gosec govulncheck runs (#1)

* gosec govulncheck runs

* Fix flaky TestRateLimiter_Matrix test

The test was failing due to two issues:
1. Test name generation used invalid character conversion (string(rune('0'+limit)))
   which produced non-printable characters for limits >= 10
2. Using 10ms windows with 100 requests caused race conditions - early requests
   would expire before all 100 were made, allowing the 101st request

Changed to use struct-based test cases with proper fmt.Sprintf naming and
a consistent 1-second window that won't expire during rapid test execution.
This commit is contained in:
2025-12-09 01:07:16 +00:00
committed by GitHub
parent 27d5011ab1
commit 29263dc8a2
17 changed files with 80 additions and 215 deletions
+2 -1
View File
@@ -24,7 +24,7 @@ func (s *Server) getPeerCredentials(conn net.Conn) *PeerCredentials {
}
var creds *PeerCredentials
rawConn.Control(func(fd uintptr) {
_ = rawConn.Control(func(fd uintptr) {
xucred, err := unix.GetsockoptXucred(int(fd), unix.SOL_LOCAL, unix.LOCAL_PEERCRED)
if err != nil {
return
@@ -33,6 +33,7 @@ func (s *Server) getPeerCredentials(conn net.Conn) *PeerCredentials {
// Get PID separately using LOCAL_PEERPID
var pid int32
pidLen := uint32(unsafe.Sizeof(pid))
// #nosec G103 -- unsafe required for low-level syscall to get peer PID
_, _, errno := syscall.Syscall6(
syscall.SYS_GETSOCKOPT,
fd,