refactor: deepen module seams — inline SHA256, add NullSigner, move repository interfaces to domain#137
Merged
Merged
Conversation
…epository interfaces to domain
Three independent architectural improvements:
1. Delete SHA256HashService shallow interface and inline the hash function
directly into tokenizationUseCase as a private tokenValueHash helper.
The interface was a pass-through with no leverage; inlining gives callers
real hash values in tests instead of mocked stubs.
2. Add keyring.NullSigner{} as an explicit no-op KeySigner for tests that
do not exercise signing behaviour, and remove the silent nil-guard code
path in AuditLogUseCase. Legacy unsigned audit logs in integration tests
are now written directly via the repository, correctly modelling data
that predates the signing feature.
3. Move repository interfaces (SecretRepository, TokenizationKeyRepository,
TokenRepository, ClientRepository, AuditLogRepository) from usecase
packages into their corresponding domain packages, following the
pattern already established by transit/domain. Remove the
TransitKeyRepository type alias from transit/usecase. All usecase
implementations and DI wiring updated to use the domain-qualified names.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
SHA256HashServiceshallow interface and inline the hash function as a privatetokenValueHashhelper intokenizationUseCase. The interface was a pass-through with zero leverage; tests now exercise the real hash path instead of mocking it.keyring.NullSigner{}as an explicit no-opKeySignerfor tests, and remove the silentnil-guard inAuditLogUseCase. Integration test legacy-log scenarios now insert rows directly via the repository — correctly modelling pre-signing-era data.SecretRepository,TokenizationKeyRepository,TokenRepository,ClientRepository,AuditLogRepository) from usecase packages into their corresponding domain packages, following the pattern established bytransit/domain. Remove theTransitKeyRepositorytype alias fromtransit/usecase. All usecase implementations and DI wiring updated.Test plan
make testpasses (1176 tests, 42 packages)go vet ./...cleanmake test-integrationagainst a live database🤖 Generated with Claude Code