API Surface Issue
Category
Naming convention violation in exported symbol (security-critical module)
Summary
- File:
src/host-iptables-shared.ts
- Symbol:
_testing
- Issue: The symbol
_testing is exported with an underscore prefix, which is not a TypeScript naming convention. In TypeScript, underscore prefixes are used for unused parameters (_unused), not for exported objects. Exporting a public _testing object from a security-critical host iptables module signals "private/internal" to readers but is simultaneously exported as part of the public module API.
Evidence
// src/host-iptables-shared.ts:27
export const _testing = { resetIpv6State };# Used in 5 test files — but exported publicly with misleading name:
src/host-iptables-setup.test.ts:5: import { _testing } from './host-iptables-shared';
src/host-iptables-host-access.test.ts:3: import { _testing } from './host-iptables-shared';
src/host-iptables-network.test.ts:4: import { _testing } from './host-iptables-shared';
src/host-iptables-doh.test.ts:3: import { _testing } from './host-iptables-shared';
src/host-iptables-cleanup.test.ts:3: import { _testing } from './host-iptables-shared';
The module is not in the public barrel (src/host-iptables.ts) but the _testing export is still a public symbol that any code can import. The naming convention (matching containers/api-proxy/providers/copilot.js which uses _testing for JS test helpers) is inconsistent with TypeScript conventions where test-only exports commonly use a name like testing, __testing, or testingInternals.
Recommended Fix
- Rename
_testing to a TypeScript-idiomatic name that clearly communicates test-only intent:
// src/host-iptables-shared.ts
/** `@internal` Exposed for unit tests only. */
export const testingInternals = { resetIpv6State };
- Update the 5 test files that import it:
import { testingInternals } from './host-iptables-shared';
setupHostIptablesTestSuite(testingInternals.resetIpv6State);Alternatively, annotate with @internal JSDoc and add a lint rule to prevent _testing export naming in .ts files.
Impact
- Dead code risk: Low — actively used in tests
- Maintenance burden: Medium — misleading convention in a security-critical module (
host-iptables) could cause confusion during security reviews; the underscore prefix may lead reviewers to skip scrutiny of what's actually exported
Detected by Export Audit workflow. Triggered by push to main on 2026-05-15
Generated by API Surface & Export Audit · ● 10.6M · ◷
API Surface Issue
Category
Naming convention violation in exported symbol (security-critical module)
Summary
src/host-iptables-shared.ts_testing_testingis exported with an underscore prefix, which is not a TypeScript naming convention. In TypeScript, underscore prefixes are used for unused parameters (_unused), not for exported objects. Exporting a public_testingobject from a security-critical host iptables module signals "private/internal" to readers but is simultaneously exported as part of the public module API.Evidence
The module is not in the public barrel (
src/host-iptables.ts) but the_testingexport is still a public symbol that any code can import. The naming convention (matchingcontainers/api-proxy/providers/copilot.jswhich uses_testingfor JS test helpers) is inconsistent with TypeScript conventions where test-only exports commonly use a name liketesting,__testing, ortestingInternals.Recommended Fix
_testingto a TypeScript-idiomatic name that clearly communicates test-only intent:Alternatively, annotate with
@internalJSDoc and add a lint rule to prevent_testingexport naming in.tsfiles.Impact
host-iptables) could cause confusion during security reviews; the underscore prefix may lead reviewers to skip scrutiny of what's actually exportedDetected by Export Audit workflow. Triggered by push to main on 2026-05-15