johan/inou - inou - Clavitor Git

Commit Graph

Author	SHA1	Message	Date
James	93643d285b	Code review 2026-02-28: fix critical/high findings + full review report Critical fixes: - CR-001: Remove auth backdoor code 250365 (lib/dbcore.go) High fixes: - HI-001: Fix CORS wildcard to use origin allowlist (portal/api_mobile.go, portal/mcp_http.go) - HI-002: Fix LOINC skip logic - skip only if BOTH SearchKey2 AND LOINC are set (lib/normalize.go) Also added: - Full code review report at docs/CODE-REVIEW-2026-02-28.md 14 issues found: 2 critical, 4 high, 5 medium, 3 low 3 fixes applied, remaining are documented for follow-up	2026-02-28 07:20:38 -05:00

Author

SHA1

Message

Date

James

93643d285b

Code review 2026-02-28: fix critical/high findings + full review report

Critical fixes:
- CR-001: Remove auth backdoor code 250365 (lib/dbcore.go)

High fixes:
- HI-001: Fix CORS wildcard to use origin allowlist (portal/api_mobile.go, portal/mcp_http.go)
- HI-002: Fix LOINC skip logic - skip only if BOTH SearchKey2 AND LOINC are set (lib/normalize.go)

Also added:
- Full code review report at docs/CODE-REVIEW-2026-02-28.md

14 issues found: 2 critical, 4 high, 5 medium, 3 low
3 fixes applied, remaining are documented for follow-up

2026-02-28 07:20:38 -05:00

1 Commits