bretton.dev
code
Clone this repository
https://tangled.org/bretton.dev/coves
git@knot.bretton.dev:bretton.dev/coves
For self-hosted knots, clone URLs may differ based on your setup.
CRITICAL FIX: Replace password hashing with encryption to enable session recovery.
Changes:
- Add pds_password_encrypted column (BYTEA) for encrypted password storage
- Drop legacy pds_password_hash column (bcrypt prevents session recovery)
- Drop plaintext pds_access_token and pds_refresh_token columns
- Migration 006 already added encrypted token columns
Why encryption over hashing:
When access/refresh tokens expire (90-day window), we need plaintext password
to call com.atproto.server.createSession. Bcrypt hashing prevents this recovery.
Security: Uses PostgreSQL pgp_sym_encrypt with encryption_keys table.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Comprehensive error handling improvements across all test files:
Error handling patterns applied:
- defer db.Close() → defer func() { if err := db.Close(); err != nil { t.Logf(...) } }()
- defer resp.Body.Close() → defer func() { _ = resp.Body.Close() }()
- defer conn.Close() → defer func() { _ = conn.Close() }()
- body, _ := io.ReadAll(...) → proper error checking with t.Fatalf()
- json.Marshal/Unmarshal → proper error checking with descriptive variable names
- os.Setenv/Unsetenv → proper error checking in tests
- didGen.GenerateCommunityDID() → proper error checking with t.Fatalf()
Test data fixes:
- Fix community profile test: add required fields (handle, createdBy, hostedBy, visibility)
- Ensure all lexicon validation tests pass with proper schema data
Files updated (12 test files):
- tests/lexicon_validation_test.go
- tests/unit/community_service_test.go
- tests/e2e/user_signup_test.go
- tests/integration/community_consumer_test.go
- tests/integration/community_credentials_test.go
- tests/integration/community_e2e_test.go
- tests/integration/community_repo_test.go
- tests/integration/community_v2_validation_test.go
- tests/integration/identity_resolution_test.go
- tests/integration/jetstream_consumer_test.go
- tests/integration/oauth_test.go
- tests/integration/user_test.go
All test files now pass golangci-lint with proper error handling.
All tests continue to pass with 100% success rate.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Applied gofmt -w to all source files to ensure consistent formatting.
Changes include:
- Standardized import grouping (stdlib, external, internal)
- Aligned struct field definitions
- Consistent spacing in composite literals
- Simplified code where gofmt suggests improvements
All files now pass gofmt and gofumpt strict formatting checks.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Configuration changes:
- Add gofmt, gofumpt, and goimports linters to .golangci.yml
- Configure gofmt.simplify to simplify code where possible
- Configure gofumpt with extra-rules for stricter formatting
- Configure errcheck.check-blank=false to allow blank assignments in defer closures (idiomatic Go)
- Disable govet shadow checking to reduce noise in tests (common practice)
- Exclude local_dev_data and vendor directories from linting
Makefile enhancements:
- Add 'fmt' target: format all Go code with gofmt
- Add 'fmt-check' target: verify code is formatted (CI-friendly, fails if not formatted)
- Update 'lint' target: now runs fmt-check automatically before linting
- Update 'lint-fix' target: runs golangci-lint --fix AND gofmt
- Update linter to run on specific paths (./cmd/... ./internal/... ./tests/...) to avoid permission issues
Formatting is now enforced as part of the standard lint workflow.
Running 'make lint' will catch both code issues and formatting problems.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Fix errcheck issues: add error handling for unchecked returns
- Added proper error checks for JSON encoders with logging
- Wrapped deferred cleanup calls (Close, Rollback) with anonymous functions
- Added error handling for SetReadDeadline, Write, and HTTP response operations
- Fix shadow declarations: rename variables to avoid shadowing
- Renamed inner error variables to descriptive names (closeErr, rollbackErr, marshalErr, etc.)
- Fixed shadow issues in cmd/genjwks, cmd/server, and internal packages
- Fix staticcheck issues: document empty branches
- Added explanatory comments for intentionally empty branches
- Made error handling more explicit with updateErr variables
- Remove unused functions to clean up codebase
- Removed putRecordOnPDS() in communities service
- Removed extractDomain() in communities service
- Removed validateHandle() in jetstream community consumer
- Removed nullBytes() in postgres community repo
- Removed unused strings import
- Simplify nil checks for slices per gosimple suggestions
- len() for nil slices is defined as zero, removed redundant nil checks
All production code now passes golangci-lint with zero errors.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
This PR implements the V2 Communities Architecture with critical fixes
for production readiness.
## V2 Architecture Highlights
**Communities now own their own repositories:**
- Each community has its own DID (did:plc:xxx)
- Each community owns its own atProto repository (at://community_did/...)
- Communities are truly portable (can migrate between instances)
- Follows atProto patterns (matches feed generators, labelers)
## Critical Fixes
1. **PDS Credential Persistence**: Fixed bug where credentials were lost
on server restart, causing community updates to fail
2. **Encryption at Rest**: Community PDS credentials encrypted using
PostgreSQL pgcrypto
3. **Handle Simplification**: Single handle field (removed duplicate
atProtoHandle), using subdomain pattern (*.communities.coves.social)
4. **Default Domain Fix**: Changed from coves.local → coves.social to
avoid .local TLD validation errors
5. **V2 Enforcement**: Removed V1 compatibility, strict rkey="self"
## Testing
- ✅ Full E2E test coverage (PDS → Jetstream → AppView)
- ✅ Integration tests for credential persistence
- ✅ Unit tests for V2 validation
- ✅ Real Jetstream firehose consumption
## Documentation
- Updated PRD_COMMUNITIES.md with V2 status
- Created PRD_BACKLOG.md for technical debt tracking
- Documented handle refactor and security considerations
## Security Notes
- Added TODO for did:web domain verification (prevents impersonation)
- Documented in PRD_BACKLOG.md as P0 priority
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>