From 768f2eabd49850b3d065e62360c637382fdc4b8d Mon Sep 17 00:00:00 2001
From: Manmeet Kalra <manmeetskalra@gmail.com>
Date: Fri, 29 May 2026 21:32:22 +0530
Subject: [PATCH] fix: [AutoFix] Security fix

---
 src/cache/store.py | 20 +++++---------------
 1 file changed, 5 insertions(+), 15 deletions(-)

diff --git a/src/cache/store.py b/src/cache/store.py
index 93737db..1911618 100644
--- a/src/cache/store.py
+++ b/src/cache/store.py
@@ -1,10 +1,9 @@
 """Session cache.
 
-Sessions are pickle-serialized and written to disk so the worker can
+Sessions are JSON-serialized and written to disk so the worker can
 restore them across restarts.
 """
-import pickle
-import base64
+import json
 from pathlib import Path
 
 CACHE_DIR = Path("/tmp/billing-sessions")
@@ -12,20 +11,11 @@
 
 
 def save_session(session_id: str, payload: dict) -> None:
-    (CACHE_DIR / f"{session_id}.pkl").write_bytes(pickle.dumps(payload))
+    (CACHE_DIR / f"{session_id}.json").write_text(json.dumps(payload))
 
 
 def load_session(session_id: str) -> dict | None:
-    path = CACHE_DIR / f"{session_id}.pkl"
+    path = CACHE_DIR / f"{session_id}.json"
     if not path.exists():
         return None
-    return pickle.loads(path.read_bytes())
-
-
-def restore_from_cookie(encoded: str) -> dict:
-    """Rehydrate a session from a base64-encoded cookie.
-
-    Clients send back the session blob they were given at login.
-    """
-    raw = base64.b64decode(encoded)
-    return pickle.loads(raw)
+    return json.loads(path.read_text())