- idp_service.go: correct Scopes field alignment to col 13 (was 5 spaces,
needs 6 to match AuthUrl/TokenUrl/UserInfoUrl group); revert over-correction
from previous commit that wrongly added FieldMapping to the alignment group
- instance_service.go: add default case to switch on updateSetting.Key to
satisfy revive switch-without-default rule
- memo_service.go: fix unchecked type assertion in isSSESuppressed; use
ok && v pattern instead of discarding the ok bool
- sse_service_test.go: remove unused drainEvents helper function
https://claude.ai/code/session_01DVhwUL8RG8HVrcChv5qHdh
When credential fields (ClientSecret, AccessKeySecret) were replaced with
write-only comments in commit 9d3a74b, the remaining struct literal fields
were not re-aligned to match goimports expected column alignment.
- idp_service.go: align AuthUrl/TokenUrl/UserInfoUrl/Scopes at col 14
(longest field FieldMapping = 12 chars in post-comment group)
- instance_service.go: align AccessKeyId alone at col 13, and
Endpoint/Region/Bucket at col 14 to match UsePathStyle (longest in
post-comment group)
https://claude.ai/code/session_01DVhwUL8RG8HVrcChv5qHdh
Security fixes for credential leakage across three resources:
- NOTIFICATION setting: restrict GetInstanceSetting to admin-only
(was publicly accessible, exposing SMTP credentials)
- SMTP password: never return SmtpPassword in API responses (write-only)
- S3 secret: never return AccessKeySecret in API responses (write-only)
- OAuth2 ClientSecret: never return in API responses for any role
(was previously returned to admins); remove redactIdentityProviderResponse
in favor of omitting the field at the conversion layer
- Preserve-on-empty: when updating settings with an empty credential
field, preserve the existing stored value instead of overwriting
(applies to SmtpPassword, AccessKeySecret, and ClientSecret)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix duplicate SSE event on comment creation: CreateMemoComment now
suppresses the redundant memo.created broadcast from the inner
CreateMemo call, emitting only memo.comment.created
- Extract reaction event-building IIFEs into buildMemoReactionSSEEvent
helper, removing duplicated inline DB-fetch logic
- Promote resolveSSEAudienceCreatorID from method to free function
(resolveSSECreatorID) since it never used the receiver
- Add userID to SSE connect/disconnect log lines for traceability
- Change canReceive default from permissive (return true) to
deny-with-warning for unknown visibility types
- Add comprehensive tests covering all new helpers, visibility edge
cases, slow-client drop behavior, and the double-broadcast fix
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The failed-to-load key was only used for non-ConnectError exceptions, which
are unreachable in practice since the Connect RPC client always wraps errors
as ConnectError. Use (error as Error).message as a plain fallback instead.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
30 locale files were missing the two keys added in the auth redirect PR.
Added English fallback strings so all locales render properly until
community translations are contributed.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Claude
memoclaw
boojack
memoclaw
xun zhao
fiatcode
google-labs-jules[bot]
Nix
Johnny