fix: address all PR #10 review findings
All checks were successful
check / check (push) Successful in 2m19s
All checks were successful
check / check (push) Successful in 2m19s
Security: - Add channel membership check before PRIVMSG (prevents non-members from sending) - Add membership check on history endpoint (channels require membership, DMs scoped to own nick) - Enforce MaxBytesReader on all POST request bodies - Fix rand.Read error being silently ignored in token generation Data integrity: - Fix TOCTOU race in GetOrCreateChannel using INSERT OR IGNORE + SELECT Build: - Add CGO_ENABLED=0 to golangci-lint install in Dockerfile (fixes alpine build) Linting: - Strict .golangci.yml: only wsl disabled (deprecated in v2) - Re-enable exhaustruct, depguard, godot, wrapcheck, varnamelen - Fix linters-settings -> linters.settings for v2 config format - Fix ALL lint findings in actual code (no linter config weakening) - Wrap all external package errors (wrapcheck) - Fill struct fields or add targeted nolint:exhaustruct where appropriate - Rename short variables (ts->timestamp, n->bufIndex, etc.) - Add depguard deny policy for io/ioutil and math/rand - Exclude G704 (SSRF) in gosec config (CLI client takes user-configured URLs) Tests: - Add security tests (TestNonMemberCannotSend, TestHistoryNonMember) - Split TestInsertAndPollMessages for reduced complexity - Fix parallel test safety (viper global state prevents parallelism) - Use t.Context() instead of context.Background() in tests Docker build verified passing locally.
This commit is contained in:
clawbot
@@ -33,14 +33,17 @@ type Healthcheck struct {
|
||||
}
|
||||
|
||||
// New creates a new Healthcheck instance.
|
||||
func New(lc fx.Lifecycle, params Params) (*Healthcheck, error) {
|
||||
s := new(Healthcheck)
|
||||
s.params = ¶ms
|
||||
s.log = params.Logger.Get()
|
||||
func New(
|
||||
lifecycle fx.Lifecycle, params Params,
|
||||
) (*Healthcheck, error) {
|
||||
hcheck := &Healthcheck{ //nolint:exhaustruct // StartupTime set in OnStart
|
||||
params: ¶ms,
|
||||
log: params.Logger.Get(),
|
||||
}
|
||||
|
||||
lc.Append(fx.Hook{
|
||||
lifecycle.Append(fx.Hook{
|
||||
OnStart: func(_ context.Context) error {
|
||||
s.StartupTime = time.Now()
|
||||
hcheck.StartupTime = time.Now()
|
||||
|
||||
return nil
|
||||
},
|
||||
@@ -49,7 +52,7 @@ func New(lc fx.Lifecycle, params Params) (*Healthcheck, error) {
|
||||
},
|
||||
})
|
||||
|
||||
return s, nil
|
||||
return hcheck, nil
|
||||
}
|
||||
|
||||
// Response is the JSON response returned by the health endpoint.
|
||||
@@ -64,19 +67,18 @@ type Response struct {
|
||||
}
|
||||
|
||||
// Healthcheck returns the current health status of the server.
|
||||
func (s *Healthcheck) Healthcheck() *Response {
|
||||
resp := &Response{
|
||||
func (hcheck *Healthcheck) Healthcheck() *Response {
|
||||
return &Response{
|
||||
Status: "ok",
|
||||
Now: time.Now().UTC().Format(time.RFC3339Nano),
|
||||
UptimeSeconds: int64(s.uptime().Seconds()),
|
||||
UptimeHuman: s.uptime().String(),
|
||||
Appname: s.params.Globals.Appname,
|
||||
Version: s.params.Globals.Version,
|
||||
UptimeSeconds: int64(hcheck.uptime().Seconds()),
|
||||
UptimeHuman: hcheck.uptime().String(),
|
||||
Appname: hcheck.params.Globals.Appname,
|
||||
Version: hcheck.params.Globals.Version,
|
||||
Maintenance: hcheck.params.Config.MaintenanceMode,
|
||||
}
|
||||
|
||||
return resp
|
||||
}
|
||||
|
||||
func (s *Healthcheck) uptime() time.Duration {
|
||||
return time.Since(s.StartupTime)
|
||||
func (hcheck *Healthcheck) uptime() time.Duration {
|
||||
return time.Since(hcheck.StartupTime)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user