Void-Homelab

Hynes/Void-Homelab

Fork 0

Commit Graph

Author	SHA1	Message	Date
root	1208b3bd40	fix(api): drop err.message from 500 response body (CWE-209) Catch-all error handlers in lib/api/errors.js and server.js were echoing raw err.message to clients. Replace with a fixed generic message; the full error continues to be logged server-side via pino. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-31 20:45:08 +10:00
root	75afedaef0	feat(api): error + validate + pagination plumbing Add lib/api/{errors,validate,pagination,index}.js: typed ApiError subclasses, errorMiddleware, zod-backed validate(), parsePagination with caps, and a mountApi() that owns /api routing + 404 + error tail. server.js delegates /api to mountApi and drops the inline /api/spaces smoke (returns in Task 2). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-31 16:37:06 +10:00

Author

SHA1

Message

Date

root

1208b3bd40

fix(api): drop err.message from 500 response body (CWE-209)

Catch-all error handlers in lib/api/errors.js and server.js were
echoing raw err.message to clients. Replace with a fixed generic
message; the full error continues to be logged server-side via pino.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-05-31 20:45:08 +10:00

root

75afedaef0

feat(api): error + validate + pagination plumbing

Add lib/api/{errors,validate,pagination,index}.js: typed ApiError
subclasses, errorMiddleware, zod-backed validate(), parsePagination
with caps, and a mountApi() that owns /api routing + 404 + error tail.
server.js delegates /api to mountApi and drops the inline /api/spaces
smoke (returns in Task 2).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-05-31 16:37:06 +10:00

2 Commits