Christian Nennemann
394199b19b
Full codebase review by 4 independent agents (security, architecture,
code quality, correctness) identified ~80 findings. This commit fixes 40
of them across all workspace crates.
Critical fixes:
- Federation service: validate origin against mTLS cert CN/SAN (C1)
- WS bridge: add DM channel auth, size limits, rate limiting (C2)
- hpke_seal: panic on error instead of silent empty ciphertext (C3)
- hpke_setup_sender_and_export: error on parse fail, no PQ downgrade (C7)
Security fixes:
- Zeroize: seed_bytes() returns Zeroizing<[u8;32]>, private_to_bytes()
returns Zeroizing<Vec<u8>>, ClientAuth.access_token, SessionState.password,
conversation hex_key all wrapped in Zeroizing
- Keystore: 0o600 file permissions on Unix
- MeshIdentity: 0o600 file permissions on Unix
- Timing floors: resolveIdentity + WS bridge resolve_user get 5ms floor
- Mobile: TLS verification gated behind insecure-dev feature flag
- Proto: from_bytes default limit tightened from 64 MiB to 8 MiB
Correctness fixes:
- fetch_wait: register waiter before fetch to close TOCTOU window
- MeshEnvelope: exclude hop_count from signature (forwarding no longer
invalidates sender signature)
- BroadcastChannel: encrypt returns Result instead of panicking
- transcript: rename verify_transcript_chain → validate_transcript_structure
- group.rs: extract shared process_incoming() for receive_message variants
- auth_ops: remove spurious RegistrationRequest deserialization
- MeshStore.seen: bounded to 100K with FIFO eviction
Quality fixes:
- FFI error classification: typed downcast instead of string matching
- Plugin HookVTable: SAFETY documentation for unsafe Send+Sync
- clippy::unwrap_used: warn → deny workspace-wide
- Various .unwrap_or("") → proper error returns
Review report: docs/REVIEW-2026-03-04.md
152 tests passing (72 core + 35 server + 14 E2E + 1 doctest + 30 P2P)
24 lines
1.3 KiB
Markdown
24 lines
1.3 KiB
Markdown
# quicproquo — Claude Code Instructions
|
|
|
|
## Agent Team Workflow Rules
|
|
|
|
### NEVER delete worktrees before preserving changes
|
|
When using agent teams with `isolation: "worktree"`:
|
|
1. **Before calling `TeamDelete`**, always check each worktree for uncommitted or committed changes
|
|
2. **Create a named branch** from each worktree's HEAD and push/preserve it before cleanup
|
|
3. **Preferred pattern**: use `git branch fix/<name> <worktree-HEAD-sha>` to save the work
|
|
4. If an agent reports changes, its worktree branch MUST be merged or saved before the team is deleted
|
|
|
|
### Agent team best practices
|
|
- Always have agents **commit their changes** with descriptive messages before shutting them down
|
|
- After all agents report, **list worktrees** (`git worktree list`) and **save branches** before cleanup
|
|
- When using worktree isolation, the sequence must be: agents finish → save branches → merge → TeamDelete
|
|
- Never call TeamDelete as a shortcut to kill zombie agents — use `rm -rf ~/.claude/teams/<name>` for the team metadata only, preserving worktree dirs
|
|
|
|
### Git workflow
|
|
- Conventional commits: `feat:`, `fix:`, `chore:`, `docs:`, `test:`, `refactor:`
|
|
- GPG-signed commits only
|
|
- No `Co-authored-by` trailers
|
|
- No `.unwrap()` on crypto or I/O in non-test paths
|
|
- Secrets: zeroize on drop, never in logs
|