• Home
  • Features
  • Pricing
  • Docs
  • Announcements
  • Sign In

tecnickcom / gogen / 28744525707
100%

Build:
DEFAULT BRANCH: main
Ran 05 Jul 2026 02:52PM UTC
Jobs 1
Files 165
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst

05 Jul 2026 02:47PM UTC coverage: 99.944%. Remained the same
28744525707

push

github

nicolaasuni
feat(httpclient)!: redact logged secrets, bound debug dumps, and tune transport

Rework the outbound HTTP client for safe logging, bounded debug dumps, correct timeouts, and richer configuration. Also add traceid.ForceContext and redact inbound query secrets in httpserver request logs.

Security and redaction:
- Redact query-string secrets in every httpclient log field, including the error field of a failed request whose embedded *url.Error has its query and userinfo stripped.
- Redact query secrets in the httpserver request_query and request_uri log fields (new redactRequestURI helper), closing the inbound-side leak.

Logging and observability:
- Log response_code and the advertised response_content_length, add request_host, and drop the always-empty client-side request_uri field.
- Measure response_duration from a monotonic clock so it is immune to wall-clock adjustments.
- Use a constant log message so the log-field prefix applies to field names only.

Debug dumps:
- Bound dumped bodies with WithMaxDumpSize (default 1 MiB): omit unknown-length or streaming request bodies to avoid a DumpRequestOut deadlock, and truncate over-cap or unknown-length response bodies while still delivering the full body to the caller.
- Surface dump failures as request_dump_error/response_dump_error fields instead of silently dropping them.

Trace ID:
- Resolve the outbound trace ID from context, then a valid caller-set header, then a generated UUIDv7, and force it onto the request context so header, context, and log agree; invalid IDs are replaced to prevent header injection. Adds traceid.ForceContext.

Timeouts and lifecycle:
- Apply the per-request deadline via the request context (single timer, propagating to custom round-trippers and dialers) and leave http.Client.Timeout zero; a zero or negative timeout disables it.
- Cancel the per-request context when the response body is closed, and guard the cancel so the timeout timer is released on every return path, includin... (continued)

218 of 218 new or added lines in 4 files covered. (100.0%)

12566 of 12573 relevant lines covered (99.94%)

97443.98 hits per line

Jobs
ID Job ID Ran Files Coverage
1 28744525707.1 05 Jul 2026 02:52PM UTC 165
99.94
GitHub Action Run
Source Files on build 28744525707
  • Tree
  • List 165
  • Changed 4
  • Source Changed 4
  • Coverage Changed 4
Coverage ∆ File Lines Relevant Covered Missed Hits/Line
  • Back to Repo
  • Github Actions Build #28744525707
  • 8b0d85bf on github
  • Prev Build on main (#28741253742)
  • Next Build on main (#28746980286)
  • Delete
STATUS · Troubleshooting · Open an Issue · Sales · Support · CAREERS · ENTERPRISE · START FREE · SCHEDULE DEMO
ANNOUNCEMENTS · TWITTER · TOS & SLA · Supported CI Services · What's a CI service? · Automated Testing

© 2026 Coveralls, Inc