mc/metacrypt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix gosec, govet, and errorlint linter errors

Browse Source 
Co-authored-by: Junie <junie@jetbrains.com>
This commit is contained in:
Kyle Isom
2026-03-15 10:04:12 -07:00
parent dd31e440e6
commit fbaf79a8a0
35 changed files with 236 additions and 232 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
internal/server/routes.go
View File

@@ -71,7 +71,7 @@ func (s *Server) handleInit(w http.ResponseWriter, r *http.Request) {
Threads: s.cfg.Seal.Argon2Threads,
}
if err := s.seal.Initialize(r.Context(), []byte(req.Password), params); err != nil {
if err == seal.ErrAlreadyInitialized {
if errors.Is(err, seal.ErrAlreadyInitialized) {
http.Error(w, `{"error":"already initialized"}`, http.StatusConflict)
return
}
@@ -95,16 +95,15 @@ func (s *Server) handleUnseal(w http.ResponseWriter, r *http.Request) {
}
if err := s.seal.Unseal([]byte(req.Password)); err != nil {
switch err {
case seal.ErrNotInitialized:
if errors.Is(err, seal.ErrNotInitialized) {
http.Error(w, `{"error":"not initialized"}`, http.StatusPreconditionFailed)
case seal.ErrInvalidPassword:
} else if errors.Is(err, seal.ErrInvalidPassword) {
http.Error(w, `{"error":"invalid password"}`, http.StatusUnauthorized)
case seal.ErrRateLimited:
} else if errors.Is(err, seal.ErrRateLimited) {
http.Error(w, `{"error":"too many attempts, try again later"}`, http.StatusTooManyRequests)
case seal.ErrNotSealed:
} else if errors.Is(err, seal.ErrNotSealed) {
http.Error(w, `{"error":"already unsealed"}`, http.StatusConflict)
default:
} else {
s.logger.Error("unseal failed", "error", err)
http.Error(w, `{"error":"unseal failed"}`, http.StatusInternalServerError)
}
@@ -174,7 +173,7 @@ func (s *Server) handleLogout(w http.ResponseWriter, r *http.Request) {
Token: token,
})
if err == nil {
s.auth.Logout(client)
_ = s.auth.Logout(client)
}
// Clear cookie.
@@ -207,9 +206,9 @@ func (s *Server) handleEngineMounts(w http.ResponseWriter, r *http.Request) {
func (s *Server) handleEngineMount(w http.ResponseWriter, r *http.Request) {
var req struct {
Config map[string]interface{} `json:"config"`
Name string `json:"name"`
Type string `json:"type"`
Config map[string]interface{} `json:"config"`
}
if err := readJSON(r, &req); err != nil {
http.Error(w, `{"error":"invalid request"}`, http.StatusBadRequest)
@@ -245,10 +244,10 @@ func (s *Server) handleEngineUnmount(w http.ResponseWriter, r *http.Request) {
func (s *Server) handleEngineRequest(w http.ResponseWriter, r *http.Request) {
var req struct {
Data map[string]interface{} `json:"data"`
Mount string `json:"mount"`
Operation string `json:"operation"`
Path string `json:"path"`
Data map[string]interface{} `json:"data"`
}
if err := readJSON(r, &req); err != nil {
http.Error(w, `{"error":"invalid request"}`, http.StatusBadRequest)
@@ -383,7 +382,7 @@ func (s *Server) handlePKIRoot(w http.ResponseWriter, r *http.Request) {
}
w.Header().Set("Content-Type", "application/x-pem-file")
w.Write(certPEM)
_, _ = w.Write(certPEM) //nolint:gosec
}
func (s *Server) handlePKIChain(w http.ResponseWriter, r *http.Request) {
@@ -411,7 +410,7 @@ func (s *Server) handlePKIChain(w http.ResponseWriter, r *http.Request) {
}
w.Header().Set("Content-Type", "application/x-pem-file")
w.Write(chainPEM)
_, _ = w.Write(chainPEM) //nolint:gosec
}
func (s *Server) handlePKIIssuer(w http.ResponseWriter, r *http.Request) {
@@ -435,7 +434,7 @@ func (s *Server) handlePKIIssuer(w http.ResponseWriter, r *http.Request) {
}
w.Header().Set("Content-Type", "application/x-pem-file")
w.Write(certPEM)
_, _ = w.Write(certPEM) //nolint:gosec
}
func (s *Server) getCAEngine(mountName string) (*ca.CAEngine, error) {
@@ -456,11 +455,11 @@ func (s *Server) getCAEngine(mountName string) (*ca.CAEngine, error) {
func writeJSON(w http.ResponseWriter, status int, v interface{}) {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(status)
json.NewEncoder(w).Encode(v)
_ = json.NewEncoder(w).Encode(v)
}
func readJSON(r *http.Request, v interface{}) error {
defer r.Body.Close()
defer func() { _ = r.Body.Close() }()
body, err := io.ReadAll(io.LimitReader(r.Body, 1<<20)) // 1MB limit
if err != nil {
return err