fix: replace O(n²) duplicate detection with map-based O(1) lookups

Replace linear scan deduplication of snapshot IDs in RemoveAllSnapshots() and PruneBlobs() with map[string]bool for O(1) lookups. Previously, each new snapshot ID was checked against the entire collected slice via a linear scan, resulting in O(n²) overall complexity. Now a 'seen' map provides constant-time membership checks while preserving insertion order in the slice. closes #12
schema: add ON DELETE CASCADE to snapshot_files.file_id and snapshot_blobs.blob_id FKs (#46 )
2026-03-19 06:05:44 -07:00 · 2026-03-19 14:03:39 +01:00 · 2026-03-19 13:59:27 +01:00 · 2026-03-19 09:33:35 +01:00 · 2026-03-19 09:32:52 +01:00 · 2026-03-19 00:23:45 +01:00
11 changed files with 383 additions and 125 deletions
--- a/.dockerignore
+++ b/.dockerignore
@@ -0,0 +1,8 @@
 .git
 .gitea
 *.md
 LICENSE
 vaultik
 coverage.out
 coverage.html
 .DS_Store
--- a/.gitea/workflows/check.yml
+++ b/.gitea/workflows/check.yml
@@ -0,0 +1,14 @@
 name: check
 on:
  push:
    branches: [main]
  pull_request:
    branches: [main]
 jobs:
  check:
    runs-on: ubuntu-latest
    steps:
      # actions/checkout v4, 2024-09-16
      - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5
      - name: Build and check
        run: docker build .
--- a/61
+++ b/61
@@ -0,0 +1,61 @@
 # Lint stage
 # golangci/golangci-lint:v2.11.3-alpine, 2026-03-17
 FROM golangci/golangci-lint:v2.11.3-alpine@sha256:b1c3de5862ad0a95b4e45a993b0f00415835d687e4f12c845c7493b86c13414e AS lint
 RUN apk add --no-cache make build-base
 WORKDIR /src
 # Copy go mod files first for better layer caching
 COPY go.mod go.sum ./
 RUN go mod download
 # Copy source code
 COPY . .
 # Run formatting check and linter
 RUN make fmt-check
 RUN make lint
 # Build stage
 # golang:1.26.1-alpine, 2026-03-17
 FROM golang:1.26.1-alpine@sha256:2389ebfa5b7f43eeafbd6be0c3700cc46690ef842ad962f6c5bd6be49ed82039 AS builder
 # Depend on lint stage passing
 COPY --from=lint /src/go.sum /dev/null
 ARG VERSION=dev
 # Install build dependencies for CGO (mattn/go-sqlite3) and sqlite3 CLI (tests)
 RUN apk add --no-cache make build-base sqlite
 WORKDIR /src
 # Copy go mod files first for better layer caching
 COPY go.mod go.sum ./
 RUN go mod download
 # Copy source code
 COPY . .
 # Run tests
 RUN make test
 # Build with CGO enabled (required for mattn/go-sqlite3)
 RUN CGO_ENABLED=1 go build -ldflags "-X 'git.eeqj.de/sneak/vaultik/internal/globals.Version=${VERSION}' -X 'git.eeqj.de/sneak/vaultik/internal/globals.Commit=$(git rev-parse HEAD 2>/dev/null || echo unknown)'" -o /vaultik ./cmd/vaultik
 # Runtime stage
 # alpine:3.21, 2026-02-25
 FROM alpine:3.21@sha256:c3f8e73fdb79deaebaa2037150150191b9dcbfba68b4a46d70103204c53f4709
 RUN apk add --no-cache ca-certificates sqlite
 # Copy binary from builder
 COPY --from=builder /vaultik /usr/local/bin/vaultik
 # Create non-root user
 RUN adduser -D -H -s /sbin/nologin vaultik
 USER vaultik
 ENTRYPOINT ["/usr/local/bin/vaultik"]
--- a/40
+++ b/40
@@ -1,4 +1,4 @@
-.PHONY: test fmt lint build clean all
+.PHONY: test fmt lint fmt-check check build clean all docker hooks
 # Version number
 VERSION := 0.0.1
@@ -14,21 +14,12 @@ LDFLAGS := -X 'git.eeqj.de/sneak/vaultik/internal/globals.Version=$(VERSION)' \
 all: vaultik
 # Run tests
-test: lint fmt-check
+test:
-	@echo "Running tests..."
+	go test -race -timeout 30s ./...
 	@if ! go test -v -timeout 10s ./... 2>&1; then \
 		echo ""; \
 		echo "TEST FAILURES DETECTED"; \
 		echo "Run 'go test -v ./internal/database' to see database test details"; \
 		exit 1; \
 	fi
-# Check if code is formatted
+# Check if code is formatted (read-only)
 fmt-check:
-	@if [ -n "$$(go fmt ./...)" ]; then \
+	@test -z "$$(gofmt -l .)" || (echo "Files not formatted:" && gofmt -l . && exit 1)
 		echo "Error: Code is not formatted. Run 'make fmt' to fix."; \
 		exit 1; \
 	fi
 # Format code
 fmt:
@@ -36,7 +27,7 @@ fmt:
 # Run linter
 lint:
-	golangci-lint run
+	golangci-lint run ./...
 # Build binary
 vaultik: internal/*/*.go cmd/vaultik/*.go
@@ -47,11 +38,6 @@ clean:
 	rm -f vaultik
 	go clean
 # Install dependencies
 deps:
 	go mod download
 	go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest
 # Run tests with coverage
 test-coverage:
 	go test -v -coverprofile=coverage.out ./...
@@ -67,3 +53,17 @@ local:
 install: vaultik
 	cp ./vaultik $(HOME)/bin/
 # Run all checks (formatting, linting, tests) without modifying files
 check: fmt-check lint test
 # Build Docker image
 docker:
 	docker build -t vaultik .
 # Install pre-commit hook
 hooks:
 	@printf '#!/bin/sh\nset -e\n' > .git/hooks/pre-commit
 	@printf 'go mod tidy\ngo fmt ./...\ngit diff --exit-code -- go.mod go.sum || { echo "go mod tidy changed files; please stage and retry"; exit 1; }\n' >> .git/hooks/pre-commit
 	@printf 'make check\n' >> .git/hooks/pre-commit
 	@chmod +x .git/hooks/pre-commit
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module git.eeqj.de/sneak/vaultik
-go 1.24.4
+go 1.26.1
 require (
 	filippo.io/age v1.2.1
--- a/internal/database/schema.sql
+++ b/internal/database/schema.sql
@@ -103,7 +103,7 @@ CREATE TABLE IF NOT EXISTS snapshot_files (
    file_id TEXT NOT NULL,
    PRIMARY KEY (snapshot_id, file_id),
    FOREIGN KEY (snapshot_id) REFERENCES snapshots(id) ON DELETE CASCADE,
-    FOREIGN KEY (file_id) REFERENCES files(id)
+    FOREIGN KEY (file_id) REFERENCES files(id) ON DELETE CASCADE
 );
 -- Index for efficient file lookups (used in orphan detection)
@@ -116,7 +116,7 @@ CREATE TABLE IF NOT EXISTS snapshot_blobs (
    blob_hash TEXT NOT NULL,
    PRIMARY KEY (snapshot_id, blob_id),
    FOREIGN KEY (snapshot_id) REFERENCES snapshots(id) ON DELETE CASCADE,
-    FOREIGN KEY (blob_id) REFERENCES blobs(id)
+    FOREIGN KEY (blob_id) REFERENCES blobs(id) ON DELETE CASCADE
 );
 -- Index for efficient blob lookups (used in orphan detection)
@@ -130,7 +130,7 @@ CREATE TABLE IF NOT EXISTS uploads (
    size INTEGER NOT NULL,
    duration_ms INTEGER NOT NULL,
    FOREIGN KEY (blob_hash) REFERENCES blobs(blob_hash),
-    FOREIGN KEY (snapshot_id) REFERENCES snapshots(id)
+    FOREIGN KEY (snapshot_id) REFERENCES snapshots(id) ON DELETE CASCADE
 );
 -- Index for efficient snapshot lookups
--- a/internal/vaultik/blob_fetch.go
+++ b/internal/vaultik/blob_fetch.go
@@ -0,0 +1,93 @@
 package vaultik
 import (
 	"context"
 	"crypto/sha256"
 	"encoding/hex"
 	"fmt"
 	"io"
 	"filippo.io/age"
 	"git.eeqj.de/sneak/vaultik/internal/blobgen"
 )
 // hashVerifyReader wraps a blobgen.Reader and verifies the double-SHA-256 hash
 // of decrypted plaintext when Close is called. It reuses the hash that
 // blobgen.Reader already computes internally via its TeeReader, avoiding
 // redundant SHA-256 computation.
 type hashVerifyReader struct {
 	reader   *blobgen.Reader // underlying decrypted blob reader (has internal hasher)
 	fetcher  io.ReadCloser   // raw fetched stream (closed on Close)
 	blobHash string          // expected double-SHA-256 hex
 	done     bool            // EOF reached
 }
 func (h *hashVerifyReader) Read(p []byte) (int, error) {
 	n, err := h.reader.Read(p)
 	if err == io.EOF {
 		h.done = true
 	}
 	return n, err
 }
 // Close verifies the hash (if the stream was fully read) and closes underlying readers.
 func (h *hashVerifyReader) Close() error {
 	readerErr := h.reader.Close()
 	fetcherErr := h.fetcher.Close()
 	if h.done {
 		firstHash := h.reader.Sum256()
 		secondHasher := sha256.New()
 		secondHasher.Write(firstHash)
 		actualHashHex := hex.EncodeToString(secondHasher.Sum(nil))
 		if actualHashHex != h.blobHash {
 			return fmt.Errorf("blob hash mismatch: expected %s, got %s", h.blobHash[:16], actualHashHex[:16])
 		}
 	}
 	if readerErr != nil {
 		return readerErr
 	}
 	return fetcherErr
 }
 // FetchAndDecryptBlob downloads a blob, decrypts and decompresses it, and
 // returns a streaming reader that computes the double-SHA-256 hash on the fly.
 // The hash is verified when the returned reader is closed (after fully reading).
 // This avoids buffering the entire blob in memory.
 func (v *Vaultik) FetchAndDecryptBlob(ctx context.Context, blobHash string, expectedSize int64, identity age.Identity) (io.ReadCloser, error) {
 	rc, _, err := v.FetchBlob(ctx, blobHash, expectedSize)
 	if err != nil {
 		return nil, err
 	}
 	reader, err := blobgen.NewReader(rc, identity)
 	if err != nil {
 		_ = rc.Close()
 		return nil, fmt.Errorf("creating blob reader: %w", err)
 	}
 	return &hashVerifyReader{
 		reader:   reader,
 		fetcher:  rc,
 		blobHash: blobHash,
 	}, nil
 }
 // FetchBlob downloads a blob and returns a reader for the encrypted data.
 func (v *Vaultik) FetchBlob(ctx context.Context, blobHash string, expectedSize int64) (io.ReadCloser, int64, error) {
 	blobPath := fmt.Sprintf("blobs/%s/%s/%s", blobHash[:2], blobHash[2:4], blobHash)
 	rc, err := v.Storage.Get(ctx, blobPath)
 	if err != nil {
 		return nil, 0, fmt.Errorf("downloading blob %s: %w", blobHash[:16], err)
 	}
 	info, err := v.Storage.Stat(ctx, blobPath)
 	if err != nil {
 		_ = rc.Close()
 		return nil, 0, fmt.Errorf("stat blob %s: %w", blobHash[:16], err)
 	}
 	return rc, info.Size, nil
 }
--- a/internal/vaultik/blob_fetch_hash_test.go
+++ b/internal/vaultik/blob_fetch_hash_test.go
@@ -0,0 +1,100 @@
 package vaultik_test
 import (
 	"bytes"
 	"context"
 	"crypto/sha256"
 	"encoding/hex"
 	"io"
 	"strings"
 	"testing"
 	"filippo.io/age"
 	"git.eeqj.de/sneak/vaultik/internal/blobgen"
 	"git.eeqj.de/sneak/vaultik/internal/vaultik"
 )
 // TestFetchAndDecryptBlobVerifiesHash verifies that FetchAndDecryptBlob checks
 // the double-SHA-256 hash of the decrypted plaintext against the expected blob hash.
 func TestFetchAndDecryptBlobVerifiesHash(t *testing.T) {
 	identity, err := age.GenerateX25519Identity()
 	if err != nil {
 		t.Fatalf("generating identity: %v", err)
 	}
 	// Create test data and encrypt it using blobgen.Writer
 	plaintext := []byte("hello world test data for blob hash verification")
 	var encBuf bytes.Buffer
 	writer, err := blobgen.NewWriter(&encBuf, 1, []string{identity.Recipient().String()})
 	if err != nil {
 		t.Fatalf("creating blobgen writer: %v", err)
 	}
 	if _, err := writer.Write(plaintext); err != nil {
 		t.Fatalf("writing plaintext: %v", err)
 	}
 	if err := writer.Close(); err != nil {
 		t.Fatalf("closing writer: %v", err)
 	}
 	encryptedData := encBuf.Bytes()
 	// Compute correct double-SHA-256 hash of the plaintext (matches blobgen.Writer.Sum256)
 	firstHash := sha256.Sum256(plaintext)
 	secondHash := sha256.Sum256(firstHash[:])
 	correctHash := hex.EncodeToString(secondHash[:])
 	// Verify our hash matches what blobgen.Writer produces
 	writerHash := hex.EncodeToString(writer.Sum256())
 	if correctHash != writerHash {
 		t.Fatalf("hash computation mismatch: manual=%s, writer=%s", correctHash, writerHash)
 	}
 	// Set up mock storage with the blob at the correct path
 	mockStorage := NewMockStorer()
 	blobPath := "blobs/" + correctHash[:2] + "/" + correctHash[2:4] + "/" + correctHash
 	mockStorage.mu.Lock()
 	mockStorage.data[blobPath] = encryptedData
 	mockStorage.mu.Unlock()
 	tv := vaultik.NewForTesting(mockStorage)
 	ctx := context.Background()
 	t.Run("correct hash succeeds", func(t *testing.T) {
 		rc, err := tv.FetchAndDecryptBlob(ctx, correctHash, int64(len(encryptedData)), identity)
 		if err != nil {
 			t.Fatalf("expected success, got error: %v", err)
 		}
 		data, err := io.ReadAll(rc)
 		if err != nil {
 			t.Fatalf("reading stream: %v", err)
 		}
 		if err := rc.Close(); err != nil {
 			t.Fatalf("close (hash verification) failed: %v", err)
 		}
 		if !bytes.Equal(data, plaintext) {
 			t.Fatalf("decrypted data mismatch: got %q, want %q", data, plaintext)
 		}
 	})
 	t.Run("wrong hash fails", func(t *testing.T) {
 		// Use a fake hash that doesn't match the actual plaintext
 		fakeHash := strings.Repeat("ab", 32) // 64 hex chars
 		fakePath := "blobs/" + fakeHash[:2] + "/" + fakeHash[2:4] + "/" + fakeHash
 		mockStorage.mu.Lock()
 		mockStorage.data[fakePath] = encryptedData
 		mockStorage.mu.Unlock()
 		rc, err := tv.FetchAndDecryptBlob(ctx, fakeHash, int64(len(encryptedData)), identity)
 		if err != nil {
 			t.Fatalf("unexpected error opening stream: %v", err)
 		}
 		// Read all data — hash is verified on Close
 		_, _ = io.ReadAll(rc)
 		err = rc.Close()
 		if err == nil {
 			t.Fatal("expected error for mismatched hash, got nil")
 		}
 		if !strings.Contains(err.Error(), "hash mismatch") {
 			t.Fatalf("expected hash mismatch error, got: %v", err)
 		}
 	})
 }
--- a/internal/vaultik/blob_fetch_stub.go
+++ b/internal/vaultik/blob_fetch_stub.go
@@ -1,55 +0,0 @@
 package vaultik
 import (
 	"context"
 	"fmt"
 	"io"
 	"filippo.io/age"
 	"git.eeqj.de/sneak/vaultik/internal/blobgen"
 )
 // FetchAndDecryptBlobResult holds the result of fetching and decrypting a blob.
 type FetchAndDecryptBlobResult struct {
 	Data []byte
 }
 // FetchAndDecryptBlob downloads a blob, decrypts it, and returns the plaintext data.
 func (v *Vaultik) FetchAndDecryptBlob(ctx context.Context, blobHash string, expectedSize int64, identity age.Identity) (*FetchAndDecryptBlobResult, error) {
 	rc, _, err := v.FetchBlob(ctx, blobHash, expectedSize)
 	if err != nil {
 		return nil, err
 	}
 	defer func() { _ = rc.Close() }()
 	reader, err := blobgen.NewReader(rc, identity)
 	if err != nil {
 		return nil, fmt.Errorf("creating blob reader: %w", err)
 	}
 	defer func() { _ = reader.Close() }()
 	data, err := io.ReadAll(reader)
 	if err != nil {
 		return nil, fmt.Errorf("reading blob data: %w", err)
 	}
 	return &FetchAndDecryptBlobResult{Data: data}, nil
 }
 // FetchBlob downloads a blob and returns a reader for the encrypted data.
 func (v *Vaultik) FetchBlob(ctx context.Context, blobHash string, expectedSize int64) (io.ReadCloser, int64, error) {
 	blobPath := fmt.Sprintf("blobs/%s/%s/%s", blobHash[:2], blobHash[2:4], blobHash)
 	rc, err := v.Storage.Get(ctx, blobPath)
 	if err != nil {
 		return nil, 0, fmt.Errorf("downloading blob %s: %w", blobHash[:16], err)
 	}
 	info, err := v.Storage.Stat(ctx, blobPath)
 	if err != nil {
 		_ = rc.Close()
 		return nil, 0, fmt.Errorf("stat blob %s: %w", blobHash[:16], err)
 	}
 	return rc, info.Size, nil
 }
--- a/internal/vaultik/restore.go
+++ b/internal/vaultik/restore.go
@@ -22,6 +22,13 @@ import (
 	"golang.org/x/term"
 )
 const (
 	// progressBarWidth is the character width of the progress bar display.
 	progressBarWidth = 40
 	// progressBarThrottle is the minimum interval between progress bar redraws.
 	progressBarThrottle = 100 * time.Millisecond
 )
 // RestoreOptions contains options for the restore operation
 type RestoreOptions struct {
 	SnapshotID string
@@ -172,6 +179,15 @@ func (v *Vaultik) restoreAllFiles(
 	}
 	defer func() { _ = blobCache.Close() }()
 	// Calculate total bytes for progress bar
 	var totalBytesExpected int64
 	for _, file := range files {
 		totalBytesExpected += file.Size
 	}
 	// Create progress bar if output is a terminal
 	bar := v.newProgressBar("Restoring", totalBytesExpected)
 	for i, file := range files {
 		if v.ctx.Err() != nil {
 			return nil, v.ctx.Err()
@@ -181,11 +197,19 @@ func (v *Vaultik) restoreAllFiles(
 			log.Error("Failed to restore file", "path", file.Path, "error", err)
 			result.FilesFailed++
 			result.FailedFiles = append(result.FailedFiles, file.Path.String())
-			// Continue with other files
+			// Update progress bar even on failure
 			if bar != nil {
 				_ = bar.Add64(file.Size)
 			}
 			continue
 		}
-		// Progress logging
+		// Update progress bar
 		if bar != nil {
 			_ = bar.Add64(file.Size)
 		}
 		// Progress logging (for non-terminal or structured logs)
 		if (i+1)%100 == 0 || i+1 == len(files) {
 			log.Info("Restore progress",
 				"files", fmt.Sprintf("%d/%d", i+1, len(files)),
@@ -194,6 +218,10 @@ func (v *Vaultik) restoreAllFiles(
 		}
 	}
 	if bar != nil {
 		_ = bar.Finish()
 	}
 	return result, nil
 }
@@ -530,11 +558,23 @@ func (v *Vaultik) restoreRegularFile(
 // downloadBlob downloads and decrypts a blob
 func (v *Vaultik) downloadBlob(ctx context.Context, blobHash string, expectedSize int64, identity age.Identity) ([]byte, error) {
-	result, err := v.FetchAndDecryptBlob(ctx, blobHash, expectedSize, identity)
+	rc, err := v.FetchAndDecryptBlob(ctx, blobHash, expectedSize, identity)
 	if err != nil {
 		return nil, err
 	}
-	return result.Data, nil
+
 	data, err := io.ReadAll(rc)
 	if err != nil {
 		_ = rc.Close()
 		return nil, fmt.Errorf("reading blob data: %w", err)
 	}
 	// Close triggers hash verification
 	if err := rc.Close(); err != nil {
 		return nil, err
 	}
 	return data, nil
 }
 // verifyRestoredFiles verifies that all restored files match their expected chunk hashes
@@ -572,22 +612,7 @@ func (v *Vaultik) verifyRestoredFiles(
 	)
 	// Create progress bar if output is a terminal
-	var bar *progressbar.ProgressBar
+	bar := v.newProgressBar("Verifying", totalBytes)
 	if isTerminal() {
 		bar = progressbar.NewOptions64(
 			totalBytes,
 			progressbar.OptionSetDescription("Verifying"),
 			progressbar.OptionSetWriter(v.Stderr),
 			progressbar.OptionShowBytes(true),
 			progressbar.OptionShowCount(),
 			progressbar.OptionSetWidth(40),
 			progressbar.OptionThrottle(100*time.Millisecond),
 			progressbar.OptionOnCompletion(func() {
 				v.printfStderr("\n")
 			}),
 			progressbar.OptionSetRenderBlankState(true),
 		)
 	}
 	// Verify each file
 	for _, file := range regularFiles {
@@ -681,7 +706,37 @@ func (v *Vaultik) verifyFile(
 	return bytesVerified, nil
 }
-// isTerminal returns true if stdout is a terminal
+// newProgressBar creates a terminal-aware progress bar with standard options.
-func isTerminal() bool {
+// It returns nil if stdout is not a terminal.
-	return term.IsTerminal(int(os.Stdout.Fd()))
+func (v *Vaultik) newProgressBar(description string, total int64) *progressbar.ProgressBar {
 	if !v.isTerminal() {
 		return nil
 	}
 	return progressbar.NewOptions64(
 		total,
 		progressbar.OptionSetDescription(description),
 		progressbar.OptionSetWriter(v.Stderr),
 		progressbar.OptionShowBytes(true),
 		progressbar.OptionShowCount(),
 		progressbar.OptionSetWidth(progressBarWidth),
 		progressbar.OptionThrottle(progressBarThrottle),
 		progressbar.OptionOnCompletion(func() {
 			v.printfStderr("\n")
 		}),
 		progressbar.OptionSetRenderBlankState(true),
 	)
 }
 // isTerminal returns true if stdout is a terminal.
 // It checks whether v.Stdout implements Fd() (i.e. is an *os.File),
 // and falls back to false for non-file writers (e.g. in tests).
 func (v *Vaultik) isTerminal() bool {
 	type fder interface {
 		Fd() uintptr
 	}
 	f, ok := v.Stdout.(fder)
 	if !ok {
 		return false
 	}
 	return term.IsTerminal(int(f.Fd()))
 }
--- a/internal/vaultik/snapshot.go
+++ b/internal/vaultik/snapshot.go
@@ -419,7 +419,7 @@ func (v *Vaultik) listRemoteSnapshotIDs() (map[string]bool, error) {
 	return remoteSnapshots, nil
 }
-// reconcileLocalWithRemote removes local snapshots not in remote and returns the surviving local map
+// reconcileLocalWithRemote builds a map of local snapshots keyed by ID for cross-referencing with remote
 func (v *Vaultik) reconcileLocalWithRemote(remoteSnapshots map[string]bool) (map[string]*database.Snapshot, error) {
 	localSnapshots, err := v.Repositories.Snapshots.ListRecent(v.ctx, 10000)
 	if err != nil {
@@ -431,19 +431,6 @@ func (v *Vaultik) reconcileLocalWithRemote(remoteSnapshots map[string]bool) (map
 		localSnapshotMap[s.ID.String()] = s
 	}
 	for _, snap := range localSnapshots {
 		snapshotIDStr := snap.ID.String()
 		if !remoteSnapshots[snapshotIDStr] {
 			log.Info("Removing local snapshot not found in remote", "snapshot_id", snap.ID)
 			if err := v.deleteSnapshotFromLocalDB(snapshotIDStr); err != nil {
 				log.Error("Failed to delete local snapshot", "snapshot_id", snap.ID, "error", err)
 			} else {
 				log.Info("Deleted local snapshot not found in remote", "snapshot_id", snap.ID)
 				delete(localSnapshotMap, snapshotIDStr)
 			}
 		}
 	}
 	return localSnapshotMap, nil
 }
@@ -872,7 +859,7 @@ func (v *Vaultik) syncWithRemote() error {
 		snapshotIDStr := snapshot.ID.String()
 		if !remoteSnapshots[snapshotIDStr] {
 			log.Info("Removing local snapshot not found in remote", "snapshot_id", snapshot.ID)
-			if err := v.Repositories.Snapshots.Delete(v.ctx, snapshotIDStr); err != nil {
+			if err := v.deleteSnapshotFromLocalDB(snapshotIDStr); err != nil {
 				log.Error("Failed to delete local snapshot", "snapshot_id", snapshot.ID, "error", err)
 			} else {
 				removedCount++
@@ -1001,6 +988,7 @@ func (v *Vaultik) listAllRemoteSnapshotIDs() ([]string, error) {
 	log.Info("Listing all snapshots")
 	objectCh := v.Storage.ListStream(v.ctx, "metadata/")
 	seen := make(map[string]bool)
 	var snapshotIDs []string
 	for object := range objectCh {
 		if object.Err != nil {
@@ -1015,14 +1003,8 @@ func (v *Vaultik) listAllRemoteSnapshotIDs() ([]string, error) {
 			}
 			if strings.HasSuffix(object.Key, "/") || strings.Contains(object.Key, "/manifest.json.zst") {
 				sid := parts[1]
-				found := false
+				if !seen[sid] {
-				for _, id := range snapshotIDs {
+					seen[sid] = true
 					if id == sid {
 						found = true
 						break
 					}
 				}
 				if !found {
 					snapshotIDs = append(snapshotIDs, sid)
 				}
 			}
Author	SHA1	Message	Date
clawbot	ea8edd653f	fix: replace O(n²) duplicate detection with map-based O(1) lookups All checks were successful check / check (pull_request) Successful in 2m27s Details Replace linear scan deduplication of snapshot IDs in RemoveAllSnapshots() and PruneBlobs() with map[string]bool for O(1) lookups. Previously, each new snapshot ID was checked against the entire collected slice via a linear scan, resulting in O(n²) overall complexity. Now a 'seen' map provides constant-time membership checks while preserving insertion order in the slice. closes #12	2026-03-19 06:05:44 -07:00
clawbot	60b6746db9	schema: add ON DELETE CASCADE to snapshot_files.file_id and snapshot_blobs.blob_id FKs (#46 ) All checks were successful check / check (push) Successful in 2m47s Details Add `ON DELETE CASCADE` to the two foreign keys that were missing it: - `snapshot_files.file_id` → `files(id)` - `snapshot_blobs.blob_id` → `blobs(id)` This ensures that when a file or blob row is deleted, the corresponding snapshot junction rows are automatically cleaned up, consistent with the other CASCADE FKs already in the schema. closes #19 Co-authored-by: user <user@Mac.lan guest wan> Reviewed-on: #46 Co-authored-by: clawbot <clawbot@noreply.example.org> Co-committed-by: clawbot <clawbot@noreply.example.org>	2026-03-19 14:03:39 +01:00
clawbot	f28c8a73b7	fix: add ON DELETE CASCADE to uploads FK on snapshot_id (#44 ) All checks were successful check / check (push) Successful in 2m24s Details The `uploads` table's foreign key on `snapshot_id` did not cascade deletes, unlike `snapshot_files` and `snapshot_blobs`. This caused FK violations when deleting snapshots with associated upload records (if FK enforcement is enabled) unless uploads were manually deleted first. Adds `ON DELETE CASCADE` to the `snapshot_id` FK in `schema.sql` for consistency with the other snapshot-referencing tables. `docker build .` passes (fmt-check, lint, all tests, build). closes #18 Co-authored-by: clawbot <clawbot@noreply.git.eeqj.de> Reviewed-on: #44 Co-authored-by: clawbot <clawbot@noreply.example.org> Co-committed-by: clawbot <clawbot@noreply.example.org>	2026-03-19 13:59:27 +01:00
clawbot	1c0f5b8eb2	Rename blob_fetch_stub.go to blob_fetch.go (#53 ) All checks were successful check / check (push) Successful in 4m28s Details Renames `internal/vaultik/blob_fetch_stub.go` to `internal/vaultik/blob_fetch.go`. The file contains production code (`hashVerifyReader`, `FetchAndDecryptBlob`), not stubs. The `_stub` suffix was a misnomer from the original implementation in [PR #39](#39). Pure rename — no code changes. All tests, linting, and formatting pass. closes #52 Co-authored-by: user <user@Mac.lan guest wan> Reviewed-on: #53 Co-authored-by: clawbot <clawbot@noreply.example.org> Co-committed-by: clawbot <clawbot@noreply.example.org>	2026-03-19 09:33:35 +01:00
clawbot	689109a2b8	fix: remove destructive sync from ListSnapshots (#49 ) Some checks failed check / check (push) Has been cancelled Details ## Summary `ListSnapshots()` silently deleted local snapshot records not found in remote storage. A list/read operation should not have destructive side effects. ## Changes 1. Removed destructive sync from `ListSnapshots()` — the inline loop that deleted local snapshots not present in remote storage has been removed entirely. `ListSnapshots()` now only reads and displays data. 2. Improved `syncWithRemote()` cascade cleanup — updated `syncWithRemote()` to use `deleteSnapshotFromLocalDB()` instead of directly calling `Repositories.Snapshots.Delete()`. This ensures proper cascade deletion of related records (`snapshot_files`, `snapshot_blobs`, `snapshot_uploads`) before deleting the snapshot record itself, matching the thorough cleanup that the removed `ListSnapshots` code was doing. The explicit sync behavior remains available via `syncWithRemote()`, which is called by `PurgeSnapshots()`. ## Testing - `docker build .` passes (lint, fmt-check, all tests, compilation) closes #15 Co-authored-by: clawbot <clawbot@eeqj.de> Reviewed-on: #49 Co-authored-by: clawbot <clawbot@noreply.example.org> Co-committed-by: clawbot <clawbot@noreply.example.org>	2026-03-19 09:32:52 +01:00
clawbot	ac2f21a89d	Refactor: break up oversized methods into smaller descriptive helpers (#41 ) All checks were successful check / check (push) Successful in 4m17s Details Closes #40 Per sneak's feedback on PR #37: methods were too long. This PR breaks all methods over 100-150 lines into smaller, descriptively named helper methods. ## Refactored methods (8 total) \| Original \| Lines \| Helpers extracted \| \|---\|---\|---\| \| `createNamedSnapshot` \| 214 \| `resolveSnapshotPaths`, `scanAllDirectories`, `collectUploadStats`, `finalizeSnapshotMetadata`, `printSnapshotSummary`, `getSnapshotBlobSizes`, `formatUploadSpeed` \| \| `ListSnapshots` \| 159 \| `listRemoteSnapshotIDs`, `reconcileLocalWithRemote`, `buildSnapshotInfoList`, `printSnapshotTable` \| \| `PruneBlobs` \| 170 \| `collectReferencedBlobs`, `listUniqueSnapshotIDs`, `listAllRemoteBlobs`, `findUnreferencedBlobs`, `deleteUnreferencedBlobs` \| \| `RunDeepVerify` \| 182 \| `loadVerificationData`, `runVerificationSteps`, `deepVerifyFailure` \| \| `RemoteInfo` \| 187 \| `collectSnapshotMetadata`, `collectReferencedBlobsFromManifests`, `populateRemoteInfoResult`, `scanRemoteBlobStorage`, `printRemoteInfoTable` \| \| `handleBlobReady` \| 173 \| `uploadBlobIfNeeded`, `makeUploadProgressCallback`, `recordBlobMetadata`, `cleanupBlobTempFile` \| \| `processFileStreaming` \| 146 \| `updateChunkStats`, `addChunkToPacker`, `queueFileForBatchInsert` \| \| `finalizeCurrentBlob` \| 167 \| `closeBlobWriter`, `buildChunkRefs`, `commitBlobToDatabase`, `deliverFinishedBlob` \| ## Verification - `go build ./...` ✅ - `make test` ✅ (all tests pass) - `golangci-lint run` ✅ (0 issues) - No behavioral changes, pure restructuring Co-authored-by: user <user@Mac.lan guest wan> Reviewed-on: #41 Co-authored-by: clawbot <clawbot@noreply.example.org> Co-committed-by: clawbot <clawbot@noreply.example.org>	2026-03-19 00:23:45 +01:00
clawbot	8c59f55096	fix: verify blob hash after download and decryption (closes #5 ) (#39 ) All checks were successful check / check (push) Successful in 2m27s Details ## Summary Add double-SHA-256 hash verification of decrypted plaintext in `FetchAndDecryptBlob`. This ensures blob integrity during restore operations by comparing the computed hash against the expected blob hash before returning data to the caller. The blob hash is `SHA256(SHA256(plaintext))` as produced by `blobgen.Writer.Sum256()`. Verification happens after decryption and decompression but before the data is used. ## Test Added `blob_fetch_hash_test.go` with tests for: - Correct hash passes verification - Mismatched hash returns descriptive error ## make test output ``` golangci-lint run 0 issues. ok git.eeqj.de/sneak/vaultik/internal/blob 4.563s ok git.eeqj.de/sneak/vaultik/internal/blobgen 3.981s ok git.eeqj.de/sneak/vaultik/internal/chunker 4.127s ok git.eeqj.de/sneak/vaultik/internal/cli 1.499s ok git.eeqj.de/sneak/vaultik/internal/config 1.905s ok git.eeqj.de/sneak/vaultik/internal/crypto 0.519s ok git.eeqj.de/sneak/vaultik/internal/database 4.590s ok git.eeqj.de/sneak/vaultik/internal/globals 0.650s ok git.eeqj.de/sneak/vaultik/internal/models 0.779s ok git.eeqj.de/sneak/vaultik/internal/pidlock 2.945s ok git.eeqj.de/sneak/vaultik/internal/s3 3.286s ok git.eeqj.de/sneak/vaultik/internal/snapshot 3.979s ok git.eeqj.de/sneak/vaultik/internal/vaultik 4.418s ``` All tests pass, 0 lint issues. Co-authored-by: user <user@Mac.lan guest wan> Co-authored-by: clawbot <clawbot@noreply.git.eeqj.de> Reviewed-on: #39 Co-authored-by: clawbot <sneak+clawbot@sneak.cloud> Co-committed-by: clawbot <sneak+clawbot@sneak.cloud>	2026-03-19 00:21:11 +01:00
clawbot	c24e7e6360	Add make check target and CI workflow (#42 ) All checks were successful check / check (push) Successful in 4m5s Details Adds a `make check` target that verifies formatting (gofmt), linting (golangci-lint), and tests (go test -race) without modifying files. Also adds `.gitea/workflows/check.yml` CI workflow that runs on pushes and PRs to main. `make check` passes cleanly on current main. Co-authored-by: user <user@Mac.lan guest wan> Co-authored-by: clawbot <clawbot@noreply.git.eeqj.de> Co-authored-by: clawbot <clawbot@sneak.berlin> Reviewed-on: #42 Co-authored-by: clawbot <sneak+clawbot@sneak.cloud> Co-committed-by: clawbot <sneak+clawbot@sneak.cloud>	2026-03-17 12:39:44 +01:00
clawbot	7a5943958d	feat: add progress bar to restore operation (#23 ) Add an interactive progress bar (using schollz/progressbar) to the file restore loop, matching the existing pattern in verify. Shows bytes restored with ETA when output is a terminal. Fixes #20 Co-authored-by: clawbot <clawbot@eeqj.de> Co-authored-by: clawbot <clawbot@noreply.git.eeqj.de> Reviewed-on: #23 Co-authored-by: clawbot <clawbot@noreply.example.org> Co-committed-by: clawbot <clawbot@noreply.example.org>	2026-03-17 11:18:18 +01:00