Address code review feedback: improve security, error handling, and documentation

Co-authored-by: mblanke <9078342+mblanke@users.noreply.github.com>
2026-03-01 06:10:21 -05:00 · 2025-12-03 12:56:41 +00:00
parent c5a2741c90
commit 70fb291bf1
3 changed files with 25 additions and 5 deletions
--- a/services/dashboard/NetworkMap.jsx
+++ b/services/dashboard/NetworkMap.jsx
@@ -39,11 +39,18 @@ const NetworkMap = ({ scanId, onNodeClick }) => {
  };

  const initializeNetwork = () => {
-    // NOTE: This requires cytoscape.js to be installed: npm install cytoscape
-    // import cytoscape from 'cytoscape';
+    // NOTE: This component is a template for network visualization.
+    // To use it, you must:
+    // 1. Install cytoscape: npm install cytoscape
+    // 2. Uncomment the code below and add the import at the top
+    // 3. Build your React application with a bundler (webpack, vite, etc.)
+    //
+    // For a simpler integration without React build system, see INTEGRATION_EXAMPLE.md
    
    // Example initialization (requires actual cytoscape import)
    /*
+    import cytoscape from 'cytoscape';
+    
    const cy = cytoscape({
      container: containerRef.current,
      elements: buildGraphElements(hosts),
--- a/services/hackgpt-api/app/config_validator.py
+++ b/services/hackgpt-api/app/config_validator.py
@@ -195,8 +195,21 @@ def _check_common_issues(config_data: Dict[str, Any]) -> Tuple[List[str], List[s
    errors = []
    warnings = []
    
+    # Validate that config_data is a dict and not too large
+    if not isinstance(config_data, dict):
+        errors.append("Configuration must be a dictionary")
+        return errors, warnings
+    
+    if len(config_data) > 1000:
+        warnings.append("Configuration has unusually large number of keys (>1000)")
+    
    # Check for null/undefined values
    for key, value in config_data.items():
+        # Validate key is a string
+        if not isinstance(key, str):
+            warnings.append(f"Configuration key {key} is not a string")
+            continue
+        
        if value is None:
            warnings.append(f"Value for '{key}' is null - will use default")
    
--- a/services/hackgpt-api/app/main.py
+++ b/services/hackgpt-api/app/main.py
@@ -1057,14 +1057,14 @@ async def get_nmap_hosts(scan_id: Optional[str] = None):
 # ============== Voice Control Endpoints ==============

@app.post("/api/voice/transcribe")
-async def transcribe_audio(audio: bytes = None):
+async def transcribe_audio(audio_data: Optional[bytes] = None):
    """Transcribe audio to text using Whisper"""
-    if not audio:
+    if not audio_data:
        raise HTTPException(status_code=400, detail="No audio data provided")
    
    try:
        from . import voice
-        result = voice.transcribe_audio(audio)
+        result = voice.transcribe_audio(audio_data)
        return result
    except Exception as e:
        raise HTTPException(status_code=500, detail=f"Transcription error: {str(e)}")