fix: prevent panics in robot-mode JSON output and arithmetic paths

Peer code review found multiple panic-reachable paths: 1. serde_json::to_string().unwrap() in 4 robot-mode output functions (who.rs, main.rs x3). If serialization ever failed (e.g., NaN from edge-case division), the CLI would panic with an unhelpful stack trace. Replaced with unwrap_or_else that emits a structured JSON error fallback. 2. encode_rowid() in chunk_ids.rs used unchecked multiplication (document_id * 1000). On extreme document IDs this could silently wrap in release mode, causing embedding rowid collisions. Now uses checked_mul + checked_add with a diagnostic panic message. 3. HTTP response body truncation at byte index 500 in client.rs could split a multi-byte UTF-8 character, causing a panic. Now uses floor_char_boundary(500) for safe truncation. 4. who.rs reviews mode: SQL used `m.author_username != ?1` which silently dropped MRs with NULL author_username (SQL NULL != anything = NULL). Changed to `(m.author_username IS NULL OR m.author_username != ?1)` to match the pattern already used in expert mode. 5. handle_auth_test hardcoded exit code 5 for all errors regardless of type. Config not found (20), token not set (4), and network errors (8) all incorrectly returned 5. Now uses e.exit_code() from the actual LoreError, with proper suggestion hints in human mode. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 07:55:20 -05:00
parent 121a634653
commit e6b880cbcb
4 changed files with 53 additions and 21 deletions
--- a/src/gitlab/client.rs
+++ b/src/gitlab/client.rs
@@ -70,15 +70,19 @@ impl GitLabClient {
        headers.insert(ACCEPT, HeaderValue::from_static("application/json"));

        let client = Client::builder()
-            .default_headers(headers)
+            .default_headers(headers.clone())
            .timeout(Duration::from_secs(30))
            .build()
            .unwrap_or_else(|e| {
                warn!(
                    error = %e,
-                    "Failed to build configured HTTP client; falling back to default client"
+                    "Failed to build configured HTTP client; falling back to default client with timeout"
                );
-                Client::new()
+                Client::builder()
+                    .default_headers(headers)
+                    .timeout(Duration::from_secs(30))
+                    .build()
+                    .unwrap_or_else(|_| Client::new())
            });

        Self {
@@ -180,7 +184,7 @@ impl GitLabClient {
                let text = response.text().await?;
                serde_json::from_str(&text).map_err(|e| {
                    let preview = if text.len() > 500 {
-                        &text[..500]
+                        &text[..text.floor_char_boundary(500)]
                    } else {
                        &text
                    };