mchus/QuoteForge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 22 Wiki Activity

Harden local runtime safety and error handling

Browse Source
This commit is contained in:
Mikhail Chusavitin
2026-03-15 16:28:32 +03:00
parent f0e6bba7e9
commit c964d66e64
25 changed files with 726 additions and 245 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
bible-local/01-overview.md
View File

@@ -25,6 +25,7 @@ QuoteForge is currently a **single-user thick client** bound to `localhost`.
- The local HTTP/UI layer is not treated as a multi-user security boundary.
- RBAC is not part of the active product contract for the local client.
- The authoritative authentication boundary is the remote sync server and its DB credentials captured during setup.
- Runtime startup must reject non-loopback `server.host` values; remote bind is not a supported deployment mode.
- If the app is ever exposed beyond `localhost`, auth/RBAC must be reintroduced as an enforced perimeter before release.
### Price Freshness Indicators

1
bible-local/04-api.md
View File

@@ -78,6 +78,7 @@
`POST /api/projects/:uuid/vendor-import` accepts `multipart/form-data` with one required file field:
- `file` — vendor configurator export in `CFXML` format
- max request file size: `1 GiB`; oversized uploads are rejected before parsing
### Sync

5
bible-local/05-config.md
View File

@@ -41,7 +41,7 @@ Rules:
```yaml
server:
host: "0.0.0.0"
host: "127.0.0.1"
port: 8080
mode: "release" # release | debug
@@ -54,6 +54,9 @@ backup:
time: "00:00" # HH:MM in local time
```
`server.host` must stay on loopback (`127.0.0.1`, `localhost`, or `::1`).
QuoteForge startup rejects non-loopback bind addresses because the local client has no auth/RBAC perimeter.
---
## Environment Variables

4
bible-local/06-backup.md
View File

@@ -5,8 +5,7 @@
Automatic rotating ZIP backup system for local data.
**What is included in each archive:**
- SQLite DB (`qfs.db`)
- SQLite sidecars (`qfs.db-wal`, `qfs.db-shm`) if present
- Consistent SQLite snapshot stored as `qfs.db`
- `config.yaml` if present
**Archive name format:** `qfs-backp-YYYY-MM-DD.zip`
@@ -78,6 +77,7 @@ type BackupConfig struct {
## Implementation Notes
- `backup.time` is in **local time** without timezone offset parsing
- Backup captures a consistent SQLite snapshot via `VACUUM INTO` before zipping; it does not archive live `-wal` / `-shm` sidecars directly
- `.period.json` is the marker that prevents duplicate backups within the same period
- Archive filenames contain only the date; uniqueness is ensured by per-period directories + the period marker
- When changing naming or retention: update both the filename logic and the prune logic together

1
bible-local/09-vendor-spec.md
View File

@@ -171,6 +171,7 @@ This import path must convert one external workspace into one QuoteForge project
- One top-level configuration group inside the workspace = one QuoteForge configuration.
- Software rows are **not** imported as standalone configurations.
- All software rows must be attached to the configuration group they belong to.
- Upload guardrail: the incoming `CFXML` file must not exceed `1 GiB`; larger payloads are rejected before XML parsing.
### Configuration Grouping