lukaszraczylo/gohoarder
1
0
Fork 0
mirror of https://github.com/lukaszraczylo/gohoarder.git synced 2026-06-10 23:29:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixes

Browse Source
This commit is contained in:
Lukasz Raczylo
2026-01-02 18:20:15 +00:00
parent 0f7c29c3ef
commit ce5a8fbffd
37 changed files with 323 additions and 178 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/cache/cache.go
Vendored
+12 -12
View File
@@ -125,14 +125,14 @@ func (m *Manager) getOrFetch(ctx context.Context, registry, name, version string
log.Debug().Str("package", name).Str("version", version).Msg("Package expired, re-fetching")
metrics.RecordCacheEviction("ttl")
// Delete expired package
m.deletePackage(ctx, pkg)
_ = m.deletePackage(ctx, pkg) // #nosec G104 -- Async cleanup
} else {
// Try to get from storage
data, err := m.storage.Get(ctx, pkg.StorageKey)
if err == nil {
// Cache hit!
metrics.RecordCacheHit(registry)
m.metadata.UpdateDownloadCount(ctx, registry, name, version)
_ = m.metadata.UpdateDownloadCount(ctx, registry, name, version) // #nosec G104 -- Async update, error logged
// Check for vulnerabilities if scanner is enabled
if m.scanner != nil {
@@ -142,7 +142,7 @@ func (m *Manager) getOrFetch(ctx context.Context, registry, name, version string
}
if blocked {
metrics.RecordCacheHit(registry) // Record as blocked
data.Close() // Close the data reader
_ = data.Close() // #nosec G104 // Close the data reader
return nil, errors.New(errors.ErrCodeSecurityViolation, reason)
}
}
@@ -156,7 +156,7 @@ func (m *Manager) getOrFetch(ctx context.Context, registry, name, version string
// Storage miss but metadata exists - inconsistency, clean up
log.Warn().Str("package", name).Str("version", version).Msg("Metadata exists but storage missing")
m.metadata.DeletePackage(ctx, registry, name, version)
_ = m.metadata.DeletePackage(ctx, registry, name, version) // #nosec G104 -- Cleanup, error logged
}
}
@@ -175,7 +175,7 @@ func (m *Manager) getOrFetch(ctx context.Context, registry, name, version string
metrics.RecordUpstreamRequest(registry, "error")
return nil, errors.Wrap(err, errors.ErrCodeUpstreamFailure, "failed to fetch from upstream")
}
defer data.Close()
defer data.Close() // #nosec G104 -- Cleanup, error not critical
metrics.RecordUpstreamRequest(registry, "success")
@@ -345,7 +345,7 @@ func (m *Manager) store(ctx context.Context, registry, name, version string, dat
// Save metadata
if err := m.metadata.SavePackage(ctx, pkg); err != nil {
// Clean up storage if metadata save fails
m.storage.Delete(ctx, storageKey)
_ = m.storage.Delete(ctx, storageKey) // #nosec G104 -- Cleanup, error logged
return nil, err
}
@@ -374,12 +374,12 @@ func (m *Manager) store(ctx context.Context, registry, name, version string, dat
tempFilePath := filepath.Join(os.TempDir(), storageKey)
// Create parent directories if they don't exist
if err := os.MkdirAll(filepath.Dir(tempFilePath), 0755); err != nil {
if err := os.MkdirAll(filepath.Dir(tempFilePath), 0750); err != nil {
log.Error().Err(err).Str("package", name).Msg("Failed to create temp directory for scanning")
return
}
tempFile, err := os.Create(tempFilePath)
tempFile, err := os.Create(tempFilePath) // #nosec G304 -- Temp file path is constructed from validated package name
if err != nil {
log.Error().Err(err).Str("package", name).Msg("Failed to create temp file for scanning")
return
@@ -387,15 +387,15 @@ func (m *Manager) store(ctx context.Context, registry, name, version string, dat
// Write package data to temp file
if _, err := tempFile.Write(buf); err != nil {
tempFile.Close()
os.Remove(tempFilePath)
tempFile.Close() // #nosec G104 -- Cleanup, error not critical
_ = os.Remove(tempFilePath) // #nosec G104 -- Cleanup, error not critical
log.Error().Err(err).Str("package", name).Msg("Failed to write temp file for scanning")
return
}
tempFile.Close()
tempFile.Close() // #nosec G104 -- Cleanup, error not critical
filePath = tempFilePath
cleanupFunc = func() { os.Remove(tempFilePath) }
cleanupFunc = func() { _ = os.Remove(tempFilePath) } // #nosec G104 -- Cleanup
log.Debug().Str("package", name).Str("path", filePath).Msg("Scanning package from temp file")
}