akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases Wiki Activity

chore: remediate 61 Go linting issues and tighten pre-commit config

Browse Source 
Complete lint remediation addressing errcheck, gosec, and staticcheck
violations across backend test files. Tighten pre-commit configuration
to prevent future blind spots.

Key Changes:
- Fix 61 Go linting issues (errcheck, gosec G115/G301/G304/G306, bodyclose)
- Add proper error handling for json.Unmarshal, os.Setenv, db.Close(), w.Write()
- Fix gosec G115 integer overflow with strconv.FormatUint
- Add #nosec annotations with justifications for test fixtures
- Fix SecurityService goroutine leaks (add Close() calls)
- Fix CrowdSec tar.gz non-deterministic ordering with sorted keys

Pre-commit Hardening:
- Remove test file exclusion from golangci-lint hook
- Add gosec to .golangci-fast.yml with critical checks (G101, G110, G305)
- Replace broad .golangci.yml exclusions with targeted path-specific rules
- Test files now linted on every commit

Test Fixes:
- Fix emergency route count assertions (1→2 for dual-port setup)
- Fix DNS provider service tests with proper mock setup
- Fix certificate service tests with deterministic behavior

Backend: 27 packages pass, 83.5% coverage
Frontend: 0 lint warnings, 0 TypeScript errors
Pre-commit: All 14 hooks pass (~37s)
This commit is contained in:
GitHub Actions
2026-02-02 06:17:48 +00:00
parent 64b804329b
commit 032d475fba
117 changed files with 4742 additions and 2587 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
backend/internal/database/database_test.go
View File

@@ -278,7 +278,8 @@ func TestConnect_IntegrityCheckWithNonOkResult(t *testing.T) {
// quick_check return a non-ok result
func corruptDBSeverely(t *testing.T, dbPath string) {
t.Helper()
f, err := os.OpenFile(dbPath, os.O_RDWR, 0o644)
// #nosec G304 -- Test function intentionally opens test database file for corruption testing
f, err := os.OpenFile(dbPath, os.O_RDWR, 0o600) // #nosec G302 -- Test intentionally opens test database for corruption
require.NoError(t, err)
defer func() { _ = f.Close() }()
@@ -298,7 +299,8 @@ func corruptDBSeverely(t *testing.T, dbPath string) {
func corruptDB(t *testing.T, dbPath string) {
t.Helper()
// Open and corrupt file
f, err := os.OpenFile(dbPath, os.O_RDWR, 0o644)
// #nosec G304 -- Test function intentionally opens test database file for corruption testing
f, err := os.OpenFile(dbPath, os.O_RDWR, 0o600) // #nosec G302 -- Test intentionally opens test database for corruption
require.NoError(t, err)
defer func() { _ = f.Close() }()