diff --git a/.dockerignore b/.dockerignore index 32b8aa1..d53d723 100644 --- a/.dockerignore +++ b/.dockerignore @@ -67,7 +67,6 @@ tmp .golangci.yml .goreleaser.yml .vscode -docs LICENSE README.md codecov.yml diff --git a/.github/actions/upload-artifact-resilient/action.yml b/.github/actions/upload-artifact-resilient/action.yml new file mode 100644 index 0000000..d1f1d4a --- /dev/null +++ b/.github/actions/upload-artifact-resilient/action.yml @@ -0,0 +1,120 @@ +# ------------------------------------------------------------------------------------ +# Upload Artifact with Resilience (Composite Action) (GoFortress) +# +# Purpose: Provide resilient artifact uploads with step-level retry logic to handle +# transient GitHub infrastructure failures (including non-retryable 403 errors from +# CDN/proxy intermediaries during artifact finalization). +# +# This action handles: +# - Step-level retry (3 attempts) to recover from non-retryable errors (e.g., 403) +# - Escalating delays (10s, 30s) between retries for transient infrastructure issues +# - overwrite: true on all attempts to handle partially-finalized artifacts +# - ACTIONS_UPLOAD_RETRY_COUNT=3 for defense-in-depth against 5xx errors +# - Configurable continue-on-error for critical vs non-critical artifacts +# +# Maintainer: @mrz1836 +# +# ------------------------------------------------------------------------------------ + +name: "Upload Artifact with Resilience" +description: "Uploads GitHub Actions artifacts with step-level retry logic for transient infrastructure failures" + +inputs: + artifact-name: + description: "Name of the artifact (will be displayed in GitHub UI)" + required: true + artifact-path: + description: "Path to the artifact file(s) to upload" + required: true + retention-days: + description: "Number of days to retain the artifact (1-90 days)" + required: false + default: "7" + if-no-files-found: + description: "Behavior when no files match the path (warn, error, ignore)" + required: false + default: "ignore" + compression-level: + description: "Compression level for the artifact (0-9, 6 is default)" + required: false + default: "6" + continue-on-error: + description: "Continue workflow if all upload attempts fail (true for non-critical artifacts)" + required: false + default: "true" + +runs: + using: "composite" + steps: + # ------------------------------------------------------------------ + # Attempt 1 + # ------------------------------------------------------------------ + - name: "📤 Upload ${{ inputs.artifact-name }} (attempt 1)" + id: attempt1 + continue-on-error: true + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + with: + name: ${{ inputs.artifact-name }} + path: ${{ inputs.artifact-path }} + retention-days: ${{ inputs.retention-days }} + if-no-files-found: ${{ inputs.if-no-files-found }} + compression-level: ${{ inputs.compression-level }} + overwrite: true + env: + ACTIONS_UPLOAD_RETRY_COUNT: 3 + + # ------------------------------------------------------------------ + # Delay before retry + # ------------------------------------------------------------------ + - name: "⏳ Wait before retry (${{ inputs.artifact-name }})" + if: steps.attempt1.outcome == 'failure' + shell: bash + run: | + echo "::warning::Upload attempt 1 for '${{ inputs.artifact-name }}' failed, retrying in 10s..." + sleep 10 + + # ------------------------------------------------------------------ + # Attempt 2 + # ------------------------------------------------------------------ + - name: "📤 Upload ${{ inputs.artifact-name }} (attempt 2)" + id: attempt2 + if: steps.attempt1.outcome == 'failure' + continue-on-error: true + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + with: + name: ${{ inputs.artifact-name }} + path: ${{ inputs.artifact-path }} + retention-days: ${{ inputs.retention-days }} + if-no-files-found: ${{ inputs.if-no-files-found }} + compression-level: ${{ inputs.compression-level }} + overwrite: true + env: + ACTIONS_UPLOAD_RETRY_COUNT: 3 + + # ------------------------------------------------------------------ + # Delay before final retry + # ------------------------------------------------------------------ + - name: "⏳ Wait before final retry (${{ inputs.artifact-name }})" + if: steps.attempt1.outcome == 'failure' && steps.attempt2.outcome == 'failure' + shell: bash + run: | + echo "::warning::Upload attempt 2 for '${{ inputs.artifact-name }}' failed, retrying in 30s..." + sleep 30 + + # ------------------------------------------------------------------ + # Attempt 3 (final -- continue-on-error depends on criticality input) + # ------------------------------------------------------------------ + - name: "📤 Upload ${{ inputs.artifact-name }} (attempt 3 - final)" + id: attempt3 + if: steps.attempt1.outcome == 'failure' && steps.attempt2.outcome == 'failure' + continue-on-error: ${{ inputs.continue-on-error == 'true' }} + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + with: + name: ${{ inputs.artifact-name }} + path: ${{ inputs.artifact-path }} + retention-days: ${{ inputs.retention-days }} + if-no-files-found: ${{ inputs.if-no-files-found }} + compression-level: ${{ inputs.compression-level }} + overwrite: true + env: + ACTIONS_UPLOAD_RETRY_COUNT: 3 diff --git a/.github/env/10-coverage.env b/.github/env/10-coverage.env index 5125fef..a3049b7 100644 --- a/.github/env/10-coverage.env +++ b/.github/env/10-coverage.env @@ -32,7 +32,7 @@ GO_COVERAGE_PROVIDER=internal CODECOV_TOKEN_REQUIRED=false # Go Coverage Tool Version -GO_COVERAGE_VERSION=v1.3.5 +GO_COVERAGE_VERSION=v1.3.7 GO_COVERAGE_USE_LOCAL=false # ================================================================================================ diff --git a/.github/env/10-mage-x.env b/.github/env/10-mage-x.env index 01ef67f..c7c85bd 100644 --- a/.github/env/10-mage-x.env +++ b/.github/env/10-mage-x.env @@ -36,7 +36,7 @@ # ================================================================================================ # MAGE-X version -MAGE_X_VERSION=v1.20.4 +MAGE_X_VERSION=v1.20.7 # For mage-x development, set to 'true' to use local version instead of downloading from releases MAGE_X_USE_LOCAL=false @@ -61,7 +61,7 @@ MAGE_X_FORMAT_EXCLUDE_PATHS=vendor,node_modules,.git,.idea MAGE_X_GITLEAKS_VERSION=8.30.0 MAGE_X_GOFUMPT_VERSION=v0.9.2 -MAGE_X_GOLANGCI_LINT_VERSION=v2.9.0 +MAGE_X_GOLANGCI_LINT_VERSION=v2.10.1 MAGE_X_GORELEASER_VERSION=v2.13.3 MAGE_X_GOVULNCHECK_VERSION=v1.1.4 MAGE_X_GO_SECONDARY_VERSION=1.24.x diff --git a/.github/env/10-pre-commit.env b/.github/env/10-pre-commit.env index 9b7477c..7a20e6b 100644 --- a/.github/env/10-pre-commit.env +++ b/.github/env/10-pre-commit.env @@ -26,7 +26,7 @@ # 🪝 PRE-COMMIT TOOL VERSION # ================================================================================================ -GO_PRE_COMMIT_VERSION=v1.6.1 +GO_PRE_COMMIT_VERSION=v1.6.2 GO_PRE_COMMIT_USE_LOCAL=false # ================================================================================================ @@ -52,7 +52,7 @@ GO_PRE_COMMIT_ALL_FILES=true # 🛠️ TOOL VERSIONS # ================================================================================================ -GO_PRE_COMMIT_GOLANGCI_LINT_VERSION=v2.9.0 +GO_PRE_COMMIT_GOLANGCI_LINT_VERSION=v2.10.1 GO_PRE_COMMIT_FUMPT_VERSION=v0.9.2 GO_PRE_COMMIT_GOIMPORTS_VERSION=latest GO_PRE_COMMIT_GITLEAKS_VERSION=v8.30.0 diff --git a/.github/workflows/fortress-benchmarks.yml b/.github/workflows/fortress-benchmarks.yml index 7f636dc..6208934 100644 --- a/.github/workflows/fortress-benchmarks.yml +++ b/.github/workflows/fortress-benchmarks.yml @@ -390,19 +390,19 @@ jobs: # -------------------------------------------------------------------- - name: 📤 Upload benchmark statistics if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: ./.github/actions/upload-artifact-resilient with: - name: bench-stats-${{ matrix.os }}-${{ matrix.go-version }} - path: bench-stats-${{ matrix.os }}-${{ matrix.go-version }}.json - retention-days: 7 + artifact-name: bench-stats-${{ matrix.os }}-${{ matrix.go-version }} + artifact-path: bench-stats-${{ matrix.os }}-${{ matrix.go-version }}.json + retention-days: "7" # -------------------------------------------------------------------- # Upload raw benchmark results # -------------------------------------------------------------------- - name: 📤 Upload benchmark results if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: ./.github/actions/upload-artifact-resilient with: - name: bench-results-${{ matrix.os }}-${{ matrix.go-version }} - path: bench-results-${{ matrix.os }}-${{ matrix.go-version }}.txt - retention-days: 7 # Keep raw results longer for analysis + artifact-name: bench-results-${{ matrix.os }}-${{ matrix.go-version }} + artifact-path: bench-results-${{ matrix.os }}-${{ matrix.go-version }}.txt + retention-days: "7" diff --git a/.github/workflows/fortress-code-quality.yml b/.github/workflows/fortress-code-quality.yml index a50be5c..63d92e6 100644 --- a/.github/workflows/fortress-code-quality.yml +++ b/.github/workflows/fortress-code-quality.yml @@ -226,11 +226,11 @@ jobs: # -------------------------------------------------------------------- - name: 📤 Upload go vet results if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: ./.github/actions/upload-artifact-resilient with: - name: govet-results - path: govet-output.log - retention-days: 7 + artifact-name: govet-results + artifact-path: govet-output.log + retention-days: "7" if-no-files-found: ignore # -------------------------------------------------------------------- @@ -513,11 +513,11 @@ jobs: # -------------------------------------------------------------------- - name: 📤 Upload lint results if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: ./.github/actions/upload-artifact-resilient with: - name: lint-results - path: lint-output.log - retention-days: 7 + artifact-name: lint-results + artifact-path: lint-output.log + retention-days: "7" if-no-files-found: ignore # -------------------------------------------------------------------- @@ -765,11 +765,11 @@ jobs: # -------------------------------------------------------------------- - name: 📤 Upload format check results if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: ./.github/actions/upload-artifact-resilient with: - name: format-check-results - path: format-output.log - retention-days: 7 + artifact-name: format-check-results + artifact-path: format-output.log + retention-days: "7" if-no-files-found: ignore # -------------------------------------------------------------------- diff --git a/.github/workflows/fortress-completion-statistics.yml b/.github/workflows/fortress-completion-statistics.yml index 72fd9ee..aaf0e08 100644 --- a/.github/workflows/fortress-completion-statistics.yml +++ b/.github/workflows/fortress-completion-statistics.yml @@ -685,11 +685,11 @@ jobs: # -------------------------------------------------------------------- - name: 📤 Upload LOC Stats JSON if: always() && hashFiles('loc-stats.json') != '' - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: ./.github/actions/upload-artifact-resilient with: - name: loc-stats - path: loc-stats.json - retention-days: 7 + artifact-name: loc-stats + artifact-path: loc-stats.json + retention-days: "7" - name: 📤 Upload Statistics Section id: upload-section diff --git a/.github/workflows/fortress-coverage.yml b/.github/workflows/fortress-coverage.yml index e4d8274..bfc1331 100644 --- a/.github/workflows/fortress-coverage.yml +++ b/.github/workflows/fortress-coverage.yml @@ -2367,22 +2367,22 @@ jobs: # -------------------------------------------------------------------- - name: 📤 Upload performance cache statistics if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: ./.github/actions/upload-artifact-resilient with: - name: cache-stats-coverage - path: cache-stats-coverage.json - retention-days: 1 + artifact-name: cache-stats-coverage + artifact-path: cache-stats-coverage.json + retention-days: "1" # -------------------------------------------------------------------- # Upload coverage statistics for completion report # -------------------------------------------------------------------- - name: 📤 Upload coverage statistics if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: ./.github/actions/upload-artifact-resilient with: - name: coverage-stats-internal - path: coverage-stats-internal-*.json - retention-days: 1 + artifact-name: coverage-stats-internal + artifact-path: coverage-stats-internal-*.json + retention-days: "7" # -------------------------------------------------------------------- # Upload coverage history for future runs (WORKING SYSTEM - PRESERVED) @@ -2410,13 +2410,12 @@ jobs: - name: 📤 Upload coverage history artifacts # Upload history for all branches to preserve trend data if: github.event_name == 'push' - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: ./.github/actions/upload-artifact-resilient with: - name: coverage-history-${{ inputs.commit-sha }} - path: .github/coverage/history/*.json - retention-days: 90 - compression-level: 9 - continue-on-error: true + artifact-name: coverage-history-${{ inputs.commit-sha }} + artifact-path: .github/coverage/history/*.json + retention-days: "90" + compression-level: "9" # ---------------------------------------------------------------------------------- # Upload Coverage to Codecov (External Provider) # ---------------------------------------------------------------------------------- @@ -2594,8 +2593,8 @@ jobs: - name: 📤 Upload coverage statistics (Codecov) if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: ./.github/actions/upload-artifact-resilient with: - name: coverage-stats-codecov - path: coverage-stats-codecov-*.json - retention-days: 7 + artifact-name: coverage-stats-codecov + artifact-path: coverage-stats-codecov-*.json + retention-days: "7" diff --git a/.github/workflows/fortress-security-scans.yml b/.github/workflows/fortress-security-scans.yml index b905908..0e9d477 100644 --- a/.github/workflows/fortress-security-scans.yml +++ b/.github/workflows/fortress-security-scans.yml @@ -219,11 +219,11 @@ jobs: # -------------------------------------------------------------------- - name: 📤 Upload Nancy scan results if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: ./.github/actions/upload-artifact-resilient with: - name: nancy-scan-results - path: nancy-output.log - retention-days: 7 + artifact-name: nancy-scan-results + artifact-path: nancy-output.log + retention-days: "7" if-no-files-found: ignore # -------------------------------------------------------------------- @@ -458,11 +458,11 @@ jobs: # -------------------------------------------------------------------- - name: 📤 Upload govulncheck results if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: ./.github/actions/upload-artifact-resilient with: - name: govulncheck-scan-results - path: govulncheck-output.log - retention-days: 7 + artifact-name: govulncheck-scan-results + artifact-path: govulncheck-output.log + retention-days: "7" if-no-files-found: ignore # -------------------------------------------------------------------- diff --git a/.github/workflows/fortress-test-fuzz.yml b/.github/workflows/fortress-test-fuzz.yml index 5188d68..a184b63 100644 --- a/.github/workflows/fortress-test-fuzz.yml +++ b/.github/workflows/fortress-test-fuzz.yml @@ -251,11 +251,11 @@ jobs: # -------------------------------------------------------------------- - name: 📤 Upload fuzz test outputs if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: ./.github/actions/upload-artifact-resilient with: - name: test-results-fuzz-${{ inputs.primary-runner }}-${{ inputs.go-primary-version }} - path: | + artifact-name: test-results-fuzz-${{ inputs.primary-runner }}-${{ inputs.go-primary-version }} + artifact-path: | .mage-x/ci-results-fuzz.jsonl fuzz-output.log - retention-days: 1 + retention-days: "7" if-no-files-found: ignore diff --git a/.github/workflows/fortress-test-matrix.yml b/.github/workflows/fortress-test-matrix.yml index 4abb264..e2bcd22 100644 --- a/.github/workflows/fortress-test-matrix.yml +++ b/.github/workflows/fortress-test-matrix.yml @@ -401,13 +401,13 @@ jobs: # -------------------------------------------------------------------- - name: 📤 Upload CI results if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: ./.github/actions/upload-artifact-resilient with: - name: ci-results-${{ matrix.os }}-${{ matrix.go-version }} - path: | + artifact-name: ci-results-${{ matrix.os }}-${{ matrix.go-version }} + artifact-path: | .mage-x/ci-results.jsonl test-output.log - retention-days: 1 + retention-days: "7" if-no-files-found: ignore # -------------------------------------------------------------------- @@ -442,8 +442,9 @@ jobs: # -------------------------------------------------------------------- - name: 📤 Upload coverage data if: inputs.code-coverage-enabled == 'true' && hashFiles('coverage.txt') != '' && matrix.os == inputs.primary-runner && matrix.go-version == inputs.go-primary-version - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: ./.github/actions/upload-artifact-resilient with: - name: coverage-data - path: coverage.txt - retention-days: 1 + artifact-name: coverage-data + artifact-path: coverage.txt + retention-days: "7" + continue-on-error: "false" diff --git a/.github/workflows/fortress-test-validation.yml b/.github/workflows/fortress-test-validation.yml index 49c616b..8112a6d 100644 --- a/.github/workflows/fortress-test-validation.yml +++ b/.github/workflows/fortress-test-validation.yml @@ -412,9 +412,9 @@ jobs: # -------------------------------------------------------------------- - name: 📤 Upload validation summary if: always() - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: ./.github/actions/upload-artifact-resilient with: - name: validation-summary - path: ci-results/ - retention-days: 1 + artifact-name: validation-summary + artifact-path: ci-results/ + retention-days: "7" if-no-files-found: ignore diff --git a/.github/workflows/pull-request-management-fork.yml b/.github/workflows/pull-request-management-fork.yml index f010f33..fa01561 100644 --- a/.github/workflows/pull-request-management-fork.yml +++ b/.github/workflows/pull-request-management-fork.yml @@ -118,7 +118,7 @@ jobs: name: 🌍 Load Environment (Base Repo) runs-on: ubuntu-latest # Only run for fork PRs - same-repo PRs are handled by pull-request-management.yml - if: ${{ github.event.pull_request.head.repo.full_name != github.repository }} + if: ${{ github.event.pull_request.head.repo && github.event.pull_request.head.repo.full_name != github.repository }} # No write perms here permissions: contents: read @@ -178,7 +178,7 @@ jobs: name: 🔍 Detect Fork PR runs-on: ubuntu-latest # Only run for fork PRs - same-repo PRs are handled by pull-request-management.yml - if: ${{ github.event.pull_request.head.repo.full_name != github.repository }} + if: ${{ github.event.pull_request.head.repo && github.event.pull_request.head.repo.full_name != github.repository }} permissions: contents: read outputs: @@ -481,7 +481,7 @@ jobs: name: 📊 Summary runs-on: ubuntu-latest # Only run for fork PRs, but always show summary regardless of job status - if: always() && github.event.pull_request.head.repo.full_name != github.repository + if: always() && github.event.pull_request.head.repo && github.event.pull_request.head.repo.full_name != github.repository needs: [load-env, detect-fork, handle-fork, clean-cache] steps: - name: 📄 Write summary diff --git a/.golangci.json b/.golangci.json index 4c90b32..aeee467 100644 --- a/.golangci.json +++ b/.golangci.json @@ -147,6 +147,11 @@ "ATTENTION" ] }, + "gosec": { + "excludes": [ + "G115" + ] + }, "govet": { "enable": [ "atomicalign", diff --git a/block_header.go b/block_header.go index 7fbff6d..00f84af 100644 --- a/block_header.go +++ b/block_header.go @@ -122,7 +122,7 @@ func readBlockHeader(r io.Reader, _ uint32, bh *BlockHeader) error { // encoding block headers to be stored to disk, such as in a database, as // opposed to encoding for the wire. func writeBlockHeader(w io.Writer, _ uint32, bh *BlockHeader) error { - sec := uint32(bh.Timestamp.Unix()) //nolint:gosec // G115 Conversion + sec := uint32(bh.Timestamp.Unix()) return writeElements(w, bh.Version, &bh.PrevBlock, &bh.MerkleRoot, sec, bh.Bits, bh.Nonce) } diff --git a/block_header_test.go b/block_header_test.go index 9a2c9a4..4f1e7c4 100644 --- a/block_header_test.go +++ b/block_header_test.go @@ -20,7 +20,7 @@ func TestBlockHeader(t *testing.T) { t.Errorf("RandomUint64: Error generating nonce: %v", err) } - nonce := uint32(nonce64) //nolint:gosec // G115 Conversion + nonce := uint32(nonce64) hash := mainNetGenesisHash merkleHash := mainNetGenesisMerkleRoot diff --git a/common.go b/common.go index cd0683b..e16a7be 100644 --- a/common.go +++ b/common.go @@ -211,7 +211,7 @@ func readElement(r io.Reader, element interface{}) error { return err } - *e = int32(rv) //nolint:gosec // G115 Conversion + *e = int32(rv) return nil @@ -231,7 +231,7 @@ func readElement(r io.Reader, element interface{}) error { return err } - *e = int64(rv) //nolint:gosec // G115 Conversion + *e = int64(rv) return nil @@ -277,7 +277,7 @@ func readElement(r io.Reader, element interface{}) error { return err } - *e = int64Time(time.Unix(int64(rv), 0)) //nolint:gosec // G115 Conversion + *e = int64Time(time.Unix(int64(rv), 0)) return nil @@ -391,7 +391,7 @@ func writeElement(w io.Writer, element interface{}) error { // type assertions first. switch e := element.(type) { case int32: - err := binarySerializer.PutUint32(w, littleEndian, uint32(e)) //nolint:gosec // G115 Conversion + err := binarySerializer.PutUint32(w, littleEndian, uint32(e)) if err != nil { return err } @@ -407,7 +407,7 @@ func writeElement(w io.Writer, element interface{}) error { return nil case int64: - err := binarySerializer.PutUint64(w, littleEndian, uint64(e)) //nolint:gosec // G115 Conversion + err := binarySerializer.PutUint64(w, littleEndian, uint64(e)) if err != nil { return err } @@ -613,7 +613,7 @@ func WriteVarInt(w io.Writer, _ uint32, val uint64) error { return err } - return binarySerializer.PutUint16(w, littleEndian, uint16(val)) //nolint:gosec // G115 Conversion + return binarySerializer.PutUint16(w, littleEndian, uint16(val)) } if val <= math.MaxUint32 { @@ -622,7 +622,7 @@ func WriteVarInt(w io.Writer, _ uint32, val uint64) error { return err } - return binarySerializer.PutUint32(w, littleEndian, uint32(val)) //nolint:gosec // G115 Conversion + return binarySerializer.PutUint32(w, littleEndian, uint32(val)) } err := binarySerializer.PutUint8(w, 0xff) diff --git a/message.go b/message.go index 82667d3..b450da7 100644 --- a/message.go +++ b/message.go @@ -357,7 +357,7 @@ func WriteMessageWithEncodingN(w io.Writer, msg Message, pver uint32, lenp := len(payload) // Enforce maximum overall message payload. - if lenp > int(maxMessagePayload()) { //nolint:gosec // G115 Conversion + if lenp > int(maxMessagePayload()) { str := fmt.Sprintf("message payload is too large - encoded "+ "%d bytes, but maximum message payload is %d bytes", lenp, maxMessagePayload()) diff --git a/message_test.go b/message_test.go index 3d94be7..ac6e791 100644 --- a/message_test.go +++ b/message_test.go @@ -206,7 +206,7 @@ func TestReadMessageWireErrors(t *testing.T) { // Wire encoded bytes for a message that exceeds max overall message // length. - mpl := uint32(maxMessagePayload()) //nolint:gosec // G115 Conversion + mpl := uint32(maxMessagePayload()) exceedMaxPayloadBytes := makeHeader(bsvnet, "getaddr", mpl+1, 0) // Wire encoded bytes for a command which is invalid utf-8. diff --git a/msg_auth_ch.go b/msg_auth_ch.go index d9ad534..6dfacfb 100644 --- a/msg_auth_ch.go +++ b/msg_auth_ch.go @@ -29,7 +29,7 @@ func (msg *MsgAuthch) Bsvdecode(r io.Reader, pver uint32, _ MessageEncoding) err return err } - msg.Length = uint32(len(msg.Challenge)) //nolint:gosec // G115 Conversion + msg.Length = uint32(len(msg.Challenge)) return nil } @@ -56,7 +56,7 @@ func (msg *MsgAuthch) MaxPayloadLength(_ uint32) uint64 { func NewMsgAuthch(message string) *MsgAuthch { return &MsgAuthch{ Version: 1, - Length: uint32(len(message)), //nolint:gosec // G115 Conversion + Length: uint32(len(message)), Challenge: []byte(message), } } diff --git a/msg_auth_ch_test.go b/msg_auth_ch_test.go index c3ac57f..dabbff2 100644 --- a/msg_auth_ch_test.go +++ b/msg_auth_ch_test.go @@ -32,7 +32,7 @@ func TestMsgAuthchWire(t *testing.T) { require.NoError(t, decoded.Bsvdecode(&buf, ProtocolVersion, BaseEncoding)) assert.Equal(t, orig.Version, decoded.Version) - assert.Equal(t, uint32(len(decoded.Challenge)), decoded.Length) //nolint:gosec // G115 Conversion + assert.Equal(t, uint32(len(decoded.Challenge)), decoded.Length) assert.NotEmpty(t, decoded.Challenge) } diff --git a/msg_auth_resp.go b/msg_auth_resp.go index cb43c43..e912fc7 100644 --- a/msg_auth_resp.go +++ b/msg_auth_resp.go @@ -33,7 +33,7 @@ func (msg *MsgAuthresp) Bsvdecode(r io.Reader, pver uint32, _ MessageEncoding) e return err } - msg.PublicKeyLength = uint32(len(msg.PublicKey)) //nolint:gosec // G115 Conversion + msg.PublicKeyLength = uint32(len(msg.PublicKey)) // Read stop hash err = readElement(r, &msg.ClientNonce) @@ -46,7 +46,7 @@ func (msg *MsgAuthresp) Bsvdecode(r io.Reader, pver uint32, _ MessageEncoding) e return err } - msg.SignatureLength = uint32(len(msg.Signature)) //nolint:gosec // G115 Conversion + msg.SignatureLength = uint32(len(msg.Signature)) return nil } @@ -66,7 +66,6 @@ func (msg *MsgAuthresp) Command() string { // MaxPayloadLength returns the maximum length the payload can be for the // receiver. This is part of the Message interface implementation. func (msg *MsgAuthresp) MaxPayloadLength(_ uint32) uint64 { - //nolint:gosec // G115 Conversion return uint64(4 + SECP256K1_COMP_PUB_KEY_SIZE_IN_BYTES + 8 + 4 + SECP256K1_DER_SIGN_MAX_SIZE_IN_BYTES) } @@ -75,10 +74,10 @@ func NewMsgAuthresp(publickKey, signature []byte) *MsgAuthresp { nonce, _ := RandomUint64() return &MsgAuthresp{ - PublicKeyLength: uint32(len(publickKey)), //nolint:gosec // G115 Conversion + PublicKeyLength: uint32(len(publickKey)), PublicKey: publickKey, ClientNonce: nonce, - SignatureLength: uint32(len(signature)), //nolint:gosec // G115 Conversion + SignatureLength: uint32(len(signature)), Signature: signature, } } diff --git a/msg_auth_resp_test.go b/msg_auth_resp_test.go index 18cf319..0b2e929 100644 --- a/msg_auth_resp_test.go +++ b/msg_auth_resp_test.go @@ -18,9 +18,9 @@ func TestNewMsgAuthrespInitializesFields(t *testing.T) { msg := NewMsgAuthresp(pubKey, sig) - assert.Equal(t, uint32(len(pubKey)), msg.PublicKeyLength) //nolint:gosec // G115 Conversion + assert.Equal(t, uint32(len(pubKey)), msg.PublicKeyLength) assert.Equal(t, pubKey, msg.PublicKey) - assert.Equal(t, uint32(len(sig)), msg.SignatureLength) //nolint:gosec // G115 Conversion + assert.Equal(t, uint32(len(sig)), msg.SignatureLength) assert.Equal(t, sig, msg.Signature) assert.NotZero(t, msg.ClientNonce) } @@ -37,7 +37,7 @@ func TestMsgAuthrespCommandReturnsAuthresp(t *testing.T) { // computation. func TestMsgAuthrespMaxPayloadLengthCalculatesLimit(t *testing.T) { msg := &MsgAuthresp{} - expected := uint64(4 + SECP256K1_COMP_PUB_KEY_SIZE_IN_BYTES + 8 + 4 + SECP256K1_DER_SIGN_MAX_SIZE_IN_BYTES) //nolint:gosec // G115 Conversion + expected := uint64(4 + SECP256K1_COMP_PUB_KEY_SIZE_IN_BYTES + 8 + 4 + SECP256K1_DER_SIGN_MAX_SIZE_IN_BYTES) assert.Equal(t, expected, msg.MaxPayloadLength(ProtocolVersion)) } @@ -53,7 +53,7 @@ func TestMsgAuthrespEncodeDecodeRoundTrip(t *testing.T) { msg.ClientNonce = nonce var want bytes.Buffer - require.NoError(t, writeElements(&want, uint32(len(pubKey)), pubKey, nonce, uint32(len(sig)), sig)) //nolint:gosec // G115 Conversion + require.NoError(t, writeElements(&want, uint32(len(pubKey)), pubKey, nonce, uint32(len(sig)), sig)) var buf bytes.Buffer require.NoError(t, msg.BsvEncode(&buf, ProtocolVersion, BaseEncoding)) diff --git a/msg_cfilter.go b/msg_cfilter.go index 3a3c9f6..a5dd600 100644 --- a/msg_cfilter.go +++ b/msg_cfilter.go @@ -104,7 +104,6 @@ func (msg *MsgCFilter) Command() string { // MaxPayloadLength returns the maximum length the payload can be for the // receiver. This is part of the Message interface implementation. func (msg *MsgCFilter) MaxPayloadLength(_ uint32) uint64 { - //nolint:gosec // G115 Conversion return uint64(VarIntSerializeSize(MaxCFilterDataSize)) + MaxCFilterDataSize + chainhash.HashSize + 1 } diff --git a/msg_extended_tx.go b/msg_extended_tx.go index 063dd7e..7886fa2 100644 --- a/msg_extended_tx.go +++ b/msg_extended_tx.go @@ -157,7 +157,7 @@ func (msg *MsgExtendedTx) Bsvdecode(r io.Reader, pver uint32, _ MessageEncoding) return err } - msg.Version = int32(version) //nolint:gosec // G115 Conversion + msg.Version = int32(version) count, err := ReadVarInt(r, pver) if err != nil { @@ -356,7 +356,7 @@ func (msg *MsgExtendedTx) Deserialize(r io.Reader) error { // See Serialize for encoding transactions to be stored to disk, such as in a // database, as opposed to encoding transactions for the wire. func (msg *MsgExtendedTx) BsvEncode(w io.Writer, pver uint32, _ MessageEncoding) error { - err := binarySerializer.PutUint32(w, littleEndian, uint32(msg.Version)) //nolint:gosec // G115 conversion + err := binarySerializer.PutUint32(w, littleEndian, uint32(msg.Version)) if err != nil { return err } diff --git a/msg_filter_add.go b/msg_filter_add.go index 107e97f..ac71f58 100644 --- a/msg_filter_add.go +++ b/msg_filter_add.go @@ -69,7 +69,6 @@ func (msg *MsgFilterAdd) Command() string { // MaxPayloadLength returns the maximum length the payload can be for the // receiver. This is part of the Message interface implementation. func (msg *MsgFilterAdd) MaxPayloadLength(_ uint32) uint64 { - //nolint:gosec // G115 conversion return uint64(VarIntSerializeSize(MaxFilterAddDataSize)) + MaxFilterAddDataSize } diff --git a/msg_filter_load.go b/msg_filter_load.go index fae26bf..e4e6933 100644 --- a/msg_filter_load.go +++ b/msg_filter_load.go @@ -122,7 +122,6 @@ func (msg *MsgFilterLoad) MaxPayloadLength(_ uint32) uint64 { // Num filter bytes (varInt) + filter + 4 bytes hash funcs + // 4 bytes tweak + 1 byte flags. - //nolint:gosec // G115 Conversion return uint64(VarIntSerializeSize(MaxFilterLoadFilterSize)) + MaxFilterLoadFilterSize + 9 } diff --git a/msg_merkle_block.go b/msg_merkle_block.go index a954f49..8e9e803 100644 --- a/msg_merkle_block.go +++ b/msg_merkle_block.go @@ -110,7 +110,7 @@ func (msg *MsgMerkleBlock) BsvEncode(w io.Writer, pver uint32, _ MessageEncoding // Read num transaction hashes and limit to max. numHashes := len(msg.Hashes) - if numHashes > int(maxTxPerBlock()) { //nolint:gosec // G115 conversion + if numHashes > int(maxTxPerBlock()) { str := fmt.Sprintf("too many transaction hashes for message "+ "[count %v, max %v]", numHashes, maxTxPerBlock()) return messageError("MsgMerkleBlock.Bsvdecode", str) @@ -118,7 +118,6 @@ func (msg *MsgMerkleBlock) BsvEncode(w io.Writer, pver uint32, _ MessageEncoding numFlagBytes := len(msg.Flags) - //nolint:gosec // G115 Conversion if numFlagBytes > int(maxFlagsPerMerkleBlock()) { str := fmt.Sprintf("too many flag bytes for message [count %v, "+ "max %v]", numFlagBytes, maxFlagsPerMerkleBlock()) diff --git a/msg_merkle_block_test.go b/msg_merkle_block_test.go index c252ab2..e44ccef 100644 --- a/msg_merkle_block_test.go +++ b/msg_merkle_block_test.go @@ -114,7 +114,7 @@ func TestMerkleBlock(t *testing.T) { // Force too many flag bytes to test maxFlagsPerMerkleBlock. // Reset the number of hashes back to a valid value. msg.Hashes = msg.Hashes[len(msg.Hashes)-1:] - msg.Flags = make([]byte, int(maxFlagsPerMerkleBlock())+1) //nolint:gosec // G115 Conversion + msg.Flags = make([]byte, int(maxFlagsPerMerkleBlock())+1) err = msg.BsvEncode(&buf, pver, enc) if err == nil { diff --git a/msg_tx.go b/msg_tx.go index 4fd3d95..2cd8509 100644 --- a/msg_tx.go +++ b/msg_tx.go @@ -354,7 +354,7 @@ func (msg *MsgTx) Bsvdecode(r io.Reader, pver uint32, _ MessageEncoding) error { return err } - msg.Version = int32(version) //nolint:gosec // G115 Conversion + msg.Version = int32(version) count, err := ReadVarInt(r, pver) if err != nil { @@ -536,7 +536,7 @@ func (msg *MsgTx) Deserialize(r io.Reader) error { // See Serialize for encoding transactions to be stored to disk, such as in a // database, as opposed to encoding transactions for the wire. func (msg *MsgTx) BsvEncode(w io.Writer, pver uint32, _ MessageEncoding) error { - err := binarySerializer.PutUint32(w, littleEndian, uint32(msg.Version)) //nolint:gosec // G115 conversion + err := binarySerializer.PutUint32(w, littleEndian, uint32(msg.Version)) if err != nil { return err } @@ -787,7 +787,7 @@ func readTxOut(r io.Reader, pver uint32, _ int32, to *TxOut) error { // NOTE: This function is exported to allow txscript to compute the // new sighashes for witness transactions (BIP0143). func WriteTxOut(w io.Writer, pver uint32, _ int32, to *TxOut) error { - err := binarySerializer.PutUint64(w, littleEndian, uint64(to.Value)) //nolint:gosec // G115 conversion + err := binarySerializer.PutUint64(w, littleEndian, uint64(to.Value)) if err != nil { return err } diff --git a/net_address.go b/net_address.go index f224edd..0ead458 100644 --- a/net_address.go +++ b/net_address.go @@ -84,7 +84,7 @@ func NewNetAddressTimestamp( // NewNetAddress returns a new NetAddress using the provided TCP address and // supported services with defaults for the remaining fields. func NewNetAddress(addr *net.TCPAddr, services ServiceFlag) *NetAddress { - return NewNetAddressIPPort(addr.IP, uint16(addr.Port), services) //nolint:gosec // G115 conversion + return NewNetAddressIPPort(addr.IP, uint16(addr.Port), services) } // readNetAddress reads an encoded NetAddress from r depending on the protocol @@ -131,7 +131,7 @@ func writeNetAddress(w io.Writer, pver uint32, na *NetAddress, ts bool) error { // stop working somewhere around 2106. Also timestamp wasn't added until // until protocol version >= NetAddressTimeVersion. if ts && pver >= NetAddressTimeVersion { - err := writeElement(w, uint32(na.Timestamp.Unix())) //nolint:gosec // G115 Conversion + err := writeElement(w, uint32(na.Timestamp.Unix())) if err != nil { return err } diff --git a/wire_benchmark_test.go b/wire_benchmark_test.go index fc6633b..3587ba5 100644 --- a/wire_benchmark_test.go +++ b/wire_benchmark_test.go @@ -452,7 +452,7 @@ func BenchmarkDecodeHeaders(b *testing.B) { b.Fatalf("NewHashFromStr: unexpected error: %v", err) } - _ = m.AddBlockHeader(NewBlockHeader(1, hash, hash, 0, uint32(i))) //nolint:gosec // G115 Conversion + _ = m.AddBlockHeader(NewBlockHeader(1, hash, hash, 0, uint32(i))) } // Serialize it so the bytes are available to test the decode below. @@ -642,7 +642,7 @@ func BenchmarkDecodeMerkleBlock(b *testing.B) { _ = m.AddTxHash(hash) if i%8 == 0 { - m.Flags = append(m.Flags, uint8(i)) //nolint:gosec // G115 Conversion + m.Flags = append(m.Flags, uint8(i)) } }