fix(tools): clear timeout timers and update audit state
This commit is contained in:
William Valentin
@@ -3,6 +3,13 @@
|
||||
Date: 2026-02-16
|
||||
Scope: Production-risk-first audit of bugs, code improvements, and feature opportunities.
|
||||
|
||||
## Remediation Status (2026-02-16)
|
||||
|
||||
- ✅ F-001 addressed: chat markdown rendering now sanitizes HTML before DOM insertion in `src/gateway/ui/pages/chat.js` (and legacy `src/gateway/ui/chat.html`).
|
||||
- ✅ F-006 addressed: inbound HTTP request bodies now enforce a configurable max-size limit (`server.max_request_body_bytes`) with `413 Payload Too Large` responses.
|
||||
- ✅ F-007 addressed: `ToolExecutor` timeout timer handles are now cleared in `finally`, preventing orphan timers on fast/failed tool calls.
|
||||
- ✅ F-016 partially addressed: gateway + webhook body readers were consolidated into shared utility `src/utils/httpBody.ts` with size-limit enforcement.
|
||||
|
||||
## Executive Summary
|
||||
|
||||
Current health snapshot:
|
||||
|
||||
Reference in New Issue
Block a user