fix(chapter-04): fail fast on config and compare secrets safely
Chapter: 04 - Runtime safety basics. Plain-English map: Validate required environment variables at startup, reuse Supabase and storage clients instead of recreating them per request, and remove a timing leak from download-token comparison. Why it matters: Bad configuration should be caught before users hit the app. Shared clients avoid needless connection churn. Secret checks should not reveal clues through response timing. Principle: Fail fast, reuse expensive resources, and compare secrets in constant time. Precedent borrowed: Upstream PRs #81, #106, and #109, which independently targeted timing-safe comparison, env validation, and singleton client reuse. Upstream base: willchen96/mike@d39f580. Original local commit: c2d2a9a.
| Repository | amal66/mike |
|---|---|
| Author | Amal <mamalanand3@gmail.com> |
| Authored | |
| Parents | c72b8c74 |
| Stats | 7 files changed , +245 |
| Part of | Config validation and secret handling |
Capture this commit into my fork
Download a Markdown prompt that tells Claude how to port this
exact commit into your working tree. Run it via
claude -p < capture-commit-9f15ed1c.md
from inside the repo you want the change in.