fix: correct tojson|safe usage in templates and update validator

- Remove |safe from |tojson in HTML attributes (x-data) - quotes must become " for browsers to parse correctly - Update LANG-002 and LANG-003 architecture rules to document correct |tojson usage patterns: - HTML attributes: |tojson (no |safe) - Script blocks: |tojson|safe - Fix validator to warn when |tojson|safe is used in x-data (breaks HTML attribute parsing) - Improve code quality across services, APIs, and tests 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-13 22:59:51 +01:00
parent 94d268f330
commit 9920430b9e
123 changed files with 1408 additions and 840 deletions
--- a/app/core/logging.py
+++ b/app/core/logging.py
@@ -54,9 +54,15 @@ class DatabaseLogHandler(logging.Handler):
                    stack_trace = None

                    if record.exc_info:
-                        exception_type = record.exc_info[0].__name__ if record.exc_info[0] else None
-                        exception_message = str(record.exc_info[1]) if record.exc_info[1] else None
-                        stack_trace = "".join(traceback.format_exception(*record.exc_info))
+                        exception_type = (
+                            record.exc_info[0].__name__ if record.exc_info[0] else None
+                        )
+                        exception_message = (
+                            str(record.exc_info[1]) if record.exc_info[1] else None
+                        )
+                        stack_trace = "".join(
+                            traceback.format_exception(*record.exc_info)
+                        )

                    # Extract context from record (if middleware added it)
                    user_id = getattr(record, "user_id", None)
@@ -95,7 +101,6 @@ class DatabaseLogHandler(logging.Handler):
                            continue
                    # For other errors or final attempt, silently skip
                    # Don't print to stderr to avoid log spam during imports
-                    pass
                finally:
                    db.close()

@@ -206,9 +211,7 @@ def setup_logging():
    detailed_formatter = logging.Formatter(
        "%(asctime)s - %(name)s - %(levelname)s - [%(module)s:%(funcName)s:%(lineno)d] - %(message)s"
    )
-    simple_formatter = logging.Formatter(
-        "%(asctime)s - %(levelname)s - %(message)s"
-    )
+    simple_formatter = logging.Formatter("%(asctime)s - %(levelname)s - %(message)s")

    # Console handler (simple format)
    console_handler = logging.StreamHandler(sys.stdout)
@@ -217,10 +220,7 @@ def setup_logging():

    # Rotating file handler (detailed format)
    file_handler = RotatingFileHandler(
-        log_file,
-        maxBytes=max_bytes,
-        backupCount=backup_count,
-        encoding="utf-8"
+        log_file, maxBytes=max_bytes, backupCount=backup_count, encoding="utf-8"
    )
    file_handler.setFormatter(detailed_formatter)
    logger.addHandler(file_handler)
@@ -232,7 +232,10 @@ def setup_logging():
        logger.addHandler(db_handler)
    except Exception as e:
        # If database handler fails, just use file logging
-        print(f"Warning: Database logging handler could not be initialized: {e}", file=sys.stderr)
+        print(
+            f"Warning: Database logging handler could not be initialized: {e}",
+            file=sys.stderr,
+        )

    # Configure specific loggers to reduce noise
    logging.getLogger("uvicorn.access").setLevel(logging.WARNING)
@@ -245,7 +248,7 @@ def setup_logging():
    logger.info(f"Log File: {log_file}")
    logger.info(f"Max File Size: {max_bytes / (1024 * 1024):.1f} MB")
    logger.info(f"Backup Count: {backup_count}")
-    logger.info(f"Database Logging: Enabled (WARNING and above)")
+    logger.info("Database Logging: Enabled (WARNING and above)")
    logger.info("=" * 80)

    return logging.getLogger(__name__)