Found while dogfooding the locally built cdidx on branch codex/search-audit-issues-20260619.
Duplicate check: no open issue found for sanitize raw exception messages indexing import manifest diagnostics ex.Message.
Evidence:
src/CodeIndex/Cli/IndexCommandRunner.FullScan.cs:27 falls back to raw ex.Message for index file exceptions.src/CodeIndex/Cli/ExportImportCommandRunner.cs:658 returns InvalidDataException.Message from manifest reads.- Similar diagnostics already use
CommandErrorWriter.FormatSanitizedException in other paths.
Problem:
Raw exception messages can include user-controlled paths or payload fragments. Index/import diagnostics should use consistent bounded and redacted formatting.
Acceptance criteria:
- Replace raw exception-message fallbacks in indexing/import diagnostics with sanitized bounded formatting.
- Preserve specific regex timeout and structured manifest depth messages.
- Add tests for long path/payload fragments in exception messages.
Found while dogfooding the locally built
cdidxon branchcodex/search-audit-issues-20260619.Duplicate check: no open issue found for
sanitize raw exception messages indexing import manifest diagnostics ex.Message.Evidence:
src/CodeIndex/Cli/IndexCommandRunner.FullScan.cs:27falls back to rawex.Messagefor index file exceptions.src/CodeIndex/Cli/ExportImportCommandRunner.cs:658returnsInvalidDataException.Messagefrom manifest reads.CommandErrorWriter.FormatSanitizedExceptionin other paths.Problem:
Raw exception messages can include user-controlled paths or payload fragments. Index/import diagnostics should use consistent bounded and redacted formatting.
Acceptance criteria: