diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index f8aa42a..e7d5d1a 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -15,7 +15,7 @@ jobs: - uses: "actions/checkout@v3" - uses: "actions/setup-go@v3" with: - go-version: "^1.19" + go-version: ">=1.19" - name: "Build" run: "go build ./cmd/..." diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index e2fd4d4..1f077d2 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -15,11 +15,22 @@ jobs: - uses: "actions/checkout@v3" - uses: "actions/setup-go@v3" with: - go-version: "^1.19" + go-version: ">=1.19" - uses: "authzed/actions/gofumpt@main" - uses: "authzed/actions/go-mod-tidy@main" - uses: "authzed/actions/go-generate@main" - - uses: "authzed/actions/golangci-lint@main" + + go-lint-ci: + name: "Lint CI" + runs-on: "ubuntu-latest" + steps: + - uses: "actions/checkout@v3" + - uses: "actions/setup-go@v3" + with: + go-version: ">=1.19" + - uses: "golangci/golangci-lint-action@v3" + with: + version: "latest" codeql: name: "Analyze with CodeQL" diff --git a/cmd/mochi-e2e/e2e.go b/cmd/mochi-e2e/e2e.go index 9841c72..11fe030 100644 --- a/cmd/mochi-e2e/e2e.go +++ b/cmd/mochi-e2e/e2e.go @@ -3,17 +3,15 @@ package main import ( + "crypto/rand" "flag" "fmt" "log" - "math/rand" "time" "github.com/anacrolix/torrent/tracker" "github.com/sot-tech/mochi/bittorrent" - - _ "github.com/sot-tech/mochi/pkg/randseed" ) func main() { @@ -43,7 +41,9 @@ func main() { func test(addr string, delay time.Duration) error { b := make([]byte, bittorrent.InfoHashV1Len) - rand.Read(b) + if _, err := rand.Read(b); err != nil { + panic(err) + } ih, _ := bittorrent.NewInfoHash(b) return testWithInfoHash(ih, addr, delay) } diff --git a/go.mod b/go.mod index d1ed3e9..33d46dc 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/anacrolix/torrent v1.48.0 github.com/cespare/xxhash/v2 v2.2.0 github.com/golang-jwt/jwt/v4 v4.5.0 - github.com/jackc/pgx/v5 v5.3.0 + github.com/jackc/pgx/v5 v5.3.1 github.com/julienschmidt/httprouter v1.3.0 github.com/libp2p/go-reuseport v0.2.0 github.com/minio/sha256-simd v1.0.0 diff --git a/go.sum b/go.sum index 4a8af42..24d8b9e 100644 --- a/go.sum +++ b/go.sum @@ -143,8 +143,8 @@ github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsI github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg= github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a h1:bbPeKD0xmW/Y25WS6cokEszi5g+S0QxI/d45PkRi7Nk= github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM= -github.com/jackc/pgx/v5 v5.3.0 h1:/NQi8KHMpKWHInxXesC8yD4DhkXPrVhmnwYkjp9AmBA= -github.com/jackc/pgx/v5 v5.3.0/go.mod h1:t3JDKnCBlYIc0ewLF0Q7B8MXmoIaBOZj/ic7iHozM/8= +github.com/jackc/pgx/v5 v5.3.1 h1:Fcr8QJ1ZeLi5zsPZqQeUZhNhxfkkKBOgJuYkJHoBOtU= +github.com/jackc/pgx/v5 v5.3.1/go.mod h1:t3JDKnCBlYIc0ewLF0Q7B8MXmoIaBOZj/ic7iHozM/8= github.com/jackc/puddle/v2 v2.2.0 h1:RdcDk92EJBuBS55nQMMYFXTxwstHug4jkhT5pq8VxPk= github.com/jackc/puddle/v2 v2.2.0/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= diff --git a/middleware/jwt/jwt_test.go b/middleware/jwt/jwt_test.go index 04a4983..f2b7997 100644 --- a/middleware/jwt/jwt_test.go +++ b/middleware/jwt/jwt_test.go @@ -4,6 +4,7 @@ import ( "context" "crypto/ecdsa" "crypto/elliptic" + cr "crypto/rand" "encoding/base64" "encoding/json" "math/rand" @@ -74,7 +75,9 @@ func init() { _ = log.ConfigureLogger("", "info", false, false) privKey, _ = jwt.ParseECPrivateKeyFromPEM([]byte(privKeyPEM)) ihBytes := make([]byte, bittorrent.InfoHashV1Len) - rand.Read(ihBytes) + if _, err := cr.Read(ihBytes); err != nil { + panic(err) + } infoHash, _ = bittorrent.NewInfoHash(ihBytes) s2 := sha256.New() s2.Write(elliptic.Marshal(privKey.PublicKey.Curve, privKey.PublicKey.X, privKey.PublicKey.Y)) @@ -158,7 +161,9 @@ func TestHook_HandleAnnounceInvalid(t *testing.T) { token.Header["kid"] = jwksData.Keys[0].KeyID k := make([]byte, 20) - rand.Read(k) + if _, err := cr.Read(k); err != nil { + panic(err) + } tokenString, err := token.SignedString(k) require.Nil(t, err) //goland:noinspection HttpUrlsUsage diff --git a/storage/test/storage_bench.go b/storage/test/storage_bench.go index fa2765a..b86c6f7 100644 --- a/storage/test/storage_bench.go +++ b/storage/test/storage_bench.go @@ -4,6 +4,7 @@ package test import ( "context" + cr "crypto/rand" "math/rand" "net" "net/netip" @@ -42,7 +43,9 @@ func generatePeers() (a [peersCount]bittorrent.Peer) { } else { ip = make([]byte, net.IPv6len) } - rand.Read(ip) + if _, err := cr.Read(ip); err != nil { + panic(err) + } addr, ok := netip.AddrFromSlice(ip) if !ok { panic("unable to create ip from random bytes") diff --git a/storage/test/storage_test_data.go b/storage/test/storage_test_data.go index 38ed925..bbaa77c 100644 --- a/storage/test/storage_test_data.go +++ b/storage/test/storage_test_data.go @@ -3,12 +3,10 @@ package test import ( - "math/rand" + "crypto/rand" "net/netip" "github.com/sot-tech/mochi/bittorrent" - // used for seeding global math.Rand - _ "github.com/sot-tech/mochi/pkg/randseed" ) var ( @@ -25,14 +23,18 @@ func randIH(v2 bool) (ih bittorrent.InfoHash) { } else { b = make([]byte, bittorrent.InfoHashV1Len) } - rand.Read(b) + if _, err := rand.Read(b); err != nil { + panic(err) + } ih, _ = bittorrent.NewInfoHash(b) return } func randPeerID() (ih bittorrent.PeerID) { b := make([]byte, bittorrent.PeerIDLen) - rand.Read(b) + if _, err := rand.Read(b); err != nil { + panic(err) + } ih, _ = bittorrent.NewPeerID(b) return }