Skip to content

refactor: Address Copilot review nitpicks #54

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Nov 1, 2025
Merged

refactor: Address Copilot review nitpicks #54

merged 2 commits into from
Nov 1, 2025

Conversation

@kevalyq
Copy link
Contributor

@kevalyq kevalyq commented Nov 1, 2025

Follow-up to PR #53 addressing the 4 remaining Copilot review comments that were resolved without being fixed.

Changes

  • Clarified idx_key comment: Changed from "Same size as DEK, used for HMAC-SHA256" to "Generate Index Key for HMAC-SHA256 blind indexes (32 bytes)" for better clarity
  • Replaced magic number 32 in tests:
    • unwraps idx_key correctly: Use SODIUM_CRYPTO_SECRETBOX_KEYBYTES constant
    • generates envelope keys: Use SODIUM_CRYPTO_SECRETBOX_KEYBYTES for idx_wrapped check
    • generates consistent blind index: Define HMAC_SHA256_OUTPUT_BYTES constant for SHA-256 output length

Quality

  • ✅ All 30 tests passing
  • ✅ PHPStan level max clean
  • ✅ PSR-12 compliant

This addresses the nitpick comments from the Copilot review that were marked as resolved but not actually implemented.

@kevalyq
refactor: Address Copilot nitpicks - replace magic numbers with const…
f59ed25 
…ants

- Clarify idx_key inline comment (HMAC-SHA256 blind indexes)
- Replace magic number 32 with SODIUM_CRYPTO_SECRETBOX_KEYBYTES in tests
- Define HMAC_SHA256_OUTPUT_BYTES constant for SHA-256 output length
- Consistent use of libsodium constants throughout tests
Copilot AI review requested due to automatic review settings November 1, 2025 18:43
Copilot AI reviewed Nov 1, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR refactors hardcoded numeric literals in test assertions to use named constants, improving code maintainability and clarifying the intent behind cryptographic key size validations.

Key Changes:

  • Introduced HMAC_SHA256_OUTPUT_BYTES constant (32 bytes) for blind index size assertions
  • Updated test assertions to use SODIUM_CRYPTO_SECRETBOX_KEYBYTES constant instead of hardcoded 32
  • Improved code comment clarity in the TenantKey model

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File Description
tests/Feature/TenantKeyTest.php Adds HMAC_SHA256_OUTPUT_BYTES constant and replaces hardcoded 32 with appropriate named constants in test assertions
app/Models/TenantKey.php Updates comment to clarify that the index key is 32 bytes and used for HMAC-SHA256 operations

@kevalyq kevalyq merged commit 1a0a12d into main Nov 1, 2025
12 checks passed
@kevalyq kevalyq deleted the fix/address-copilot-nitpicks branch November 1, 2025 18:47
@kevalyq kevalyq mentioned this pull request Nov 1, 2025
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kevalyq