feat(secrets): Implement global secret value size limit#107
Merged
Conversation
This change introduces a configurable global limit on the size of secret values stored in the system. This prevents potential denial-of-service (DoS) attacks and ensures predictable storage and memory usage. Key changes: - Added SecretValueSizeLimitBytes to config.Config with a default of 512KB. - Implemented size validation in SecretUseCase.CreateOrUpdate before encryption. - Introduced ErrTooLarge standard error and ErrSecretValueTooLarge domain error. - Mapped ErrTooLarge to HTTP 413 Payload Too Large in the global error handler. - Updated DI container to inject the size limit into the secrets use case. - Comprehensive unit and integration test updates to verify the limit and HTTP status. - Updated documentation including configuration.md, .env.example, and OpenAPI spec. Track: Add Secret Value Size Limit (Archived)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This change introduces a configurable global limit on the size of secret values stored in the system. This prevents potential denial-of-service (DoS) attacks and ensures predictable storage and memory usage.
Key changes:
Track: Add Secret Value Size Limit (Archived)