johno/gastown
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix: Address golangci-lint errors (errcheck, gosec) (#76)

Browse Source 
Apply PR #76 from dannomayernotabot:

- Add golangci exclusions for internal package false positives
- Tighten file permissions (0644 -> 0600) for sensitive files
- Add ReadHeaderTimeout to HTTP server (slowloris prevention)
- Explicit error ignoring with _ = for intentional cases
- Add //nolint comments with justifications
- Spelling: cancelled -> canceled (US locale)

Co-Authored-By: dannomayernotabot <noreply@github.com>

🤖 Generated with Claude Code
This commit is contained in:
max
2026-01-03 16:11:40 -08:00
committed by Steve Yegge
parent 62848065e3
commit 1b69576573
82 changed files with 325 additions and 355 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
internal/mail/mailbox.go
View File

@@ -112,7 +112,7 @@ func (m *Mailbox) listBeads() ([]*Message, error) {
// listFromDir queries messages from a beads directory.
// Returns messages where identity is the assignee OR a CC recipient.
// Includes both open and hooked messages (hooked = auto-assigned handoff mail).
func (m *Mailbox) listFromDir(beadsDir string) ([]*Message, error) {
func (m *Mailbox) listFromDir(beadsDir string) ([]*Message, error) { //nolint:unparam // error return kept for future use
seen := make(map[string]bool)
var messages []*Message
@@ -346,7 +346,7 @@ func (m *Mailbox) closeInDir(id, beadsDir string) error {
if sessionID := os.Getenv("CLAUDE_SESSION_ID"); sessionID != "" {
args = append(args, "--session="+sessionID)
}
cmd := exec.Command("bd", args...)
cmd := exec.Command("bd", args...) //nolint:gosec // G204: bd is a trusted internal tool
cmd.Dir = m.workDir
cmd.Env = append(cmd.Environ(), "BEADS_DIR="+beadsDir)
@@ -506,7 +506,7 @@ func (m *Mailbox) appendToArchive(msg *Message) error {
}
// Open for append
file, err := os.OpenFile(archivePath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
file, err := os.OpenFile(archivePath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644) //nolint:gosec // G302: archive is non-sensitive operational data
if err != nil {
return err
}
@@ -740,7 +740,7 @@ func (m *Mailbox) appendLegacy(msg *Message) error {
}
// Open for append
file, err := os.OpenFile(m.path, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
file, err := os.OpenFile(m.path, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0600)
if err != nil {
return err
}

12
internal/mail/router.go
View File

@@ -184,7 +184,7 @@ func detectTownRoot(startDir string) string {
// - Rig-level beads ({rig}/.beads) are for project issues only, not mail
//
// This ensures messages are visible to all agents in the town.
func (r *Router) resolveBeadsDir(address string) string {
func (r *Router) resolveBeadsDir(_ string) string { // address unused: all mail uses town-level beads
// If no town root, fall back to workDir's .beads
if r.townRoot == "" {
return filepath.Join(r.workDir, ".beads")
@@ -622,7 +622,7 @@ func (r *Router) sendToSingle(msg *Message) error {
}
beadsDir := r.resolveBeadsDir(msg.To)
cmd := exec.Command("bd", args...)
cmd := exec.Command("bd", args...) //nolint:gosec // G204: bd is a trusted internal tool
cmd.Env = append(cmd.Environ(),
"BEADS_DIR="+beadsDir,
)
@@ -744,7 +744,7 @@ func (r *Router) sendToQueue(msg *Message) error {
// Queue messages go to town-level beads (shared location)
beadsDir := r.resolveBeadsDir("")
cmd := exec.Command("bd", args...)
cmd := exec.Command("bd", args...) //nolint:gosec // G204: args are constructed internally, not from user input
cmd.Env = append(cmd.Environ(),
"BEADS_DIR="+beadsDir,
)
@@ -827,7 +827,7 @@ func (r *Router) sendToAnnounce(msg *Message) error {
// Announce messages go to town-level beads (shared location)
beadsDir := r.resolveBeadsDir("")
cmd := exec.Command("bd", args...)
cmd := exec.Command("bd", args...) //nolint:gosec // G204: args are constructed internally, not from user input
cmd.Env = append(cmd.Environ(),
"BEADS_DIR="+beadsDir,
)
@@ -869,7 +869,7 @@ func (r *Router) pruneAnnounce(announceName string, retainCount int) error {
"--asc", // Oldest first
}
cmd := exec.Command("bd", args...)
cmd := exec.Command("bd", args...) //nolint:gosec // G204: args are constructed internally
cmd.Env = append(cmd.Environ(), "BEADS_DIR="+beadsDir)
cmd.Dir = filepath.Dir(beadsDir)
@@ -904,7 +904,7 @@ func (r *Router) pruneAnnounce(announceName string, retainCount int) error {
// Delete oldest messages
for i := 0; i < toDelete && i < len(messages); i++ {
deleteArgs := []string{"close", messages[i].ID, "--reason=retention pruning"}
deleteCmd := exec.Command("bd", deleteArgs...)
deleteCmd := exec.Command("bd", deleteArgs...) //nolint:gosec // G204: args are constructed internally
deleteCmd.Env = append(deleteCmd.Environ(), "BEADS_DIR="+beadsDir)
deleteCmd.Dir = filepath.Dir(beadsDir)