EZSCALE/virtfusion-whmcs-module
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 10 Wiki Activity

docs: add design-rationale commentary to core support classes

Browse Source 
Enriches class-level docblocks and inline comments across the shared
utility classes with the "why" behind design decisions that aren't
obvious from reading the code alone:

- Cache       two-tier rationale, atomic-write semantics, failure modes
- Curl        single-use-per-instance rationale, default option choices
- Log         wrapper rationale, redaction expectations for callers
- Database    auto-migration philosophy, schema-versioning approach
- ServerResource  flat-array rationale, interfaces[0]-only limit called
              out for future maintainers, unit-conversion map
- ConfigureService  why a sibling of ModuleFunctions, catalogue caching
              policy, cp-in-constructor reasoning

Pure documentation — no code changes, all files remain lint-clean and
Pint-formatted.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Prophet731
2026-04-17 21:08:37 -04:00
parent ad85439dfb
commit 8a88862364
6 changed files with 197 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
modules/servers/VirtFusionDirect/lib/Curl.php
View File

@@ -17,7 +17,20 @@ class Curl
/** @var array User-supplied cURL options that override defaults */
private $customOptions = [];
/** @var array Default cURL options applied to every request */
/**
* @var array Default cURL options applied to every request.
*
* Rationale:
* VERIFYPEER/VERIFYHOST: Full TLS chain + hostname validation. Disabling
* either is a common source of MITM bugs, so we never do it silently.
* RETURNTRANSFER: We always want the response body back as a string.
* HEADER off: Callers almost never need headers. Saves a parse cycle.
* NOBODY off: Default to GET-style body-returning requests.
* TIMEOUT 30s: Covers slow API endpoints without letting a hung connection
* block a whole WHMCS request indefinitely.
* CONNECTTIMEOUT 10s: Separate from the total timeout so a failed TCP
* handshake (firewall black-hole) fails fast rather than burning 30s.
*/
private $defaultOptions = [
CURLOPT_SSL_VERIFYPEER => true,
CURLOPT_SSL_VERIFYHOST => 2,