From 58cf18f73aaf2844c2a6e609702215da4f717d9c Mon Sep 17 00:00:00 2001
From: "google-labs-jules[bot]"
 <161369871+google-labs-jules[bot]@users.noreply.github.com>
Date: Sat, 25 Apr 2026 21:19:07 +0000
Subject: [PATCH] =?UTF-8?q?=F0=9F=9B=A1=EF=B8=8F=20Sentinel:=20[MEDIUM]=20?=
 =?UTF-8?q?Fix=20Information=20Disclosure=20&=20SafeStaticFiles=20Attribut?=
 =?UTF-8?q?eError?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: socialawy <24765060+socialawy@users.noreply.github.com>
---
 src/audioformation/server/app.py    | 2 +-
 src/audioformation/server/routes.py | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/audioformation/server/app.py b/src/audioformation/server/app.py
index 9334beb..5cf513b 100644
--- a/src/audioformation/server/app.py
+++ b/src/audioformation/server/app.py
@@ -24,7 +24,7 @@ class SafeStaticFiles(StaticFiles):
 
     async def get_response(self, path: str, scope) -> Response:
         # Normalize path for check
-        p = Path(path).lower()
+        p = Path(path.lower())
         if "00_config" in p.parts or p.name.startswith(".env") or ".git" in p.parts:
             raise HTTPException(
                 status_code=403, detail="Access denied to sensitive resource"
diff --git a/src/audioformation/server/routes.py b/src/audioformation/server/routes.py
index 34c9bec..7429d46 100644
--- a/src/audioformation/server/routes.py
+++ b/src/audioformation/server/routes.py
@@ -185,7 +185,8 @@ async def ingest_files(
                 shutil.copyfileobj(file.file, buffer)
     except Exception as e:
         shutil.rmtree(tmp_dir, ignore_errors=True)
-        raise HTTPException(status_code=500, detail=f"Upload failed: {e}")
+        logger.error(f"Upload failed: {e}")
+        raise HTTPException(status_code=500, detail="Upload failed")
 
     background_tasks.add_task(
         _run_with_status,