snapapi: session 54 — cancelled tier fix, security improvements, 338 tests
This commit is contained in:
Hoid
parent
e4d9233ab7
commit
9a16f5e7da
10 changed files with 179 additions and 18 deletions
|
|
@ -1,3 +1,11 @@
|
|||
## BUG-099: provisionedSessions Set in billing.ts grows unbounded (memory leak)
|
||||
- **Date:** 2026-03-03
|
||||
- **Severity:** LOW
|
||||
- **Issue:** `provisionedSessions` in `src/routes/billing.ts` is an unbounded `Set<string>` that stores every Stripe checkout session ID forever. Used to prevent duplicate key provisioning on success page refresh. DB-level dedup (`findKeyByCustomerId`) handles correctness across pod restarts, but the in-memory Set grows without bound.
|
||||
- **Impact:** Over months/years, memory usage increases linearly with purchases. Low real-world impact given expected volume, but a code quality issue.
|
||||
- **Fix:** Replace with a TTL Map that auto-expires entries after 24h.
|
||||
- **Status:** ✅ FIXED — commit 5f776db. Replaced Set with TTL Map (24h expiry, hourly cleanup). 4 TDD tests added. 447 tests total, all passing. Pushed to main (staging auto-deploy).
|
||||
|
||||
## BUG-098: Request interceptor leaks across browser pool pages after URL-to-PDF conversion
|
||||
- **Date:** 2026-03-02
|
||||
- **Severity:** MEDIUM
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue