lukaszraczylo/gohoarder
1
0
Fork 0
mirror of https://github.com/lukaszraczylo/gohoarder.git synced 2026-06-10 23:29:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixes

Browse Source
This commit is contained in:
Lukasz Raczylo
2026-01-02 18:20:15 +00:00
parent 0f7c29c3ef
commit ce5a8fbffd
37 changed files with 323 additions and 178 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/proxy/goproxy/goproxy.go
+18 -18
View File
@@ -125,7 +125,7 @@ func (h *Handler) handleList(ctx context.Context, w http.ResponseWriter, r *http
return nil, "", err
}
if statusCode != http.StatusOK {
body.Close()
body.Close() // #nosec G104 -- Cleanup, error not critical
return nil, "", fmt.Errorf("upstream returned status %d", statusCode)
}
return body, url, nil
@@ -136,10 +136,10 @@ func (h *Handler) handleList(ctx context.Context, w http.ResponseWriter, r *http
http.Error(w, "Failed to fetch version list", http.StatusBadGateway)
return
}
defer entry.Data.Close()
defer entry.Data.Close() // #nosec G104 -- Cleanup, error not critical
w.Header().Set("Content-Type", "text/plain; charset=UTF-8")
io.Copy(w, entry.Data)
_, _ = io.Copy(w, entry.Data) // #nosec G104 -- HTTP response write
}
// handleInfo handles /@v/$version.info requests
@@ -165,7 +165,7 @@ func (h *Handler) handleInfo(ctx context.Context, w http.ResponseWriter, r *http
return nil, "", err
}
if statusCode != http.StatusOK {
body.Close()
body.Close() // #nosec G104 -- Cleanup, error not critical
return nil, "", fmt.Errorf("upstream returned status %d", statusCode)
}
return body, url, nil
@@ -176,10 +176,10 @@ func (h *Handler) handleInfo(ctx context.Context, w http.ResponseWriter, r *http
http.Error(w, "Failed to fetch version info", http.StatusBadGateway)
return
}
defer entry.Data.Close()
defer entry.Data.Close() // #nosec G104 -- Cleanup, error not critical
w.Header().Set("Content-Type", "application/json; charset=UTF-8")
io.Copy(w, entry.Data)
_, _ = io.Copy(w, entry.Data) // #nosec G104 -- HTTP response write
}
// handleMod handles /@v/$version.mod requests
@@ -205,7 +205,7 @@ func (h *Handler) handleMod(ctx context.Context, w http.ResponseWriter, r *http.
return nil, "", err
}
if statusCode != http.StatusOK {
body.Close()
body.Close() // #nosec G104 -- Cleanup, error not critical
return nil, "", fmt.Errorf("upstream returned status %d", statusCode)
}
return body, url, nil
@@ -216,10 +216,10 @@ func (h *Handler) handleMod(ctx context.Context, w http.ResponseWriter, r *http.
http.Error(w, "Failed to fetch go.mod", http.StatusBadGateway)
return
}
defer entry.Data.Close()
defer entry.Data.Close() // #nosec G104 -- Cleanup, error not critical
w.Header().Set("Content-Type", "text/plain; charset=UTF-8")
io.Copy(w, entry.Data)
_, _ = io.Copy(w, entry.Data) // #nosec G104 -- HTTP response write
}
// handleZip handles /@v/$version.zip requests
@@ -259,7 +259,7 @@ func (h *Handler) handleZip(ctx context.Context, w http.ResponseWriter, r *http.
// If upstream failed with 404 or 403, try git fallback (private modules)
if statusCode == http.StatusNotFound || statusCode == http.StatusForbidden {
if body != nil {
body.Close()
body.Close() // #nosec G104 -- Cleanup, error not critical
}
log.Debug().
@@ -273,7 +273,7 @@ func (h *Handler) handleZip(ctx context.Context, w http.ResponseWriter, r *http.
// Other errors
if body != nil {
body.Close()
body.Close() // #nosec G104 -- Cleanup, error not critical
}
if err != nil {
return nil, "", err
@@ -294,7 +294,7 @@ func (h *Handler) handleZip(ctx context.Context, w http.ResponseWriter, r *http.
http.Error(w, "Failed to fetch module zip", http.StatusBadGateway)
return
}
defer entry.Data.Close()
defer entry.Data.Close() // #nosec G104 -- Cleanup, error not critical
// CRITICAL SECURITY CHECK: If module requires auth, validate credentials
if entry.Package != nil && entry.Package.RequiresAuth {
@@ -349,7 +349,7 @@ func (h *Handler) handleZip(ctx context.Context, w http.ResponseWriter, r *http.
}
w.Header().Set("Content-Type", "application/zip")
io.Copy(w, entry.Data)
_, _ = io.Copy(w, entry.Data) // #nosec G104 -- HTTP response write
}
// handleLatest handles /@latest requests
@@ -372,7 +372,7 @@ func (h *Handler) handleLatest(ctx context.Context, w http.ResponseWriter, r *ht
return nil, "", err
}
if statusCode != http.StatusOK {
body.Close()
body.Close() // #nosec G104 -- Cleanup, error not critical
return nil, "", fmt.Errorf("upstream returned status %d", statusCode)
}
return body, url, nil
@@ -383,10 +383,10 @@ func (h *Handler) handleLatest(ctx context.Context, w http.ResponseWriter, r *ht
http.Error(w, "Failed to fetch latest version", http.StatusBadGateway)
return
}
defer entry.Data.Close()
defer entry.Data.Close() // #nosec G104 -- Cleanup, error not critical
w.Header().Set("Content-Type", "application/json; charset=UTF-8")
io.Copy(w, entry.Data)
_, _ = io.Copy(w, entry.Data) // #nosec G104 -- HTTP response write
}
// handleSumDB handles sumdb requests (checksum database)
@@ -405,7 +405,7 @@ func (h *Handler) handleSumDB(ctx context.Context, w http.ResponseWriter, r *htt
http.Error(w, "Failed to fetch from sumdb", http.StatusBadGateway)
return
}
defer body.Close()
defer body.Close() // #nosec G104 -- Cleanup, error not critical
if statusCode != http.StatusOK {
log.Error().Int("status", statusCode).Str("url", url).Msg("Sumdb returned non-OK status")
@@ -414,7 +414,7 @@ func (h *Handler) handleSumDB(ctx context.Context, w http.ResponseWriter, r *htt
}
w.Header().Set("Content-Type", "text/plain; charset=UTF-8")
io.Copy(w, body)
_, _ = io.Copy(w, body) // #nosec G104 -- HTTP response write
}
// extractVersion extracts version from path