Skip to content

feat: security hardening, test coverage and refactoring#34

Merged
zx06 merged 7 commits intomainfrom
optimize/security-and-tests
Mar 23, 2026
Merged

feat: security hardening, test coverage and refactoring#34
zx06 merged 7 commits intomainfrom
optimize/security-and-tests

Conversation

@zx06
Copy link
Copy Markdown
Owner

@zx06 zx06 commented Mar 22, 2026

Summary

Security & Robustness

  • MCP HTTP Timeout: Add request timeout wrapper (60s default) to StreamableHTTP handler
  • Graceful Shutdown: Add signal handling (SIGINT/SIGTERM) for proper HTTP server shutdown
  • JSON Marshal Error Handling: Fix ignored json.MarshalIndent errors in output writer

Test Coverage

  • SSH Passphrase Tests: Add unit tests for passphrase-protected keys (correct/wrong passphrase)
  • SSH CLI Flag E2E Tests: Add E2E tests for --ssh-skip-known-hosts-check, --ssh-identity-file, --ssh-user, --ssh-host
  • Configurable Timeout: Add --query-timeout and --schema-timeout flags (also configurable in profile via query_timeout/schema_timeout)

Refactoring

  • Consolidate ProfileInfo: Move profileInfo struct to internal/config for shared use between cmd/xsql and internal/mcp
  • Documentation: Update docs/testing.md (SSH testing) and docs/config.md (timeout config)

Breaking Changes

None - all changes are backward compatible.

Testing

  • All unit tests pass: go test ./...
  • All E2E tests pass: go test -tags=e2e ./tests/e2e/...

zx06 added 3 commits March 22, 2026 19:40
@zx06
fix: MCP HTTP timeout and graceful shutdown
ad5c149 
- Add request timeout wrapper to StreamableHTTP handler (60s default)
- Add signal handling for graceful shutdown (SIGINT/SIGTERM)
- Add NewStreamableHTTPHandlerWithTimeout for custom timeout
- Fix ignored json.MarshalIndent error in output writer

Security: prevents unbounded HTTP request handling
Robustness: proper server shutdown on interrupt signals
@zx06
test: add SSH CLI flag tests and passphrase tests, timeout config
fcfd84d 
- Add passphrase-protected key tests (correct/wrong passphrase)
- Add E2E tests for SSH CLI flags (--ssh-skip-known-hosts-check,
  --ssh-identity-file, --ssh-user, --ssh-host)
- Add configurable query timeout (--query-timeout flag, profile config)
- Add configurable schema timeout (--schema-timeout flag, profile config)
- Add query_timeout and schema_timeout fields to Profile config
@zx06
refactor: consolidate profileInfo and update docs
1249868 
- Add shared ProfileInfo struct and ProfileToInfo helper to config package
- Update cmd/xsql/profile.go to use shared ProfileInfo
- Update internal/mcp/tools.go to use shared ProfileInfo
- Add SSH testing documentation to docs/testing.md
- Add timeout configuration to docs/config.md
@zx06 zx06 closed this Mar 22, 2026
@zx06 zx06 reopened this Mar 22, 2026
@codecov
Copy link
Copy Markdown

codecov bot commented Mar 22, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 43.63636% with 31 lines in your changes missing coverage. Please review.
✅ Project coverage is 81.11%. Comparing base (2a58171) to head (c63ac09).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
internal/config/types.go 0.00% 9 Missing ⚠️
cmd/xsql/mcp.go 0.00% 8 Missing ⚠️
cmd/xsql/query.go 37.50% 3 Missing and 2 partials ⚠️
cmd/xsql/schema.go 37.50% 3 Missing and 2 partials ⚠️
internal/mcp/tools.go 60.00% 1 Missing and 1 partial ⚠️
internal/output/writer.go 60.00% 1 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main      #34      +/-   ##
==========================================
- Coverage   82.03%   81.11%   -0.92%     
==========================================
  Files          37       38       +1     
  Lines        2449     2468      +19     
==========================================
- Hits         2009     2002       -7     
- Misses        331      354      +23     
- Partials      109      112       +3
Flag Coverage Δ
e2e 44.20% <0.00%> (-0.11%) ⬇️
integration 44.20% <0.00%> (-0.11%) ⬇️
unittests 67.09% <43.63%> (-0.81%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Mar 23, 2026

Quality Gate Passed Quality Gate passed

Issues
13 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@zx06 zx06 merged commit 9f2277f into main Mar 23, 2026
11 checks passed
@zx06 zx06 deleted the optimize/security-and-tests branch March 23, 2026 12:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@zx06