Skip to content

fix: Address codebase TODOs in http.go and healthcheck.go#15218

Closed
vishnarac wants to merge 1 commit intolinkerd:mainfrom
vishnarac:fix/address-codebase-todos
Closed

fix: Address codebase TODOs in http.go and healthcheck.go#15218
vishnarac wants to merge 1 commit intolinkerd:mainfrom
vishnarac:fix/address-codebase-todos

Conversation

@vishnarac
Copy link
Copy Markdown

@vishnarac vishnarac commented Apr 28, 2026

Problem

There were some pending TODO comments in the codebase that represented technical debt: missing input validation for HTTP parsing and a hardcoded clock skew value that needed to be configurable.

Solution

  • Added input validation and sanitization to ParseScheme and ParseMethod in pkg/util/http.go.
  • Configured the allowed clock skew as AllowedClockSkew in the Options struct and updated healthcheck.go to use this field instead of the hardcoded global constant.

Validation

Ran the test suite locally for pkg/util and pkg/healthcheck (go test ./pkg/util ./pkg/healthcheck), and ran go vet. All tests pass successfully.

@vishnuc-ibm
fix: Address codebase TODOs in http.go and healthcheck.go
134530a 
Problem

There were some pending TODO comments in the codebase that represented technical debt: missing input validation for HTTP parsing and a hardcoded clock skew value that needed to be configurable.

Solution

- Added input validation and sanitization to ParseScheme and ParseMethod in pkg/util/http.go.
- Configured the allowed clock skew as AllowedClockSkew in the Options struct and updated healthcheck.go to use this field instead of the hardcoded global constant.

Validation

Ran the test suite locally for pkg/util and pkg/healthcheck (go test ./pkg/util ./pkg/healthcheck), and ran go vet. All tests pass successfully.

Signed-off-by: Vishnu N C <vishnuc@ibm.com>
@vishnarac vishnarac requested a review from a team as a code owner April 28, 2026 12:03
adleong
adleong requested changes Apr 28, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@adleong adleong left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @vishnarac, thanks for your interest in the project.

I don't think these changes adequately address the TODOs. Adding allowed clock skew to the options struct isn't sufficient, since there is no flag to set this value. The code you added to ParseScheme and ParseMethod doesn't actually do any validation.

More importantly, though, these TODOs are quite old and aren't necessarily still applicable or high value. If you'd like to get involved with the project, I recommend looking for Github issues with the Good First Issue label or opening a new issue discussing what you'd like to work on.

@vishnarac
Copy link
Copy Markdown
Author

vishnarac commented Apr 29, 2026

Hi @vishnarac, thanks for your interest in the project.

I don't think these changes adequately address the TODOs. Adding allowed clock skew to the options struct isn't sufficient, since there is no flag to set this value. The code you added to ParseScheme and ParseMethod doesn't actually do any validation.

More importantly, though, these TODOs are quite old and aren't necessarily still applicable or high value. If you'd like to get involved with the project, I recommend looking for Github issues with the Good First Issue label or opening a new issue discussing what you'd like to work on.

Appreciate the feedback. @adleong Will close this PR. Lemme look at 'Good First Issue label' issues to get started.

@vishnarac vishnarac closed this Apr 29, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adleong adleong adleong requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@vishnarac @adleong @vishnuc-ibm