TASK-065: inline append_group_hex + housekeeping — mark task Done

Addresses the major code-quality finding from the review cycle:
append_group_hex was left as a free function after the in-TU
canonicalizer landed but was no longer called from elsewhere, so
-Wunused-function would have warned.

Inline its three-line body directly into emit_canonical, which now
writes into a 40-byte stack scratch buffer and returns
std::string(buf, len). For the typical compressed addresses
("::1", "2001:db8::1") this keeps the returned string inside SBO
on every common libstdc++/libc++ build — the previous reserve(40)
defeated SBO unconditionally.

Spec housekeeping: tick the four TASK-065 action items and flip
both TASK-065.md and the M7 _index.md status to Done.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

Author: etr

specs/tasks/M7-v2-cleanup/TASK-065.md

@@ -8,10 +8,10 @@
 `peer_address.cpp:49-50` skips RFC 5952 zero-compression (collapsing consecutive zero groups to `::`) so the textual IPv6 form we expose is non-canonical. Spec comment notes "TASK-046 can refine when telemetry firms up" — telemetry has firmed up; finish the canonicalization now.
 
 **Action Items:**
-- [ ] Implement RFC 5952 §4 canonical form: lowercase, suppress leading zeros within groups, collapse the longest run of `2+` consecutive zero groups to `::` (ties broken by first occurrence), do not collapse a single zero group.
-- [ ] Reuse libc's `inet_ntop` where it already produces RFC 5952 output (glibc ≥ 2.28, musl, macOS recent) and only post-process when the platform falls short; or always post-process for determinism across platforms (preferred — document choice in commit message).
-- [ ] Add a unit test pinning the RFC 5952 §4.2.2 examples (`2001:db8::1`, `::1`, `::`, embedded IPv4 mappings).
-- [ ] Remove the "TASK-046 can refine when telemetry firms up" comment.
+- [x] Implement RFC 5952 §4 canonical form: lowercase, suppress leading zeros within groups, collapse the longest run of `2+` consecutive zero groups to `::` (ties broken by first occurrence), do not collapse a single zero group.
+- [x] Reuse libc's `inet_ntop` where it already produces RFC 5952 output (glibc ≥ 2.28, musl, macOS recent) and only post-process when the platform falls short; or always post-process for determinism across platforms (preferred — document choice in commit message).
+- [x] Add a unit test pinning the RFC 5952 §4.2.2 examples (`2001:db8::1`, `::1`, `::`, embedded IPv4 mappings).
+- [x] Remove the "TASK-046 can refine when telemetry firms up" comment.
 
 **Dependencies:**
 - Blocked by: None
@@ -27,4 +27,4 @@
 **Related Requirements:** PRD §2 observability NFR
 **Related Decisions:** None new (RFC 5952)
 
-**Status:** Backlog
+**Status:** Done

specs/tasks/M7-v2-cleanup/_index.md

@@ -29,7 +29,7 @@ TASK-093).
 | TASK-062 | RFC-7616-compliant Digest auth response factory | HIGH | L | Done |
 | TASK-063 | Honor or remove `http_response::pipe` `size_hint` parameter | HIGH | S | Done |
 | TASK-064 | Structured cookie type | HIGH | M | Backlog |
-| TASK-065 | RFC 5952 IPv6 zero-compression in `peer_address` | HIGH | S | Backlog |
+| TASK-065 | RFC 5952 IPv6 zero-compression in `peer_address` | HIGH | S | Done |
 | TASK-066 | Runtime setter for hook alias slots | MED | M | Backlog |
 | TASK-067 | Remove v1 `registered_resources*` maps and `namespace compat` shim | MED | L | Backlog |
 | TASK-068 | `connection_state` hardening — CWE-226 / CWE-14 | MED | S | Backlog |

src/peer_address.cpp

@@ -103,38 +103,41 @@ zero_run find_longest_zero_run(const ipv6_groups& g) {
     return best;
 }
 
-// Append "%x" for a single group to `out`.
-void append_group_hex(std::string& out, std::uint16_t group) {
-    char scratch[5];  // up to 4 hex chars + NUL per group
-    std::snprintf(scratch, sizeof(scratch), "%x",
-                  static_cast<unsigned>(group));
-    out += scratch;
-}
-
 // Emit the canonical text form, given the assembled groups and the
 // collapse window. Edge cases ("::1", "1::", "::") fall out naturally
 // because the "::" marker brings both colons with it.
+//
+// We write into a fixed stack buffer (max 39 chars for a fully-expanded
+// all-non-zero address) and construct the returned std::string from
+// (buf, len). This lets short compressed addresses like "::1" (3 chars)
+// or "2001:db8::1" (11 chars) stay within SBO on all common
+// implementations without any reserve() call that would defeat it.
 std::string emit_canonical(const ipv6_groups& g, const zero_run& collapse) {
-    std::string out;
-    out.reserve(40);  // bounded by INET6_ADDRSTRLEN
+    char buf[40];  // "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff" = 39 + NUL
+    std::size_t pos = 0;
     for (int i = 0; i < 8;) {
         if (i == collapse.start) {
-            out += "::";
+            buf[pos++] = ':';
+            buf[pos++] = ':';
             i += collapse.len;
             continue;
         }
-        append_group_hex(out, g[i]);
+        char scratch[5];
+        std::snprintf(scratch, sizeof(scratch), "%x",
+                      static_cast<unsigned>(g[i]));
+        for (char* p = scratch; *p; ++p) buf[pos++] = *p;
         ++i;
         // Emit a ':' separator if more groups remain AND the next slot
         // is not the collapse window (which brings its own leading ':').
-        if (i < 8 && i != collapse.start) out += ':';
+        if (i < 8 && i != collapse.start) buf[pos++] = ':';
     }
-    return out;
+    return std::string(buf, pos);
 }
 
 // RFC 5952 §4 canonicalizer for the 16-byte big-endian IPv6 address in
-// `bytes`. The output is bounded by INET6_ADDRSTRLEN (45 + NUL = 46), so
-// std::string's SBO covers it on every reasonable libc++/libstdc++ build.
+// `bytes`. The output is bounded by INET6_ADDRSTRLEN (45 + NUL = 46).
+// emit_canonical() uses a stack buffer to avoid defeating SBO for the
+// typical compressed short addresses ("::1", "2001:db8::1", etc.).
 //
 // We deliberately implement the canonical form in pure C++ over the
 // 16-byte buffer rather than delegating to `inet_ntop`: