Skip to content

[ARCH-327] Address security comments #1758

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pavel-raykov merged 2 commits into from
Jan 7, 2026
Merged

[ARCH-327] Address security comments #1758

pavel-raykov merged 2 commits into from
Jan 7, 2026
+62 −13

Conversation

@pavel-raykov
Copy link
Contributor

@pavel-raykov pavel-raykov commented Jan 6, 2026

No description provided.

@github-actions
Copy link

github-actions bot commented Jan 6, 2026
edited
Loading

✅ API Diff Results - No breaking changes

📄 View full apidiff report

@pavel-raykov pavel-raykov marked this pull request as ready for review January 6, 2026 19:02
@pavel-raykov pavel-raykov requested review from a team as code owners January 6, 2026 19:02
Copilot AI review requested due to automatic review settings January 6, 2026 19:02
Copilot AI reviewed Jan 6, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request addresses security-related feedback by implementing input validation, improving error handling, and preventing accidental logging of sensitive data.

Key Changes:

  • Added validation for key name and metadata length limits
  • Implemented input validation for Ed25519 and X25519 private key sizes
  • Enhanced the Raw type to prevent accidental logging through the Format method

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
keystore/admin.go Introduces constants for max key name and metadata lengths, adds validation checks, and refactors to use these constants
keystore/keystore.go Adds private key size validation for Ed25519 and X25519 key types, reorganizes imports
keystore/internal/raw.go Implements Format method to prevent accidental logging of sensitive data via fmt verbs
keystore/reader.go Refactors to use newKeyInfo helper function for consistency
keystore/admin_test.go Updates test to compare individual key fields instead of entire structs to handle CreatedAt field differences

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@pavel-raykov pavel-raykov requested a review from jmank88 January 7, 2026 15:30
@connorwstein connorwstein added this pull request to the merge queue Jan 7, 2026
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Jan 7, 2026
@pavel-raykov pavel-raykov added this pull request to the merge queue Jan 7, 2026
Merged via the queue into main with commit cd93e32 Jan 7, 2026
35 of 36 checks passed
@pavel-raykov pavel-raykov deleted the address-sec branch January 7, 2026 17:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@jmank88 jmank88 jmank88 approved these changes

@connorwstein connorwstein connorwstein approved these changes

@timweri timweri Awaiting requested review from timweri

@krehermann krehermann Awaiting requested review from krehermann

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@pavel-raykov @jmank88 @connorwstein