Skip to content

[CORE] Introduce centralized error-handling middleware for security hardening (#157)#162

Open
adityakrmishra wants to merge 1 commit into
GauravKarakoti:mainfrom
adityakrmishra:feat-error-handler
Open

[CORE] Introduce centralized error-handling middleware for security hardening (#157)#162
adityakrmishra wants to merge 1 commit into
GauravKarakoti:mainfrom
adityakrmishra:feat-error-handler

Conversation

@adityakrmishra

Copy link
Copy Markdown
Contributor

Fixes #157. Implements a higher-order withErrorHandler wrapper in src/lib/middleware/ to intercept unhandled exceptions across API routes. This enforces strict sanitization, preventing stack traces or environment variables from leaking to the client layer.

@vercel

vercel Bot commented Jul 7, 2026

Copy link
Copy Markdown

@adityakrmishra is attempting to deploy a commit to the Gaurav's projects Team on Vercel.

A member of the Team first needs to authorize it.

@secure-flow

secure-flow Bot commented Jul 7, 2026

Copy link
Copy Markdown

🛡️ SecureFlow AI Security Report

⚠️ Detected 1 potential issues matching your code policies. Please review them before merging.

🔴 CRITICAL | Contextual Leak in src/lib/middleware/error-handler.ts

Breach occurs when un-sanitized error message exposes potentially sensitive information to clients via unhandled errors, providing a clear context about the existence of certain incident logging mechanisms.

🛠️ View Remediation Suggestions

["\tin src/lib/middleware/error-handler.ts, modify the NextResponse.json method to omit the "incident logged" message.","\tin src/lib/middleware/error-handler.ts, introduce a custom error response object to replace the generic "An unexpected error occurred" message with a generic, security-conscious alternative."]


@secure-flow

secure-flow Bot commented Jul 7, 2026

Copy link
Copy Markdown

🛡️ SecureFlow AI Security Report

⚠️ Detected 2 potential issues matching your code policies. Please review them before merging.

🔴 CRITICAL | Vulnerability in src/lib/middleware/error-handler.ts

A CRITICAL security breach can occur when sensitive environment variables are leaked through a console.log statement accessible to the client. This disclosure can enable adversaries to exploit vulnerable dependencies or escalate privileges.

🛠️ View Remediation Suggestions

["Implement strict logging with environment variable sanitization for client-side visibility protection.","Review and update error handling middleware in src/lib/middleware/error-handler.ts to exclude sensitive information disclosure."]


🔴 CRITICAL | Vulnerability in src/app/api/webhooks/github/route.ts

An attacker has successfully manipulated the GitHub Pull Request to alter the return value of the NextResponse.json function, potentially exposing sensitive data logged in console.log statements.

🛠️ View Remediation Suggestions

["* Review and secure potential sensitive data in logged messages.","* Utilize environment variables safely and securely.","* Implement a secure logging mechanism to restrict access to sensitive data."]



return NextResponse.json({ message: 'Event successfully caught but ignored' }, { status: 200 });

} catch (error: any) {

Copy link
Copy Markdown
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why have you removed the error handling tho?

@GauravKarakoti

Copy link
Copy Markdown
Owner

Give a look at the review

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[CORE] Introduce centralized error-handling middleware for security hardening

2 participants