Fix security issue and linting violations in multiple modules

- Security: Remove authorization and set-cookie headers from httpclient logging to prevent credential leakage
- Auth module: Fix all testifylint violations (bool-compare, require-error issues)
- Database module: Fix noctx violation by using BeginTx instead of deprecated Begin
- Cache module: Fix errcheck, testifylint issues (len, require-error, float-compare)

Co-authored-by: intel352 <77607+intel352@users.noreply.github.com>

Author: Copilot

modules/auth/module_test.go

@@ -175,7 +175,7 @@ func TestModule_RegisterConfig(t *testing.T) {
 	app := NewMockApplication()
 
 	err := module.RegisterConfig(app)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 	assert.NotNil(t, module.config)
 
 	// Verify config was registered with the app
@@ -202,7 +202,7 @@ func TestModule_Init(t *testing.T) {
 
 	app := NewMockApplication()
 	err := module.Init(app)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 	assert.NotNil(t, module.logger)
 }
 
@@ -218,7 +218,7 @@ func TestModule_Init_InvalidConfig(t *testing.T) {
 
 	app := NewMockApplication()
 	err := module.Init(app)
-	assert.Error(t, err)
+	require.Error(t, err)
 	assert.Contains(t, err.Error(), "configuration validation failed")
 }
 
@@ -231,7 +231,7 @@ func TestModule_StartStop(t *testing.T) {
 
 	// Test Start
 	err := module.Start(ctx)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 
 	// Test Stop
 	err = module.Stop(ctx)
@@ -315,7 +315,7 @@ func TestModule_Constructor_InvalidUserStore(t *testing.T) {
 	}
 
 	_, err := constructor(app, services)
-	assert.Error(t, err)
+	require.Error(t, err)
 	assert.Contains(t, err.Error(), "user_store service does not implement UserStore interface")
 }
 
@@ -339,6 +339,6 @@ func TestModule_Constructor_InvalidSessionStore(t *testing.T) {
 	}
 
 	_, err := constructor(app, services)
-	assert.Error(t, err)
+	require.Error(t, err)
 	assert.Contains(t, err.Error(), "session_store service does not implement SessionStore interface")
 }

modules/auth/service_test.go

@@ -302,7 +302,7 @@ func TestService_VerifyPassword(t *testing.T) {
 
 	// Correct password should verify
 	err = service.VerifyPassword(hash, password)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 
 	// Wrong password should fail
 	err = service.VerifyPassword(hash, "wrongpassword")

modules/auth/stores_test.go

@@ -26,24 +26,24 @@ func TestMemoryUserStore(t *testing.T) {
 	// Test CreateUser
 	err := store.CreateUser(ctx, user)
 	require.NoError(t, err)
-	assert.True(t, !user.CreatedAt.IsZero())
-	assert.True(t, !user.UpdatedAt.IsZero())
+	assert.False(t, user.CreatedAt.IsZero())
+	assert.False(t, user.UpdatedAt.IsZero())
 
 	// Test duplicate user creation
 	duplicateUser := &User{
 		ID:    "test-user-123",
 		Email: "different@example.com",
 	}
 	err = store.CreateUser(ctx, duplicateUser)
-	assert.ErrorIs(t, err, ErrUserAlreadyExists)
+	require.ErrorIs(t, err, ErrUserAlreadyExists)
 
 	// Test duplicate email
 	duplicateEmailUser := &User{
 		ID:    "different-user",
 		Email: "test@example.com",
 	}
 	err = store.CreateUser(ctx, duplicateEmailUser)
-	assert.ErrorIs(t, err, ErrUserAlreadyExists)
+	require.ErrorIs(t, err, ErrUserAlreadyExists)
 
 	// Test GetUser
 	retrievedUser, err := store.GetUser(ctx, user.ID)
@@ -78,19 +78,19 @@ func TestMemoryUserStore(t *testing.T) {
 	// Test update non-existent user
 	nonExistentUser := &User{ID: "non-existent"}
 	err = store.UpdateUser(ctx, nonExistentUser)
-	assert.ErrorIs(t, err, ErrUserNotFound)
+	require.ErrorIs(t, err, ErrUserNotFound)
 
 	// Test DeleteUser
 	err = store.DeleteUser(ctx, user.ID)
 	require.NoError(t, err)
 
 	// Verify user is deleted
 	_, err = store.GetUser(ctx, user.ID)
-	assert.ErrorIs(t, err, ErrUserNotFound)
+	require.ErrorIs(t, err, ErrUserNotFound)
 
 	// Test delete non-existent user
 	err = store.DeleteUser(ctx, "non-existent")
-	assert.ErrorIs(t, err, ErrUserNotFound)
+	require.ErrorIs(t, err, ErrUserNotFound)
 
 	// Test get non-existent user by email
 	_, err = store.GetUserByEmail(ctx, "nonexistent@example.com")
@@ -141,11 +141,11 @@ func TestMemorySessionStore(t *testing.T) {
 
 	// Verify session is deleted
 	_, err = store.Get(ctx, session.ID)
-	assert.ErrorIs(t, err, ErrSessionNotFound)
+	require.ErrorIs(t, err, ErrSessionNotFound)
 
 	// Test get non-existent session
 	_, err = store.Get(ctx, "non-existent")
-	assert.ErrorIs(t, err, ErrSessionNotFound)
+	require.ErrorIs(t, err, ErrSessionNotFound)
 
 	// Test Cleanup
 	expiredSession := &Session{
@@ -181,10 +181,10 @@ func TestMemorySessionStore(t *testing.T) {
 
 	// Verify cleanup results
 	_, err = store.Get(ctx, expiredSession.ID)
-	assert.ErrorIs(t, err, ErrSessionNotFound, "Expired session should be removed")
+	require.ErrorIs(t, err, ErrSessionNotFound, "Expired session should be removed")
 
 	_, err = store.Get(ctx, inactiveSession.ID)
-	assert.ErrorIs(t, err, ErrSessionNotFound, "Inactive session should be removed")
+	require.ErrorIs(t, err, ErrSessionNotFound, "Inactive session should be removed")
 
 	_, err = store.Get(ctx, validSession.ID)
 	assert.NoError(t, err, "Valid session should remain")

modules/cache/module_test.go

@@ -121,7 +121,7 @@ func TestCacheModule(t *testing.T) {
 
 	// Test services provided
 	services := module.(*CacheModule).ProvidesServices()
-	assert.Equal(t, 1, len(services))
+	assert.Len(t, services, 1)
 	assert.Equal(t, ServiceName, services[0].Name)
 }
 
@@ -146,14 +146,14 @@ func TestMemoryCacheOperations(t *testing.T) {
 
 	// Test basic operations
 	err = module.Set(ctx, "test-key", "test-value", time.Minute)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 
 	value, found := module.Get(ctx, "test-key")
 	assert.True(t, found)
 	assert.Equal(t, "test-value", value)
 
 	err = module.Delete(ctx, "test-key")
-	assert.NoError(t, err)
+	require.NoError(t, err)
 
 	_, found = module.Get(ctx, "test-key")
 	assert.False(t, found)
@@ -166,16 +166,16 @@ func TestMemoryCacheOperations(t *testing.T) {
 	}
 
 	err = module.SetMulti(ctx, items, time.Minute)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 
 	results, err := module.GetMulti(ctx, []string{"key1", "key2", "key4"})
-	assert.NoError(t, err)
+	require.NoError(t, err)
 	assert.Equal(t, "value1", results["key1"])
 	assert.Equal(t, "value2", results["key2"])
 	assert.NotContains(t, results, "key4")
 
 	err = module.Flush(ctx)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 
 	_, found = module.Get(ctx, "key1")
 	assert.False(t, found)
@@ -211,7 +211,7 @@ func TestExpiration(t *testing.T) {
 
 	// Set with short TTL
 	err = module.Set(ctx, "expires-quickly", "value", time.Second)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 
 	// Verify it exists
 	_, found := module.Get(ctx, "expires-quickly")
@@ -300,7 +300,7 @@ func TestRedisOperationsWithMockBehavior(t *testing.T) {
 
 	// Test close without connection
 	err = cache.Close(ctx)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 }
 
 // TestRedisConfigurationEdgeCases tests edge cases in Redis configuration
@@ -342,16 +342,16 @@ func TestRedisMultiOperationsEmptyInputs(t *testing.T) {
 
 	// Test GetMulti with empty keys - should return empty map (no connection needed)
 	results, err := cache.GetMulti(ctx, []string{})
-	assert.NoError(t, err)
+	require.NoError(t, err)
 	assert.Equal(t, map[string]interface{}{}, results)
 
 	// Test SetMulti with empty items - should succeed (no connection needed)
 	err = cache.SetMulti(ctx, map[string]interface{}{}, time.Minute)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 
 	// Test DeleteMulti with empty keys - should succeed (no connection needed)
 	err = cache.DeleteMulti(ctx, []string{})
-	assert.NoError(t, err)
+	require.NoError(t, err)
 }
 
 // TestRedisConnectWithPassword tests connection configuration with password
@@ -373,11 +373,11 @@ func TestRedisConnectWithPassword(t *testing.T) {
 	// Test connection with password and different DB - this will fail since no Redis server
 	// but will exercise the connection configuration code paths
 	err := cache.Connect(ctx)
-	assert.Error(t, err) // Expected to fail without Redis server
+	require.Error(t, err) // Expected to fail without Redis server
 
 	// Test Close when client is nil initially
 	err = cache.Close(ctx)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 }
 
 // TestRedisJSONMarshaling tests JSON marshaling error scenarios
@@ -445,15 +445,15 @@ func TestRedisFullOperations(t *testing.T) {
 
 	// Test Set and Get
 	err = cache.Set(ctx, "test-key", "test-value", time.Minute)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 
 	value, found := cache.Get(ctx, "test-key")
 	assert.True(t, found)
 	assert.Equal(t, "test-value", value)
 
 	// Test Delete
 	err = cache.Delete(ctx, "test-key")
-	assert.NoError(t, err)
+	require.NoError(t, err)
 
 	_, found = cache.Get(ctx, "test-key")
 	assert.False(t, found)
@@ -466,18 +466,18 @@ func TestRedisFullOperations(t *testing.T) {
 	}
 
 	err = cache.SetMulti(ctx, items, time.Minute)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 
 	results, err := cache.GetMulti(ctx, []string{"key1", "key2", "key3", "nonexistent"})
-	assert.NoError(t, err)
+	require.NoError(t, err)
 	assert.Equal(t, "value1", results["key1"])
-	assert.Equal(t, float64(42), results["key2"]) // JSON unmarshaling returns numbers as float64
+	assert.InDelta(t, float64(42), results["key2"], 0.01) // JSON unmarshaling returns numbers as float64
 	assert.Equal(t, map[string]interface{}{"nested": "value"}, results["key3"])
 	assert.NotContains(t, results, "nonexistent")
 
 	// Test DeleteMulti
 	err = cache.DeleteMulti(ctx, []string{"key1", "key2"})
-	assert.NoError(t, err)
+	require.NoError(t, err)
 
 	// Verify deletions
 	_, found = cache.Get(ctx, "key1")
@@ -490,14 +490,14 @@ func TestRedisFullOperations(t *testing.T) {
 
 	// Test Flush
 	err = cache.Flush(ctx)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 
 	_, found = cache.Get(ctx, "key3")
 	assert.False(t, found)
 
 	// Test Close
 	err = cache.Close(ctx)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 }
 
 // TestRedisGetJSONUnmarshalError tests JSON unmarshaling errors in Get
@@ -526,7 +526,7 @@ func TestRedisGetJSONUnmarshalError(t *testing.T) {
 	defer cache.Close(ctx)
 
 	// Manually insert invalid JSON into Redis
-	s.Set("invalid-json", "this is not valid JSON {")
+	_ = s.Set("invalid-json", "this is not valid JSON {")
 
 	// Try to get the invalid JSON value
 	value, found := cache.Get(ctx, "invalid-json")
@@ -567,7 +567,7 @@ func TestRedisGetWithServerError(t *testing.T) {
 
 	// Try GetMulti when server is down
 	results, err := cache.GetMulti(ctx, []string{"key1", "key2"})
-	assert.Error(t, err)
+	require.Error(t, err)
 	assert.Nil(t, results)
 
 	// Close cache

modules/database/service.go

@@ -260,7 +260,7 @@ func (s *databaseServiceImpl) Begin() (*sql.Tx, error) {
 	if s.db == nil {
 		return nil, ErrDatabaseNotConnected
 	}
-	tx, err := s.db.Begin()
+	tx, err := s.db.BeginTx(context.Background(), nil)
 	if err != nil {
 		return nil, fmt.Errorf("beginning database transaction: %w", err)
 	}

modules/httpclient/module.go

@@ -730,9 +730,9 @@ func (t *loggingTransport) smartTruncateResponse(dump string, maxSize int) strin
 // even when detailed logging is disabled.
 func (t *loggingTransport) isImportantHeader(headerName string) bool {
 	important := []string{
-		"content-type", "content-length", "authorization", "user-agent",
+		"content-type", "content-length", "user-agent",
 		"accept", "cache-control", "x-request-id", "x-correlation-id",
-		"x-trace-id", "location", "set-cookie",
+		"x-trace-id", "location",
 	}
 
 	headerLower := strings.ToLower(headerName)