Skip to content

fix: resolve lint errors, expand test suite, and add form example#1

Merged
fsecada01 merged 2 commits into
masterfrom
claude/review-app-progress-0LKNW
Feb 21, 2026
Merged

fix: resolve lint errors, expand test suite, and add form example#1
fsecada01 merged 2 commits into
masterfrom
claude/review-app-progress-0LKNW

Conversation

@fsecada01

Copy link
Copy Markdown
Owner
  • Fix 27 ruff lint errors (unused imports, deprecated typing.Type, line
    length) and reformat 9 files to match project style
  • Add comprehensive tests for Component, FormComponent, Registry,
    InMemoryStateStore, and WebSocket manager (5 → 81 tests)
  • Add FastAPI form example with ContactForm component and Jinja template
    demonstrating Pydantic validation
  • Update pyproject.toml author placeholder with repo owner
  • Clarify RateLimitMixin as not-yet-implemented in docstring

https://claude.ai/code/session_01C2Q6DUxequpAZMEtxQPvkS

- Fix 27 ruff lint errors (unused imports, deprecated typing.Type, line
  length) and reformat 9 files to match project style
- Add comprehensive tests for Component, FormComponent, Registry,
  InMemoryStateStore, and WebSocket manager (5 → 81 tests)
- Add FastAPI form example with ContactForm component and Jinja template
  demonstrating Pydantic validation
- Update pyproject.toml author placeholder with repo owner
- Clarify RateLimitMixin as not-yet-implemented in docstring

https://claude.ai/code/session_01C2Q6DUxequpAZMEtxQPvkS
@fsecada01 fsecada01 merged commit c481a7c into master Feb 21, 2026
1 check passed
fsecada01 added a commit that referenced this pull request Jul 1, 2026
Component state round-trips to the client unsigned — the #1 security
gap (Epic A). This adds HMAC-SHA256 state signing at the
StateSerializer choke point so every adapter is covered.

- New stdlib-only core/signing.py: StateSigner + CorruptStateError.
  Versioned token format cfs1.<b64url(payload)>.<b64url(mac)>; the MAC
  binds the version prefix to prevent cross-format confusion; verify
  uses hmac.compare_digest.
- Key config: StateSigner.configure(secret) or STATE_SIGNING_KEY env
  var. Sequence / comma-separated values enable rotation: first key
  signs, all keys verify (A2 groundwork). Unconfigured = disabled
  (legacy pass-through) with a one-time prominent warning.
- Enabled mode: all outbound state is signed; inbound MUST be a valid
  token — plain JSON strings and raw dicts raise CorruptStateError
  (no unsigned fallback).
- Closed the dict bypass: FastAPI, Flask, Litestar, Django FBV/CBV,
  and the WebSocket manager now route inbound state through the new
  StateSerializer.load_untrusted() single entry point (a client could
  previously submit state as a JSON object and skip deserialization).
- Django ComponentView.handle_error() now maps client input errors
  (ValueError, incl. corrupt state) to 400 instead of 500, matching
  the other adapters.
- Docs: docs/STATE_SIGNING.md (per-adapter setup + rotation
  procedure, covers A2 doc scope); README + CHANGELOG updated.
- Tests: 36 new tests in tests/test_signing.py (round-trip, tamper /
  truncation / garbage rejection, rotation, env pickup, disabled-mode
  parity, FastAPI integration incl. tampered-state 400).

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
fsecada01 added a commit that referenced this pull request Jul 1, 2026
Component state round-trips to the client unsigned — the #1 security
gap (Epic A). This adds HMAC-SHA256 state signing at the
StateSerializer choke point so every adapter is covered.

- New stdlib-only core/signing.py: StateSigner + CorruptStateError.
  Versioned token format cfs1.<b64url(payload)>.<b64url(mac)>; the MAC
  binds the version prefix to prevent cross-format confusion; verify
  uses hmac.compare_digest.
- Key config: StateSigner.configure(secret) or STATE_SIGNING_KEY env
  var. Sequence / comma-separated values enable rotation: first key
  signs, all keys verify (A2 groundwork). Unconfigured = disabled
  (legacy pass-through) with a one-time prominent warning.
- Enabled mode: all outbound state is signed; inbound MUST be a valid
  token — plain JSON strings and raw dicts raise CorruptStateError
  (no unsigned fallback).
- Closed the dict bypass: FastAPI, Flask, Litestar, Django FBV/CBV,
  and the WebSocket manager now route inbound state through the new
  StateSerializer.load_untrusted() single entry point (a client could
  previously submit state as a JSON object and skip deserialization).
- Django ComponentView.handle_error() now maps client input errors
  (ValueError, incl. corrupt state) to 400 instead of 500, matching
  the other adapters.
- Docs: docs/STATE_SIGNING.md (per-adapter setup + rotation
  procedure, covers A2 doc scope); README + CHANGELOG updated.
- Tests: 36 new tests in tests/test_signing.py (round-trip, tamper /
  truncation / garbage rejection, rotation, env pickup, disabled-mode
  parity, FastAPI integration incl. tampered-state 400).

Co-authored-by: Claude Fable 5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants