akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 16 Packages Projects Releases Wiki Activity
Files
main
Charon/backend/PHASE1_FIXES.md
akanealw eec8c28fb3
Some checks are pending
Go Benchmark / Performance Regression Check (push) Waiting to run
Details
Cerberus Integration / Cerberus Security Stack Integration (push) Waiting to run
Details
Upload Coverage to Codecov / Backend Codecov Upload (push) Waiting to run
Details
Upload Coverage to Codecov / Frontend Codecov Upload (push) Waiting to run
Details
CodeQL - Analyze / CodeQL analysis (go) (push) Waiting to run
Details
CodeQL - Analyze / CodeQL analysis (javascript-typescript) (push) Waiting to run
Details
CrowdSec Integration / CrowdSec Bouncer Integration (push) Waiting to run
Details
Docker Build, Publish & Test / build-and-push (push) Waiting to run
Details
Docker Build, Publish & Test / Security Scan PR Image (push) Blocked by required conditions
Details
Quality Checks / Auth Route Protection Contract (push) Waiting to run
Details
Quality Checks / Codecov Trigger/Comment Parity Guard (push) Waiting to run
Details
Quality Checks / Backend (Go) (push) Waiting to run
Details
Quality Checks / Frontend (React) (push) Waiting to run
Details
Rate Limit integration / Rate Limiting Integration (push) Waiting to run
Details
Security Scan (PR) / Trivy Binary Scan (push) Waiting to run
Details
Supply Chain Verification (PR) / Verify Supply Chain (push) Waiting to run
Details
WAF integration / Coraza WAF Integration (push) Waiting to run
Details
changed perms
2026-04-22 18:19:14 +00:00

78 lines
2.5 KiB
Markdown
Executable File
Raw Permalink Blame History

# Phase 1 Lint Fixes - Implementation Tracker
## Status: IN PROGRESS
### Completed:
✅ JSON.Unmarshal fixes:
- security_handler_audit_test.go:581
- security_handler_coverage_test.go (2 locations: line 525 initially reported, now 590)
- settings_handler_test.go (3 locations: lines 1290, 1337, 1396)
- user_handler_test.go (3 locations: lines 120, 153, 443)
### Remaining Errcheck Issues (23):
#### Environment Variables (11):
- internal/config/config_test.go:56, 57, 72 (
os.Setenv)
- internal/config/config_test.go:157, 158, 159 (os.Unsetenv)
- internal/server/emergency_server_test.go:97, 98, 142, 143, 279, 280
#### Database Close (4):
- internal/services/certificate_service_test.go:1104
- internal/services/security_service_test.go:26
- internal/services/uptime_service_unit_test.go:25
- Also needed: dns_provider_service_test.go, database/errors_test.go
#### Other (8):
- handlers_blackbox_test.go:1501, 1503 (db.Callback().Register, tx.AddError)
- security_handler_waf_test.go:526, 527, 528 (os.Remove)
- emergency_server_test.go: 67, 79, 108, 125, 155, 171 (server.Stop, resp.Body.Close)
- backup_service_test.go: Multiple Close() operations
### Remaining Gosec Issues (24):
#### G115 - Integer Overflow (3):
- internal/api/handlers/manual_challenge_handler.go:649, 651
- internal/api/handlers/security_handler_rules_decisions_test.go:162
#### G110 - Decompression Bomb (2):
- internal/crowdsec/hub_sync.go:1016
- internal/services/backup_service.go:345
#### G305 - Path Traversal (1):
- internal/services/backup_service.go:316
#### G306/G302 - File Permissions (10+):
- server_test.go:19
- backup_service.go:36, 324, 328
- backup_service_test.go:28, 35, 469, 470, 538
#### G304 - File Inclusion (4):
- config_test.go:67, 148
- backup_service.go:178, 218, 332
#### G112 - Slowloris (2):
- uptime_service_test.go:80, 855
#### G101 - Hardcoded Credentials (3):
- rfc2136_provider_test.go:171, 381, 414
#### G602 - Slice Bounds (1):
- caddy/config.go:463
## Implementation Strategy
Given the scope (55+ issues), I'll implement fixes in priority order:
1. **HIGH PRIORITY**: Gosec security issues (decompression bomb, path traversal, permissions)
2. **MEDIUM PRIORITY**: Errcheck resource cleanup (database close, file close)
3. **LOW PRIORITY**: Test environment setup (os.Setenv/Unsetenv)
## Notes
- The original `full_lint_output.txt` was outdated
- Current lint run shows 61 issues total (31 errcheck + 24 gosec + 6 other)
- Some issues (bodyclose, staticcheck) are outside original spec scope
- Will focus on errcheck and gosec as specified in the plan
Reference in New Issue View Git Blame Copy Permalink