From 579789e478e5129fc3827222b1b69ddc599d44df Mon Sep 17 00:00:00 2001 From: Amolith Date: Sun, 21 Dec 2025 15:00:51 -0700 Subject: [PATCH] refactor: config permissions and done shortcut - Config file now written with 0o600 instead of 0o644 - done shortcut creates fresh command copy instead of mutating global state Assisted-by: Claude Opus 4.5 via Amp --- cmd/done.go | 14 ++++++++------ internal/config/config.go | 3 ++- 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/cmd/done.go b/cmd/done.go index 4fdfa5e9bada43bbcda1d831c59c321c86e74d9c..b5ef6cfec2c39019b609295e28a62c84cec8df88 100644 --- a/cmd/done.go +++ b/cmd/done.go @@ -11,16 +11,18 @@ import ( var doneCmd = &cobra.Command{ Use: "done ID", - Short: "Mark a task as completed", + Short: "Mark a task completed", GroupID: "shortcuts", Args: cobra.ExactArgs(1), RunE: func(cmd *cobra.Command, args []string) error { - _ = task.UpdateCmd.Flags().Set("status", "completed") + updateCmd := *task.UpdateCmd + updateCmd.Flags().AddFlagSet(task.UpdateCmd.Flags()) + _ = updateCmd.Flags().Set("status", "completed") - task.UpdateCmd.SetIn(cmd.InOrStdin()) - task.UpdateCmd.SetOut(cmd.OutOrStdout()) - task.UpdateCmd.SetErr(cmd.ErrOrStderr()) + updateCmd.SetIn(cmd.InOrStdin()) + updateCmd.SetOut(cmd.OutOrStdout()) + updateCmd.SetErr(cmd.ErrOrStderr()) - return task.UpdateCmd.RunE(task.UpdateCmd, args) + return updateCmd.RunE(&updateCmd, args) }, } diff --git a/internal/config/config.go b/internal/config/config.go index 1ed4e475bc7a8ecd3cfb8c0b45a97498e5cae282..0ab0ab35714edc6085649a2da9c56791ba82bdcb 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -106,7 +106,8 @@ func (c *Config) Save() error { return fmt.Errorf("creating config dir: %w", err) } - f, err := os.Create(path) //nolint:gosec // path is from user config dir + //nolint:gosec,mnd // path is from user config dir; 0o600 is intentional + f, err := os.OpenFile(path, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0o600) if err != nil { return fmt.Errorf("creating config file: %w", err) }