ENHANCE: Improved code quality, security and performance #11

Merged
kashish merged 3 commits from enhance/bugfixes_n_vulnerabilities_05_2026 into main 2026-06-13 18:13:10 +00:00
Owner

Code Quality

  • Fixed database connection error message typo.
  • Using vault service instead of duplicate code in generate command when adding the generated secret.
  • Removed unnecessary Search and Levenshtein function export changed name to search and levenshtein respectively.
  • Added hard-limit tries when reading field with retry.
  • Added new and improved existing debug logs.

Security

  • using constant time comparison when comparing secrets to prevent side-channeling.

Performance

  • Eliminate unnecessary conversion of secret read from terminal to string and then back to []byte.
  • Switch sqlite driver from mattcn/sqlite (cgo) to modernc.org/sqlite (pure go) to reduce cgo overhead.
#### Code Quality - Fixed database connection error message typo. - Using vault service instead of duplicate code in generate command when adding the generated secret. - Removed unnecessary `Search` and `Levenshtein` function export changed name to `search` and `levenshtein` respectively. - Added hard-limit tries when reading field with retry. - Added new and improved existing debug logs. #### Security - using constant time comparison when comparing secrets to prevent side-channeling. #### Performance - Eliminate unnecessary conversion of secret read from terminal to `string` and then back to `[]byte`. - Switch sqlite driver from `mattcn/sqlite` (cgo) to `modernc.org/sqlite` (pure go) to reduce `cgo` overhead.
Sign in to join this conversation.
No reviewers
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
plutolab/kosh!11
No description provided.