Merge 8ccff37525 into 3e8c4951e1

[docs] remove duplicate entry from supported platforms (#3442 )
updates exported interface types to match ncruces/go-sqlite3/driver methods (#3440 )
2024-11-22 19:56:39 +00:00 · 2024-10-15 17:28:33 +02:00 · 2024-10-15 13:37:16 +02:00 · 2024-10-14 20:28:59 +00:00 · 2024-10-14 14:12:48 +02:00 · 2024-10-12 13:10:01 +02:00
25 changed files with 88 additions and 76 deletions
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@ -474,7 +474,6 @@ release:
    | Linux   | x86-32/i386 (32-bit)    | 🟡 Partial<sup>[2](#32-bit)</sup>  | [linux_386_moderncsqlite.tar.gz](https://github.com/superseriousbusiness/gotosocial/releases/download/{{ .Tag }}/gotosocial_{{ .Version }}_linux_386_moderncsqlite.tar.gz)         | `superseriousbusiness/gotosocial:{{ .Version }}-moderncsqlite` |
    | Linux   | Armv7/ARM32 (32-bit)    | 🟡 Partial<sup>[2](#32-bit)</sup>  | [linux_armv7_moderncsqlite.tar.gz](https://github.com/superseriousbusiness/gotosocial/releases/download/{{ .Tag }}/gotosocial_{{ .Version }}_linux_armv7_moderncsqlite.tar.gz)     | `superseriousbusiness/gotosocial:{{ .Version }}-moderncsqlite` |
    | Linux   | Armv6/ARM32 (32-bit)    | 🟡 Partial<sup>[2](#32-bit)</sup>  | [linux_armv6_moderncsqlite.tar.gz](https://github.com/superseriousbusiness/gotosocial/releases/download/{{ .Tag }}/gotosocial_{{ .Version }}_linux_armv7_moderncsqlite.tar.gz)     | `superseriousbusiness/gotosocial:{{ .Version }}-moderncsqlite` |
    | Linux   | x86-32/i386 (32-bit)    | 🟡 Partial<sup>[2](#32-bit)</sup>  | [linux_386_moderncsqlite.tar.gz](https://github.com/superseriousbusiness/gotosocial/releases/download/{{ .Tag }}/gotosocial_{{ .Version }}_linux_386_moderncsqlite.tar.gz)         | `superseriousbusiness/gotosocial:{{ .Version }}-moderncsqlite` |
    #### FreeBSD
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -385,7 +385,7 @@ We use [golangci-lint](https://golangci-lint.run/) for linting, which allows us
 If you make a PR that doesn't pass the linter, it will be rejected. As such, it's good practice to run the linter locally before pushing or opening a PR.
-To do this, first install the linter following the instructions [here](https://golangci-lint.run/usage/install/#local-installation).
+To do this, first install the linter following the instructions [here](https://golangci-lint.run/welcome/install/).
 Then, you can run the linter with:
--- a/README.md
+++ b/README.md
@ -283,7 +283,6 @@ This is the current status of support offered by GoToSocial for different platfo
 | Linux   | x86-32/i386 (32-bit)    | 🟡 Partial<sup>[2](#32-bit)</sup>  | Yes            | Yes              |
 | Linux   | Armv7/ARM32 (32-bit)    | 🟡 Partial<sup>[2](#32-bit)</sup>  | Yes            | Yes              |
 | Linux   | Armv6/ARM32 (32-bit)    | 🟡 Partial<sup>[2](#32-bit)</sup>  | Yes            | Yes              |
 | Linux   | x86-32/i386 (32-bit)    | 🟡 Partial<sup>[2](#32-bit)</sup>  | Yes            | Yes              |
 | OpenBSD | Any                     | 🔴 None<sup>[3](#openbsd)</sup>    | No             | No               |
 #### FreeBSD
--- a/docs/api/swagger.yaml
+++ b/docs/api/swagger.yaml
@ -2114,7 +2114,7 @@ definitions:
            bitrate:
                description: Bitrate of the media in bits per second.
                example: 1000000
-                format: int64
+                format: uint64
                type: integer
                x-go-name: Bitrate
            duration:
--- a/internal/api/client/admin/emojicreate.go
+++ b/internal/api/client/admin/emojicreate.go
@ -145,8 +145,8 @@ func validateCreateEmoji(form *apimodel.EmojiCreateRequest) error {
 		return errors.New("no emoji given")
 	}
-	maxSize := config.GetMediaEmojiLocalMaxSize()
+	maxSize := int64(config.GetMediaEmojiLocalMaxSize()) // #nosec G115 -- Already validated.
-	if form.Image.Size > int64(maxSize) {
+	if form.Image.Size > maxSize {
 		return fmt.Errorf("emoji image too large: image is %dKB but size limit for custom emojis is %dKB", form.Image.Size/1024, maxSize/1024)
 	}
--- a/internal/api/client/admin/emojiupdate.go
+++ b/internal/api/client/admin/emojiupdate.go
@ -208,8 +208,8 @@ func validateUpdateEmoji(form *apimodel.EmojiUpdateRequest) error {
 		}
 		if hasImage {
-			maxSize := config.GetMediaEmojiLocalMaxSize()
+			maxSize := int64(config.GetMediaEmojiLocalMaxSize()) // #nosec G115 -- Already validated.
-			if form.Image.Size > int64(maxSize) {
+			if form.Image.Size > maxSize {
 				return fmt.Errorf("emoji image too large: image is %dKB but size limit for custom emojis is %dKB", form.Image.Size/1024, maxSize/1024)
 			}
 		}
--- a/internal/api/model/attachment.go
+++ b/internal/api/model/attachment.go
@ -160,7 +160,7 @@ type MediaDimensions struct {
 	Duration float32 `json:"duration,omitempty"`
 	// Bitrate of the media in bits per second.
 	// example: 1000000
-	Bitrate int `json:"bitrate,omitempty"`
+	Bitrate uint64 `json:"bitrate,omitempty"`
 	// Size of the media, in the format `[width]x[height]`.
 	// Not set for audio.
 	// example: 1920x1080
--- a/internal/cache/domain/domain.go
+++ b/internal/cache/domain/domain.go
@ -220,7 +220,7 @@ func (n *node) getChild(part string) *node {
 	for i < j {
 		// avoid overflow when computing h
-		h := int(uint(i+j) >> 1)
+		h := int(uint(i+j) >> 1) // #nosec G115
 		// i ≤ h < j
 		if n.child[h].part < part {
--- a/internal/db/bundb/bundb.go
+++ b/internal/db/bundb/bundb.go
@ -25,6 +25,7 @@
 	"encoding/pem"
 	"errors"
 	"fmt"
 	"math"
 	"net/url"
 	"os"
 	"runtime"
@ -489,7 +490,10 @@ func deriveBunDBPGOptions() (*pgx.ConnConfig, error) {
 		cfg.Host = address
 	}
 	if port := config.GetDbPort(); port > 0 {
-		cfg.Port = uint16(port)
+		if port > math.MaxUint16 {
 			return nil, errors.New("invalid port, must be in range 1-65535")
 		}
 		cfg.Port = uint16(port) // #nosec G115 -- Just validated above.
 	}
 	if u := config.GetDbUser(); u != "" {
 		cfg.User = u
--- a/internal/db/sqlite/driver.go
+++ b/internal/db/sqlite/driver.go
@ -198,6 +198,7 @@ type stmtIface interface {
 	driver.Stmt
 	driver.StmtExecContext
 	driver.StmtQueryContext
 	driver.NamedValueChecker
 }
 // RowsIface is the driver.Rows interface
@ -207,4 +208,5 @@ type stmtIface interface {
 type rowsIface interface {
 	driver.Rows
 	driver.RowsColumnTypeDatabaseTypeName
 	driver.RowsColumnTypeNullable
 }
--- a/internal/federation/dereferencing/emoji.go
+++ b/internal/federation/dereferencing/emoji.go
@ -97,11 +97,11 @@ func() (*media.ProcessingEmoji, error) {
 			}
 			// Get maximum supported remote emoji size.
-			maxsz := config.GetMediaEmojiRemoteMaxSize()
+			maxsz := int64(config.GetMediaEmojiRemoteMaxSize()) // #nosec G115 -- Already validated.
 			// Prepare data function to dereference remote emoji media.
 			data := func(context.Context) (io.ReadCloser, error) {
-				return tsport.DereferenceMedia(ctx, url, int64(maxsz))
+				return tsport.DereferenceMedia(ctx, url, maxsz)
 			}
 			// Create new emoji with prepared info.
@ -189,11 +189,11 @@ func() (*media.ProcessingEmoji, error) {
 			}
 			// Get maximum supported remote emoji size.
-			maxsz := config.GetMediaEmojiRemoteMaxSize()
+			maxsz := int64(config.GetMediaEmojiRemoteMaxSize()) // #nosec G115 -- Already validated.
 			// Prepare data function to dereference remote emoji media.
 			data := func(context.Context) (io.ReadCloser, error) {
-				return tsport.DereferenceMedia(ctx, url, int64(maxsz))
+				return tsport.DereferenceMedia(ctx, url, maxsz)
 			}
 			// Update emoji with prepared info.
@ -255,11 +255,11 @@ func() (*media.ProcessingEmoji, error) {
 			}
 			// Get maximum supported remote emoji size.
-			maxsz := config.GetMediaEmojiRemoteMaxSize()
+			maxsz := int64(config.GetMediaEmojiRemoteMaxSize()) // #nosec G115 -- Already validated.
 			// Prepare data function to dereference remote emoji media.
 			data := func(context.Context) (io.ReadCloser, error) {
-				return tsport.DereferenceMedia(ctx, url, int64(maxsz))
+				return tsport.DereferenceMedia(ctx, url, maxsz)
 			}
 			// Recache emoji with prepared info.
--- a/internal/federation/dereferencing/media.go
+++ b/internal/federation/dereferencing/media.go
@ -77,14 +77,14 @@ func() (*media.ProcessingMedia, error) {
 			}
 			// Get maximum supported remote media size.
-			maxsz := config.GetMediaRemoteMaxSize()
+			maxsz := int64(config.GetMediaRemoteMaxSize()) // #nosec G115 -- Already validated.
 			// Create media with prepared info.
 			return d.mediaManager.CreateMedia(
 				ctx,
 				accountID,
 				func(ctx context.Context) (io.ReadCloser, error) {
-					return tsport.DereferenceMedia(ctx, url, int64(maxsz))
+					return tsport.DereferenceMedia(ctx, url, maxsz)
 				},
 				info,
 			)
@ -168,14 +168,14 @@ func() (*media.ProcessingMedia, error) {
 			}
 			// Get maximum supported remote media size.
-			maxsz := config.GetMediaRemoteMaxSize()
+			maxsz := int64(config.GetMediaRemoteMaxSize()) // #nosec G115 -- Already validated.
 			// Recache media with prepared info,
 			// this will also update media in db.
 			return d.mediaManager.CacheMedia(
 				attach,
 				func(ctx context.Context) (io.ReadCloser, error) {
-					return tsport.DereferenceMedia(ctx, url, int64(maxsz))
+					return tsport.DereferenceMedia(ctx, url, maxsz)
 				},
 			), nil
 		},
--- a/internal/httpclient/client.go
+++ b/internal/httpclient/client.go
@ -340,14 +340,14 @@ func (c *Client) do(r *Request) (rsp *http.Response, retry bool, err error) {
 			if u, _ := strconv.ParseUint(after, 10, 32); u != 0 {
 				// An integer no. of backoff seconds was provided.
-				r.backoff = time.Duration(u) * time.Second
+				r.backoff = time.Duration(u) * time.Second // #nosec G115 -- We clamp backoff below.
 			} else if at, _ := http.ParseTime(after); !at.Before(now) {
 				// An HTTP formatted future date-time was provided.
 				r.backoff = at.Sub(now)
 			}
 			// Don't let their provided backoff exceed our max.
-			if max := baseBackoff * time.Duration(c.retries); //
+			if max := baseBackoff * time.Duration(c.retries); // #nosec G115 -- We control c.retries.
 			r.backoff > max {
 				r.backoff = max
 			}
--- a/internal/media/ffmpeg.go
+++ b/internal/media/ffmpeg.go
@ -556,10 +556,10 @@ func (res *ffprobeResult) Process() (*result, error) {
 				if p := strings.SplitN(str, "/", 2); len(p) == 2 {
 					n, _ := strconv.ParseUint(p[0], 10, 32)
 					d, _ := strconv.ParseUint(p[1], 10, 32)
-					num, den = uint32(n), uint32(d)
+					num, den = uint32(n), uint32(d) // #nosec G115 -- ParseUint is configured to check
 				} else {
 					n, _ := strconv.ParseUint(p[0], 10, 32)
-					num = uint32(n)
+					num = uint32(n) // #nosec G115 -- ParseUint is configured to check
 				}
 				// Set final divised framerate.
--- a/internal/media/imaging.go
+++ b/internal/media/imaging.go
@ -399,9 +399,9 @@ func (s *scanner) scan(x1, y1, x2, y2 int, dst []uint8) {
 					g16 := uint16(s[1])
 					b16 := uint16(s[2])
 					a16 := uint16(a)
-					d[0] = uint8(r16 * 0xff / a16)
+					d[0] = uint8(r16 * 0xff / a16) // #nosec G115 -- Overflow desired.
-					d[1] = uint8(g16 * 0xff / a16)
+					d[1] = uint8(g16 * 0xff / a16) // #nosec G115 -- Overflow desired.
-					d[2] = uint8(b16 * 0xff / a16)
+					d[2] = uint8(b16 * 0xff / a16) // #nosec G115 -- Overflow desired.
 					d[3] = a
 				}
 				j += 4
@ -431,9 +431,9 @@ func (s *scanner) scan(x1, y1, x2, y2 int, dst []uint8) {
 					g32 := uint32(s[2])<<8 | uint32(s[3])
 					b32 := uint32(s[4])<<8 | uint32(s[5])
 					a32 := uint32(s[6])<<8 | uint32(s[7])
-					d[0] = uint8((r32 * 0xffff / a32) >> 8)
+					d[0] = uint8((r32 * 0xffff / a32) >> 8) // #nosec G115 -- Overflow desired.
-					d[1] = uint8((g32 * 0xffff / a32) >> 8)
+					d[1] = uint8((g32 * 0xffff / a32) >> 8) // #nosec G115 -- Overflow desired.
-					d[2] = uint8((b32 * 0xffff / a32) >> 8)
+					d[2] = uint8((b32 * 0xffff / a32) >> 8) // #nosec G115 -- Overflow desired.
 				}
 				d[3] = a
 				j += 4
@ -509,30 +509,30 @@ func (s *scanner) scan(x1, y1, x2, y2 int, dst []uint8) {
 				cr1 := int32(img.Cr[ic]) - 128
 				r := yy1 + 91881*cr1
-				if uint32(r)&0xff000000 == 0 {
+				if uint32(r)&0xff000000 == 0 { //nolint:gosec
 					r >>= 16
 				} else {
 					r = ^(r >> 31)
 				}
 				g := yy1 - 22554*cb1 - 46802*cr1
-				if uint32(g)&0xff000000 == 0 {
+				if uint32(g)&0xff000000 == 0 { //nolint:gosec
 					g >>= 16
 				} else {
 					g = ^(g >> 31)
 				}
 				b := yy1 + 116130*cb1
-				if uint32(b)&0xff000000 == 0 {
+				if uint32(b)&0xff000000 == 0 { //nolint:gosec
 					b >>= 16
 				} else {
 					b = ^(b >> 31)
 				}
 				d := dst[j : j+4 : j+4]
-				d[0] = uint8(r)
+				d[0] = uint8(r) // #nosec G115 -- Overflow desired.
-				d[1] = uint8(g)
+				d[1] = uint8(g) // #nosec G115 -- Overflow desired.
-				d[2] = uint8(b)
+				d[2] = uint8(b) // #nosec G115 -- Overflow desired.
 				d[3] = 0xff
 				iy++
@ -569,9 +569,9 @@ func (s *scanner) scan(x1, y1, x2, y2 int, dst []uint8) {
 				d := dst[j : j+4 : j+4]
 				switch a16 {
 				case 0xffff:
-					d[0] = uint8(r16 >> 8)
+					d[0] = uint8(r16 >> 8) // #nosec G115 -- Overflow desired.
-					d[1] = uint8(g16 >> 8)
+					d[1] = uint8(g16 >> 8) // #nosec G115 -- Overflow desired.
-					d[2] = uint8(b16 >> 8)
+					d[2] = uint8(b16 >> 8) // #nosec G115 -- Overflow desired.
 					d[3] = 0xff
 				case 0:
 					d[0] = 0
@ -579,10 +579,10 @@ func (s *scanner) scan(x1, y1, x2, y2 int, dst []uint8) {
 					d[2] = 0
 					d[3] = 0
 				default:
-					d[0] = uint8(((r16 * 0xffff) / a16) >> 8)
+					d[0] = uint8(((r16 * 0xffff) / a16) >> 8) // #nosec G115 -- Overflow desired.
-					d[1] = uint8(((g16 * 0xffff) / a16) >> 8)
+					d[1] = uint8(((g16 * 0xffff) / a16) >> 8) // #nosec G115 -- Overflow desired.
-					d[2] = uint8(((b16 * 0xffff) / a16) >> 8)
+					d[2] = uint8(((b16 * 0xffff) / a16) >> 8) // #nosec G115 -- Overflow desired.
-					d[3] = uint8(a16 >> 8)
+					d[3] = uint8(a16 >> 8)                    // #nosec G115 -- Overflow desired.
 				}
 				j += 4
 			}
@ -617,7 +617,7 @@ func clampFloat(x float64) uint8 {
 		return 255
 	}
 	if v > 0 {
-		return uint8(v)
+		return uint8(v) // #nosec G115 -- Just checked.
 	}
 	return 0
 }
--- a/internal/media/refetch.go
+++ b/internal/media/refetch.go
@ -49,9 +49,6 @@ func (m *Manager) RefetchEmojis(ctx context.Context, domain string, dereferenceM
 		refetchIDs         []string
 	)
 	// Get max supported remote emoji media size.
 	maxsz := config.GetMediaEmojiRemoteMaxSize()
 	// page through emojis 20 at a time, looking for those with missing images
 	for {
 		// Fetch next block of emojis from database
@ -111,8 +108,10 @@ func (m *Manager) RefetchEmojis(ctx context.Context, domain string, dereferenceM
 			continue
 		}
 		// Get max supported remote emoji media size.
 		maxsz := int64(config.GetMediaEmojiRemoteMaxSize()) // #nosec G115 -- Already validated.
 		dataFunc := func(ctx context.Context) (reader io.ReadCloser, err error) {
-			return dereferenceMedia(ctx, emojiImageIRI, int64(maxsz))
+			return dereferenceMedia(ctx, emojiImageIRI, maxsz)
 		}
 		processingEmoji, err := m.UpdateEmoji(ctx, emoji, dataFunc, AdditionalEmojiInfo{
--- a/internal/media/util.go
+++ b/internal/media/util.go
@ -145,7 +145,7 @@ func drainToTmp(rc io.ReadCloser) (string, error) {
 	// Check to see if limit was reached,
 	// (produces more useful error messages).
 	if lr != nil && lr.N <= 0 {
-		err := fmt.Errorf("reached read limit %s", bytesize.Size(limit))
+		err := fmt.Errorf("reached read limit %s", bytesize.Size(limit)) // #nosec G115 -- Just logging
 		return path, gtserror.SetLimitReached(err)
 	}
--- a/internal/middleware/logger.go
+++ b/internal/middleware/logger.go
@ -123,7 +123,7 @@ func Logger(logClientIP bool) gin.HandlerFunc {
 			}
 			// Generate a nicer looking bytecount
-			size := bytesize.Size(c.Writer.Size())
+			size := bytesize.Size(c.Writer.Size()) // #nosec G115 -- Just logging
 			// Finally, write log entry with status text + body size.
 			l.Logf(lvl, "%s: wrote %s", statusText, size)
--- a/internal/middleware/requestid.go
+++ b/internal/middleware/requestid.go
@ -48,7 +48,7 @@ func NewRequestID() string {
 	b := make([]byte, 12)
 	// Get current time in milliseconds.
-	ms := uint64(time.Now().UnixMilli())
+	ms := uint64(time.Now().UnixMilli()) // #nosec G115 -- Pre-1970 clock?
 	// Store binary time data in byte buffer.
 	binary.LittleEndian.PutUint64(b[0:8], ms)
--- a/internal/middleware/throttling.go
+++ b/internal/middleware/throttling.go
@ -82,12 +82,16 @@ func Throttle(cpuMultiplier int, retryAfter time.Duration) gin.HandlerFunc {
 		return func(c *gin.Context) {}
 	}
 	if retryAfter < 0 {
 		retryAfter = 0
 	}
 	var (
 		limit         = runtime.GOMAXPROCS(0) * cpuMultiplier
 		queueLimit    = limit * cpuMultiplier
 		tokens        = make(chan token, limit)
 		requestCount  = atomic.Int64{}
-		retryAfterStr = strconv.FormatUint(uint64(retryAfter/time.Second), 10)
+		retryAfterStr = strconv.FormatUint(uint64(retryAfter/time.Second), 10) // #nosec G115 -- Checked right above
 	)
 	// prefill token channel
--- a/internal/processing/account/update.go
+++ b/internal/processing/account/update.go
@ -463,9 +463,10 @@ func (p *Processor) UpdateAvatar(
 ) {
 	// Get maximum supported local media size.
 	maxsz := config.GetMediaLocalMaxSize()
 	maxszInt64 := int64(maxsz) // #nosec G115 -- Already validated.
 	// Ensure media within size bounds.
-	if avatar.Size > int64(maxsz) {
+	if avatar.Size > maxszInt64 {
 		text := fmt.Sprintf("media exceeds configured max size: %s", maxsz)
 		return nil, gtserror.NewErrorBadRequest(errors.New(text), text)
 	}
@ -478,7 +479,7 @@ func (p *Processor) UpdateAvatar(
 	}
 	// Wrap the multipart file reader to ensure is limited to max.
-	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, int64(maxsz))
+	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, maxszInt64)
 	// Write to instance storage.
 	return p.c.StoreLocalMedia(ctx,
@ -508,9 +509,10 @@ func (p *Processor) UpdateHeader(
 ) {
 	// Get maximum supported local media size.
 	maxsz := config.GetMediaLocalMaxSize()
 	maxszInt64 := int64(maxsz) // #nosec G115 -- Already validated.
 	// Ensure media within size bounds.
-	if header.Size > int64(maxsz) {
+	if header.Size > maxszInt64 {
 		text := fmt.Sprintf("media exceeds configured max size: %s", maxsz)
 		return nil, gtserror.NewErrorBadRequest(errors.New(text), text)
 	}
@ -523,7 +525,7 @@ func (p *Processor) UpdateHeader(
 	}
 	// Wrap the multipart file reader to ensure is limited to max.
-	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, int64(maxsz))
+	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, maxszInt64)
 	// Write to instance storage.
 	return p.c.StoreLocalMedia(ctx,
--- a/internal/processing/admin/emoji.go
+++ b/internal/processing/admin/emoji.go
@ -25,7 +25,6 @@
 	"mime/multipart"
 	"strings"
 	"codeberg.org/gruf/go-bytesize"
 	"codeberg.org/gruf/go-iotools"
 	apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
 	"github.com/superseriousbusiness/gotosocial/internal/config"
@ -46,9 +45,10 @@ func (p *Processor) EmojiCreate(
 	// Get maximum supported local emoji size.
 	maxsz := config.GetMediaEmojiLocalMaxSize()
 	maxszInt64 := int64(maxsz) // #nosec G115 -- Already validated.
 	// Ensure media within size bounds.
-	if form.Image.Size > int64(maxsz) {
+	if form.Image.Size > maxszInt64 {
 		text := fmt.Sprintf("emoji exceeds configured max size: %s", maxsz)
 		return nil, gtserror.NewErrorBadRequest(errors.New(text), text)
 	}
@ -61,7 +61,7 @@ func (p *Processor) EmojiCreate(
 	}
 	// Wrap the multipart file reader to ensure is limited to max.
-	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, int64(maxsz))
+	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, maxszInt64)
 	data := func(context.Context) (io.ReadCloser, error) {
 		return rc, nil
 	}
@ -301,9 +301,10 @@ func (p *Processor) emojiUpdateCopy(
 	// Get maximum supported local emoji size.
 	maxsz := config.GetMediaEmojiLocalMaxSize()
 	maxszInt := int(maxsz) // #nosec G115 -- Already validated.
 	// Ensure target emoji image within size bounds.
-	if bytesize.Size(target.ImageFileSize) > maxsz {
+	if target.ImageFileSize > maxszInt {
 		text := fmt.Sprintf("emoji exceeds configured max size: %s", maxsz)
 		return nil, gtserror.NewErrorBadRequest(errors.New(text), text)
 	}
@ -442,9 +443,10 @@ func (p *Processor) emojiUpdateModify(
 		// Get maximum supported local emoji size.
 		maxsz := config.GetMediaEmojiLocalMaxSize()
 		maxszInt64 := int64(maxsz) // #nosec G115 -- Already validated.
 		// Ensure media within size bounds.
-		if image.Size > int64(maxsz) {
+		if image.Size > maxszInt64 {
 			text := fmt.Sprintf("emoji exceeds configured max size: %s", maxsz)
 			return nil, gtserror.NewErrorBadRequest(errors.New(text), text)
 		}
@ -457,7 +459,7 @@ func (p *Processor) emojiUpdateModify(
 		}
 		// Wrap the multipart file reader to ensure is limited to max.
-		rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, int64(maxsz))
+		rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, int64(maxsz)) // #nosec G115 -- Already validated.
 		data := func(context.Context) (io.ReadCloser, error) {
 			return rc, nil
 		}
--- a/internal/processing/media/create.go
+++ b/internal/processing/media/create.go
@ -36,9 +36,10 @@ func (p *Processor) Create(ctx context.Context, account *gtsmodel.Account, form
 	// Get maximum supported local media size.
 	maxsz := config.GetMediaLocalMaxSize()
 	maxszInt64 := int64(maxsz) // #nosec G115 -- Already validated.
 	// Ensure media within size bounds.
-	if form.File.Size > int64(maxsz) {
+	if form.File.Size > maxszInt64 {
 		text := fmt.Sprintf("media exceeds configured max size: %s", maxsz)
 		return nil, gtserror.NewErrorBadRequest(errors.New(text), text)
 	}
@ -58,7 +59,7 @@ func (p *Processor) Create(ctx context.Context, account *gtsmodel.Account, form
 	}
 	// Wrap the multipart file reader to ensure is limited to max.
-	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, int64(maxsz))
+	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, maxszInt64)
 	// Create local media and write to instance storage.
 	attachment, errWithCode := p.c.StoreLocalMedia(ctx,
--- a/internal/transport/derefmedia.go
+++ b/internal/transport/derefmedia.go
@ -53,7 +53,7 @@ func (t *transport) DereferenceMedia(ctx context.Context, iri *url.URL, maxsz in
 	// Check media within size limit.
 	if rsp.ContentLength > maxsz {
 		_ = rsp.Body.Close()       // close early.
-		sz := bytesize.Size(maxsz) // nicer log format
+		sz := bytesize.Size(maxsz) //nolint:gosec
 		return nil, gtserror.Newf("media body exceeds max size %s", sz)
 	}
--- a/internal/typeutils/internaltofrontend.go
+++ b/internal/typeutils/internaltofrontend.go
@ -647,7 +647,7 @@ func (c *Converter) AttachmentToAPIAttachment(ctx context.Context, media *gtsmod
 			Size:      toAPISize(media.FileMeta.Original.Width, media.FileMeta.Original.Height),
 			FrameRate: toAPIFrameRate(media.FileMeta.Original.Framerate),
 			Duration:  util.PtrOrZero(media.FileMeta.Original.Duration),
-			Bitrate:   int(util.PtrOrZero(media.FileMeta.Original.Bitrate)),
+			Bitrate:   util.PtrOrZero(media.FileMeta.Original.Bitrate),
 		}
 		// Copy over local file URL.
@ -1531,7 +1531,7 @@ func (c *Converter) InstanceToAPIV1Instance(ctx context.Context, i *gtsmodel.Ins
 		Registrations:        config.GetAccountsRegistrationOpen(),
 		ApprovalRequired:     true,                               // approval always required
 		InvitesEnabled:       false,                              // todo: not supported yet
-		MaxTootChars:         uint(config.GetStatusesMaxChars()),
+		MaxTootChars:         uint(config.GetStatusesMaxChars()), // #nosec G115 -- Already validated.
 		Rules:                c.InstanceRulesToAPIRules(i.Rules),
 		Terms:                i.Terms,
 		TermsRaw:             i.TermsText,
@ -1551,9 +1551,9 @@ func (c *Converter) InstanceToAPIV1Instance(ctx context.Context, i *gtsmodel.Ins
 	instance.Configuration.Statuses.CharactersReservedPerURL = instanceStatusesCharactersReservedPerURL
 	instance.Configuration.Statuses.SupportedMimeTypes = instanceStatusesSupportedMimeTypes
 	instance.Configuration.MediaAttachments.SupportedMimeTypes = media.SupportedMIMETypes
-	instance.Configuration.MediaAttachments.ImageSizeLimit = int(config.GetMediaRemoteMaxSize())
+	instance.Configuration.MediaAttachments.ImageSizeLimit = int(config.GetMediaRemoteMaxSize()) // #nosec G115 -- Already validated.
 	instance.Configuration.MediaAttachments.ImageMatrixLimit = instanceMediaAttachmentsImageMatrixLimit
-	instance.Configuration.MediaAttachments.VideoSizeLimit = int(config.GetMediaRemoteMaxSize())
+	instance.Configuration.MediaAttachments.VideoSizeLimit = int(config.GetMediaRemoteMaxSize()) // #nosec G115 -- Already validated.
 	instance.Configuration.MediaAttachments.VideoFrameRateLimit = instanceMediaAttachmentsVideoFrameRateLimit
 	instance.Configuration.MediaAttachments.VideoMatrixLimit = instanceMediaAttachmentsVideoMatrixLimit
 	instance.Configuration.Polls.MaxOptions = config.GetStatusesPollMaxOptions()
@ -1563,7 +1563,7 @@ func (c *Converter) InstanceToAPIV1Instance(ctx context.Context, i *gtsmodel.Ins
 	instance.Configuration.Accounts.AllowCustomCSS = config.GetAccountsAllowCustomCSS()
 	instance.Configuration.Accounts.MaxFeaturedTags = instanceAccountsMaxFeaturedTags
 	instance.Configuration.Accounts.MaxProfileFields = instanceAccountsMaxProfileFields
-	instance.Configuration.Emojis.EmojiSizeLimit = int(config.GetMediaEmojiLocalMaxSize())
+	instance.Configuration.Emojis.EmojiSizeLimit = int(config.GetMediaEmojiLocalMaxSize()) // #nosec G115 -- Already validated.
 	instance.Configuration.OIDCEnabled = config.GetOIDCEnabled()
 	// URLs
@ -1695,9 +1695,9 @@ func (c *Converter) InstanceToAPIV2Instance(ctx context.Context, i *gtsmodel.Ins
 	instance.Configuration.Statuses.CharactersReservedPerURL = instanceStatusesCharactersReservedPerURL
 	instance.Configuration.Statuses.SupportedMimeTypes = instanceStatusesSupportedMimeTypes
 	instance.Configuration.MediaAttachments.SupportedMimeTypes = media.SupportedMIMETypes
-	instance.Configuration.MediaAttachments.ImageSizeLimit = int(config.GetMediaRemoteMaxSize())
+	instance.Configuration.MediaAttachments.ImageSizeLimit = int(config.GetMediaRemoteMaxSize()) // #nosec G115 -- Already validated.
 	instance.Configuration.MediaAttachments.ImageMatrixLimit = instanceMediaAttachmentsImageMatrixLimit
-	instance.Configuration.MediaAttachments.VideoSizeLimit = int(config.GetMediaRemoteMaxSize())
+	instance.Configuration.MediaAttachments.VideoSizeLimit = int(config.GetMediaRemoteMaxSize()) // #nosec G115 -- Already validated.
 	instance.Configuration.MediaAttachments.VideoFrameRateLimit = instanceMediaAttachmentsVideoFrameRateLimit
 	instance.Configuration.MediaAttachments.VideoMatrixLimit = instanceMediaAttachmentsVideoMatrixLimit
 	instance.Configuration.Polls.MaxOptions = config.GetStatusesPollMaxOptions()
@ -1707,7 +1707,7 @@ func (c *Converter) InstanceToAPIV2Instance(ctx context.Context, i *gtsmodel.Ins
 	instance.Configuration.Accounts.AllowCustomCSS = config.GetAccountsAllowCustomCSS()
 	instance.Configuration.Accounts.MaxFeaturedTags = instanceAccountsMaxFeaturedTags
 	instance.Configuration.Accounts.MaxProfileFields = instanceAccountsMaxProfileFields
-	instance.Configuration.Emojis.EmojiSizeLimit = int(config.GetMediaEmojiLocalMaxSize())
+	instance.Configuration.Emojis.EmojiSizeLimit = int(config.GetMediaEmojiLocalMaxSize()) // #nosec G115 -- Already validated.
 	instance.Configuration.OIDCEnabled = config.GetOIDCEnabled()
 	// registrations
Author	SHA1	Message	Date
Markus Unterwaditzer	c00318cb77	Merge `8ccff37525` into `3e8c4951e1`	2024-10-15 17:28:33 +02:00
tobi	3e8c4951e1	[docs] remove duplicate entry from supported platforms (#3442 )	2024-10-15 13:37:16 +02:00
kim	3ad49f7718	updates exported interface types to match ncruces/go-sqlite3/driver methods (#3440 )	2024-10-14 20:28:59 +00:00
Markus Unterwaditzer	8ccff37525	Merge branch 'main' into golangci-lint-upgrade	2024-10-14 14:12:48 +02:00
Markus Unterwaditzer	79fb292246	fix the linter for real	2024-10-12 13:10:01 +02:00
Markus Unterwaditzer	3d407b556e	fix wrong formatting specifier thing	2024-10-12 13:03:28 +02:00
Markus Unterwaditzer	263ddf8128	apply review feedback	2024-10-12 12:59:19 +02:00
Markus Unterwaditzer	9b1683bee6	swagger updates	2024-10-12 12:06:59 +02:00
Markus Unterwaditzer	bd9ce6638e	get rid of remaining nolint:gosec	2024-10-12 11:01:15 +02:00
Markus Unterwaditzer	77736957ec	revert another unrelated change	2024-10-12 10:43:27 +02:00
Markus Unterwaditzer	a4f6f1474e	revert unrelated changes	2024-10-12 10:41:55 +02:00
Markus Unterwaditzer	2693b8827d	Merge branch 'go_123' into golangci-lint-upgrade	2024-10-12 10:41:29 +02:00
Markus Unterwaditzer	fe5849fcf1	fix golangci-lint documentation link	2024-10-12 10:33:00 +02:00
Markus Unterwaditzer	275a3f8636	[chore] Upgrade golangci-lint, ignore existing int overflow warnings There is a new lint for unchecked int casts. Integer overflows are bad, but the old code that triggers this lint seems to be perfectly fine. Instead of disabling the lint entirely for new code as well, grandfather in existing code.	2024-10-12 10:30:08 +02:00
tobi	4be1f780a1	goreleaser deprecation notices	2024-09-02 15:14:27 +02:00
tobi	8db3d6b700	allow overflow in imaging	2024-09-02 15:08:07 +02:00
tobi	666b8bc4f2	Merge branch 'main' into go_123	2024-09-02 14:38:00 +02:00
tobi	7c6c74243b	bump go version in go.mod	2024-09-01 17:44:54 +02:00
tobi	75d3fca08c	sign	2024-09-01 17:42:45 +02:00
tobi	bd4c4d79fe	undo silly change	2024-09-01 17:37:17 +02:00
tobi	c1543c029b	[chore] Bump tooling versions, bump go -> v1.23.0	2024-09-01 17:35:31 +02:00