Complete refactoring: All phases verified and passing

Copilot · lpcox · Copilot · commit 025f9ec69ab6 · 2026-01-18T17:19:51.000Z
Co-authored-by: lpcox &lt;15877973+lpcox@users.noreply.github.com&gt;
diff --git a/internal/auth/header.go b/internal/auth/header.go
@@ -10,14 +10,14 @@
 //
 // Usage Guidelines:
 //
-// - Use ParseAuthHeader() for complete authentication with error handling:
-//   Returns both API key and agent ID, with errors for missing/invalid headers.
+//   - Use ParseAuthHeader() for complete authentication with error handling:
+//     Returns both API key and agent ID, with errors for missing/invalid headers.
 //
-// - Use ExtractAgentID() when you only need the agent ID and want automatic
-//   fallback to "default" instead of error handling.
+//   - Use ExtractAgentID() when you only need the agent ID and want automatic
+//     fallback to "default" instead of error handling.
 //
-// - Use ValidateAPIKey() to check if a provided key matches the expected value.
-//   Automatically handles the case where authentication is disabled (no expected key).
+//   - Use ValidateAPIKey() to check if a provided key matches the expected value.
+//     Automatically handles the case where authentication is disabled (no expected key).
 //
 // Example:
 //
diff --git a/internal/logger/sanitize/sanitize.go b/internal/logger/sanitize/sanitize.go
@@ -2,19 +2,19 @@
 //
 // This package offers two complementary approaches to secret sanitization:
 //
-// 1. Pattern-based detection: SanitizeString() and SanitizeJSON() use regex patterns
-//    to identify and redact secrets like API keys, tokens, and passwords.
+//  1. Pattern-based detection: SanitizeString() and SanitizeJSON() use regex patterns
+//     to identify and redact secrets like API keys, tokens, and passwords.
 //
-// 2. Prefix truncation: TruncateSecret() and TruncateSecretMap() show only the first
-//    4 characters of values, making them safe for logging without exposing full secrets.
+//  2. Prefix truncation: TruncateSecret() and TruncateSecretMap() show only the first
+//     4 characters of values, making them safe for logging without exposing full secrets.
 //
 // Usage Guidelines:
 //
-// - Use TruncateSecret()/TruncateSecretMap() for auth headers and environment variables
-//   where you want to preserve a hint of the value for debugging.
+//   - Use TruncateSecret()/TruncateSecretMap() for auth headers and environment variables
+//     where you want to preserve a hint of the value for debugging.
 //
-// - Use SanitizeString()/SanitizeJSON() for full payload sanitization where secrets
-//   may appear in various formats throughout the data.
+//   - Use SanitizeString()/SanitizeJSON() for full payload sanitization where secrets
+//     may appear in various formats throughout the data.
 //
 // Example:
 //
