johno/beads
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix gosec warnings: tighten file permissions and add exclusions (bd-b47c034e)

Browse Source
This commit is contained in:
Steve Yegge
2025-11-02 15:38:55 -08:00
parent 334ef713b7
commit 94fc772139
5 changed files with 13 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/daemon/registry.go
View File

@@ -34,7 +34,7 @@ func NewRegistry() (*Registry, error) {
}
beadsDir := filepath.Join(home, ".beads")
if err := os.MkdirAll(beadsDir, 0755); err != nil {
if err := os.MkdirAll(beadsDir, 0750); err != nil {
return nil, fmt.Errorf("failed to create .beads directory: %w", err)
}

4
internal/daemonrunner/daemon_test.go
View File

@@ -44,10 +44,10 @@ func TestDetermineDatabasePath(t *testing.T) {
beadsDir := filepath.Join(tmpDir, ".beads")
dbPath := filepath.Join(beadsDir, "beads.db")
if err := os.MkdirAll(beadsDir, 0755); err != nil {
if err := os.MkdirAll(beadsDir, 0750); err != nil {
t.Fatalf("Failed to create beads dir: %v", err)
}
if err := os.WriteFile(dbPath, []byte("test"), 0644); err != nil {
if err := os.WriteFile(dbPath, []byte("test"), 0600); err != nil {
t.Fatalf("Failed to create db file: %v", err)
}

8
internal/types/lock_check_test.go
View File

@@ -36,7 +36,7 @@ func TestShouldSkipDatabase(t *testing.T) {
Version: "1.0.0",
}
data, _ := json.Marshal(lock)
if err := os.WriteFile(lockPath, data, 0644); err != nil {
if err := os.WriteFile(lockPath, data, 0600); err != nil {
t.Fatal(err)
}
defer os.Remove(lockPath)
@@ -69,7 +69,7 @@ func TestShouldSkipDatabase(t *testing.T) {
Version: "1.0.0",
}
data, _ := json.Marshal(lock)
if err := os.WriteFile(lockPath, data, 0644); err != nil {
if err := os.WriteFile(lockPath, data, 0600); err != nil {
t.Fatal(err)
}
defer os.Remove(lockPath)
@@ -115,7 +115,7 @@ func TestShouldSkipDatabase(t *testing.T) {
Version: "1.0.0",
}
data, _ := json.Marshal(lock)
if err := os.WriteFile(lockPath, data, 0644); err != nil {
if err := os.WriteFile(lockPath, data, 0600); err != nil {
t.Fatal(err)
}
defer os.Remove(lockPath)
@@ -142,7 +142,7 @@ func TestShouldSkipDatabase(t *testing.T) {
Version: "1.0.0",
}
data, _ := json.Marshal(lock)
if err := os.WriteFile(lockPath, data, 0644); err != nil {
if err := os.WriteFile(lockPath, data, 0600); err != nil {
t.Fatal(err)
}
defer os.Remove(lockPath)