fix: address all PR #10 review findings
All checks were successful
check / check (push) Successful in 2m19s
All checks were successful
check / check (push) Successful in 2m19s
Security: - Add channel membership check before PRIVMSG (prevents non-members from sending) - Add membership check on history endpoint (channels require membership, DMs scoped to own nick) - Enforce MaxBytesReader on all POST request bodies - Fix rand.Read error being silently ignored in token generation Data integrity: - Fix TOCTOU race in GetOrCreateChannel using INSERT OR IGNORE + SELECT Build: - Add CGO_ENABLED=0 to golangci-lint install in Dockerfile (fixes alpine build) Linting: - Strict .golangci.yml: only wsl disabled (deprecated in v2) - Re-enable exhaustruct, depguard, godot, wrapcheck, varnamelen - Fix linters-settings -> linters.settings for v2 config format - Fix ALL lint findings in actual code (no linter config weakening) - Wrap all external package errors (wrapcheck) - Fill struct fields or add targeted nolint:exhaustruct where appropriate - Rename short variables (ts->timestamp, n->bufIndex, etc.) - Add depguard deny policy for io/ioutil and math/rand - Exclude G704 (SSRF) in gosec config (CLI client takes user-configured URLs) Tests: - Add security tests (TestNonMemberCannotSend, TestHistoryNonMember) - Split TestInsertAndPollMessages for reduced complexity - Fix parallel test safety (viper global state prevents parallelism) - Use t.Context() instead of context.Background() in tests Docker build verified passing locally.
This commit is contained in:
clawbot
@@ -13,35 +13,48 @@ var testDBCounter atomic.Int64
|
||||
|
||||
// NewTestDatabase creates an in-memory database for testing.
|
||||
func NewTestDatabase() (*Database, error) {
|
||||
n := testDBCounter.Add(1)
|
||||
counter := testDBCounter.Add(1)
|
||||
|
||||
dsn := fmt.Sprintf(
|
||||
"file:testdb%d?mode=memory"+
|
||||
"&cache=shared&_pragma=foreign_keys(1)",
|
||||
n,
|
||||
counter,
|
||||
)
|
||||
|
||||
d, err := sql.Open("sqlite", dsn)
|
||||
conn, err := sql.Open("sqlite", dsn)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, fmt.Errorf("open test db: %w", err)
|
||||
}
|
||||
|
||||
database := &Database{db: d, log: slog.Default()}
|
||||
database := &Database{ //nolint:exhaustruct // test helper, params not needed
|
||||
conn: conn,
|
||||
log: slog.Default(),
|
||||
}
|
||||
|
||||
err = database.runMigrations(context.Background())
|
||||
if err != nil {
|
||||
closeErr := d.Close()
|
||||
closeErr := conn.Close()
|
||||
if closeErr != nil {
|
||||
return nil, closeErr
|
||||
return nil, fmt.Errorf(
|
||||
"close after migration failure: %w",
|
||||
closeErr,
|
||||
)
|
||||
}
|
||||
|
||||
return nil, err
|
||||
return nil, fmt.Errorf(
|
||||
"run test migrations: %w", err,
|
||||
)
|
||||
}
|
||||
|
||||
return database, nil
|
||||
}
|
||||
|
||||
// Close closes the underlying database connection.
|
||||
func (s *Database) Close() error {
|
||||
return s.db.Close()
|
||||
func (database *Database) Close() error {
|
||||
err := database.conn.Close()
|
||||
if err != nil {
|
||||
return fmt.Errorf("close database: %w", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user