diff options
Diffstat (limited to 'AGENTS.md')
| -rw-r--r-- | AGENTS.md | 7 |
1 files changed, 6 insertions, 1 deletions
@@ -49,9 +49,14 @@ To maintain a high-velocity development cycle without sacrificing correctness, w - **Parallelism**: Use `t.Parallel()` in integration and E2E tests. Use `t.TempDir()` to ensure resource isolation. - **Granular Timeouts**: All system calls, network operations, and external command executions must be wrapped in a `context.WithTimeout` (typically 2-5 seconds) to prevent hanging tests. - **Interface Mocking**: Use interfaces for "heavy" system operations (e.g., routing, namespace creation) to allow fast unit testing of logic via mocks, reserving real syscalls for the integration tier. - - **Shared Fixtures**: Use `sync.Once` or `TestMain` for expensive setup (e.g., Virtual Peer) to avoid redundant boot-ups across tests. + ### 2. Testing & Stubbing Conventions +... +- **Interface Mocking**: Use interfaces for "heavy" system operations (e.g., routing, namespace creation) to allow fast unit testing of logic via mocks, reserving real syscalls for the integration tier. +- **Shared Fixtures**: Use `sync.Once` or `TestMain` for expensive setup (e.g., Virtual Peer) to avoid redundant boot-ups across tests. +- **Argument Integrity**: To prevent shell injection and argument splitting, never concatenate arguments into a single string for execution. Always use "vector-based" execution (e.g., `os/exec.Command` in Go or `execv`/`execvp` in C) to ensure that arguments containing spaces or special characters are preserved as discrete literals. ### 3. Platform Compatibility & Build Constraints +... `wg-wrap` is fundamentally a Linux system tool. To ensure the module remains compilable on other platforms while restricting Linux-specific syscalls, we use the following patterns: - **Build Tags**: All files interacting with `golang.org/x/sys/unix`, network namespaces, or TUN devices must start with `//go:build linux`. |