- config init catches OSError (read-only dir, ENOSPC, gone cwd) alongside CommandError
and prints a clean [x] line; the main dispatch catches the full OSError family instead
of only FileNotFoundError (L13)
- document read_flag's fail-closed (non-dict -> not allowed) as a deliberate privilege-
gate default (nit).
Signed-off-by: disqualifier <dev@disqualifier.me>
- JsonStore._write used a fixed '<path>.tmp' name with no lock, so two concurrent
authorizer invocations could clobber each other's temp and corrupt/lose the key
store. use tempfile.mkstemp in the same dir (unique per write) then os.replace
(atomic), cleaning up the temp on failure.
- list 'created_at' formatting did int(raw) unguarded; one hand-edited/legacy doc
with a bad timestamp aborted the whole table. guard per-row, fall back to '-'.
verified by execution: 20 concurrent writers -> 0 errors, file stays valid JSON,
no leftover .tmp; upsert still dedupes/updates; bad/absent created_at -> '-'.
Signed-off-by: disqualifier <dev@disqualifier.me>
