chore: Critical test coverage gaps #62
Description
Problem
Several core packages have zero or near-zero test coverage:
| Package | Coverage | Risk |
|---|---|---|
internal/proxy |
0% | Orchestrator logic untested |
internal/scheduler |
0% | Cron/backup scheduling untested |
internal/system |
0% | Services manager untested |
internal/traffic |
0% | Traffic analysis untested |
internal/watcher |
0% | File watcher untested |
internal/security |
~5% | Security package nearly untested |
internal/backup |
~30% | Backup logic partially tested |
internal/api (handlers) |
~15% | Most API handlers untested |
Overall: 28 test files vs 61 packages.
Impact
Regressions go undetected. Refactoring is risky. Security-critical code paths (auth, backup, proxy) lack verification.
Proposed Fix
Priority order for adding tests:
internal/security— directly security-relevantinternal/apihandlers — the public attack surfaceinternal/backup— data loss riskinternal/proxy— misconfig = downtimeinternal/scheduler— silent failures
Target: 60%+ coverage on security and API packages.