add unit tests
since this has grown considerably complex and it deals with some sensitive things (potential for leaking an applicant's information, could accidentally delete the wrong file, etc.) i think it would be a good idea to add unit testing before adding any new features or rewriting.
this is also tangentially related to #5 (closed); i hesitate to call something secure if it doesn't have decent test coverage running in ci :P