.golangci.yaml

chore(workspace-server): add golangci.yaml disabling errcheck

2026-04-24 07:16:54 +00:00

Dockerfile

fix(ci): apply pre-clone fix to platform Dockerfile too (followup #173)

2026-05-07 13:13:13 -07:00

Dockerfile.dev

fix(org-import): use ws.FilesDir as persona-dir lookup, add docker-cli-buildx to dev image

2026-05-08 13:50:46 -07:00

Dockerfile.tenant

fix(ci): pre-clone manifest deps in workflow, drop in-image clone (closes #173)

2026-05-07 12:59:46 -07:00

entrypoint-tenant.sh

fix(memory-plugin): gate sidecar spawn on cutover-active

2026-05-05 12:39:03 -07:00

go.mod

chore: drop github-app-auth + swap GHCR→ECR (closes #157, #161)

2026-05-07 07:48:51 -07:00

go.sum

chore: drop github-app-auth + swap GHCR→ECR (closes #157, #161)

2026-05-07 07:48:51 -07:00