kaffa/cloud-orchestrator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: address code review issues (security, performance, quality)

Browse Source 
Security:
- Add JSON.parse error handling (return 400 instead of 500)
- Add rate limiting fallback when KV unavailable (in-memory Map)
- Add AI prompt injection protection (sanitizeForAIPrompt)

Performance:
- Optimize VPS benchmark matching (O(1) Map lookup vs O(n*m) loop)
- Reduce AI candidates from 50 to 15 (saves ~60% API cost)
- Centralize magic numbers in LIMITS config

Code Quality:
- Remove dead code (unused queryVPSBenchmarks function)
- Extract duplicated region SQL to DEFAULT_REGION_FILTER_SQL
- Replace hardcoded provider IDs with name-based filtering
- Move magic numbers to config.ts LIMITS object

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
kappa
2026-01-25 18:08:06 +09:00
parent b682abc45d
commit 7dfd3659ec
4 changed files with 99 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/handlers/servers.ts
View File

@@ -3,7 +3,7 @@
*/
import type { Env } from '../types';
import { jsonResponse, isValidServer } from '../utils';
import { jsonResponse, isValidServer, DEFAULT_REGION_FILTER_SQL } from '../utils';
/**
* GET /api/servers - Server list with filtering
@@ -49,23 +49,8 @@ export async function handleGetServers(
JOIN providers p ON it.provider_id = p.id
JOIN pricing pr ON pr.instance_type_id = it.id
JOIN regions r ON pr.region_id = r.id
WHERE p.id IN (1, 2) -- Linode, Vultr only
AND (
-- Korea (Seoul)
r.region_code IN ('icn', 'ap-northeast-2') OR
LOWER(r.region_name) LIKE '%seoul%' OR
-- Japan (Tokyo, Osaka)
r.region_code IN ('nrt', 'itm', 'ap-northeast-1', 'ap-northeast-3') OR
LOWER(r.region_code) LIKE '%tyo%' OR
LOWER(r.region_code) LIKE '%osa%' OR
LOWER(r.region_name) LIKE '%tokyo%' OR
LOWER(r.region_name) LIKE '%osaka%' OR
-- Singapore
r.region_code IN ('sgp', 'ap-southeast-1') OR
LOWER(r.region_code) LIKE '%sin%' OR
LOWER(r.region_code) LIKE '%sgp%' OR
LOWER(r.region_name) LIKE '%singapore%'
)
WHERE LOWER(p.name) IN ('linode', 'vultr')
AND ${DEFAULT_REGION_FILTER_SQL}
`;
const params: (string | number)[] = [];