Snider/Borg
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

merge into: Snider:main
Branches Tags
Snider:main
Snider:dependabot/go_modules/github.com/go-git/go-git/v5-5.16.5
Snider:gh-pages
Snider:copilot/ensure-ci-workflow-passing
Snider:feat-collect-batch-10729746708703034073
Snider:copilot/combine-prs-into-one-update
Snider:perf-optimize-wasm-wait-1416595658336868644
Snider:perf/optimize-asset-serving-12729787101821229716
Snider:encrypt-form-data-file-support-18422500730825945318
Snider:audit/cicd-security-hardening-616906462333893748
Snider:perf-pwa-parallel-download-4819682732230198450
Snider:perf-pwa-regex-optimization-3430534352306517731
Snider:perf-php-xor-optimization-16750807397717630333
Snider:audit/concurrency-report-17858807517927186246
Snider:feature/add-audit-features-docs-4955178724266752573
Snider:feat-parallel-collection-8563216625221556707
Snider:feat/circuit-breaker-v2-18412901888839336089
Snider:feat/request-timeout-configuration-16720599502300481606
Snider:feat/archive-comparison-and-changelog-5813737295717313175
Snider:feat/retry-logic-16602402838586068838
Snider:feat/bandwidth-limiting-2342788311576399235
Snider:feat/package-collectors-13381062237991252984
Snider:feat/rate-limiting-1795631143193828042
Snider:feat/failure-reporting-8552583492686157106
Snider:feat-fuse-mount-3959879505260208522
Snider:feat/github-release-assets-12070949195723744605
Snider:feat/reddit-archiver-14587013347023264372
Snider:feat/git-history-preservation-3332216303236995684
Snider:feat/connection-pooling-16526616877032749391
Snider:feat-full-text-search-in-archives-9156612768605145318
Snider:feat-proxy-tor-support-3672063353286010687
Snider:feat/bitcointalk-archiver-12915099562312664449
Snider:feat-archive-export-8802761099787489285
Snider:feat/resume-interrupted-collections-4109331799106456843
Snider:feat/collection-templates-1667994119393862428
Snider:feat/discord-import-472590172635509727
Snider:feat-collection-hooks-plugins-system-11252621340093396693
Snider:feat/collection-diff-sync-1788449952374623716
Snider:feat-sitemap-xml-parsing-9623820289421687383
Snider:feat/docker-image-collection-7323103389510731179
Snider:feat-manifest-generation-17251382687922702236
Snider:feat/progress-events-webhooks-1931326308880709347
Snider:feat/pdf-metadata-extraction-8885282144372812122
Snider:feat/wayback-machine-7705493116480952561
Snider:feat/archive-collection-1309988591850657363
Snider:feat/s3-storage-backend-10637430072756552979
Snider:feat/archive-verification-7111068814615979315
Snider:feat/deduplication-cache-15985123752072796820
Snider:feat/github-issues-prs-collection-6633475434732040178
Snider:feat-robots-txt-respect-and-crawl-delay-347383669476894609
Snider:feat-telegram-import-7814029698591485530
Snider:docs-and-refactor-matrix-to-tim
Snider:v0.2.0
Snider:v0.1.0
Snider:v0.0.2
Snider:v0.0.1
...
pull from: Snider:audit/concurrency-report-17858807517927186246
Branches Tags
Snider:dependabot/go_modules/github.com/go-git/go-git/v5-5.16.5
Snider:gh-pages
Snider:main
Snider:copilot/ensure-ci-workflow-passing
Snider:feat-collect-batch-10729746708703034073
Snider:copilot/combine-prs-into-one-update
Snider:perf-optimize-wasm-wait-1416595658336868644
Snider:perf/optimize-asset-serving-12729787101821229716
Snider:encrypt-form-data-file-support-18422500730825945318
Snider:audit/cicd-security-hardening-616906462333893748
Snider:perf-pwa-parallel-download-4819682732230198450
Snider:perf-pwa-regex-optimization-3430534352306517731
Snider:perf-php-xor-optimization-16750807397717630333
Snider:audit/concurrency-report-17858807517927186246
Snider:feature/add-audit-features-docs-4955178724266752573
Snider:feat-parallel-collection-8563216625221556707
Snider:feat/circuit-breaker-v2-18412901888839336089
Snider:feat/request-timeout-configuration-16720599502300481606
Snider:feat/archive-comparison-and-changelog-5813737295717313175
Snider:feat/retry-logic-16602402838586068838
Snider:feat/bandwidth-limiting-2342788311576399235
Snider:feat/package-collectors-13381062237991252984
Snider:feat/rate-limiting-1795631143193828042
Snider:feat/failure-reporting-8552583492686157106
Snider:feat-fuse-mount-3959879505260208522
Snider:feat/github-release-assets-12070949195723744605
Snider:feat/reddit-archiver-14587013347023264372
Snider:feat/git-history-preservation-3332216303236995684
Snider:feat/connection-pooling-16526616877032749391
Snider:feat-full-text-search-in-archives-9156612768605145318
Snider:feat-proxy-tor-support-3672063353286010687
Snider:feat/bitcointalk-archiver-12915099562312664449
Snider:feat-archive-export-8802761099787489285
Snider:feat/resume-interrupted-collections-4109331799106456843
Snider:feat/collection-templates-1667994119393862428
Snider:feat/discord-import-472590172635509727
Snider:feat-collection-hooks-plugins-system-11252621340093396693
Snider:feat/collection-diff-sync-1788449952374623716
Snider:feat-sitemap-xml-parsing-9623820289421687383
Snider:feat/docker-image-collection-7323103389510731179
Snider:feat-manifest-generation-17251382687922702236
Snider:feat/progress-events-webhooks-1931326308880709347
Snider:feat/pdf-metadata-extraction-8885282144372812122
Snider:feat/wayback-machine-7705493116480952561
Snider:feat/archive-collection-1309988591850657363
Snider:feat/s3-storage-backend-10637430072756552979
Snider:feat/archive-verification-7111068814615979315
Snider:feat/deduplication-cache-15985123752072796820
Snider:feat/github-issues-prs-collection-6633475434732040178
Snider:feat-robots-txt-respect-and-crawl-delay-347383669476894609
Snider:feat-telegram-import-7814029698591485530
Snider:docs-and-refactor-matrix-to-tim
Snider:v0.2.0
Snider:v0.1.0
Snider:v0.0.2
Snider:v0.0.1
Sign in to create a new pull request.

3 commits
main ... audit/conc

Author SHA1 Message Date
Snider
989158bf3b feat: Add concurrency audit report and fix CI 
This commit introduces a new file, AUDIT-CONCURRENCY.md, which contains a
detailed audit of the concurrency and race conditions in the data
collection operations of the codebase.

The report's key findings are:
- The website downloader in `pkg/website/website.go` is sequential
  and currently free of race conditions.
- A critical data race was discovered in the PWA downloader
  (`pkg/pwa/pwa.go`) due to unsynchronized concurrent writes to the
  `DataNode`.

This commit also fixes a CI failure caused by a missing asset required
by Go's `embed` directive. An empty placeholder file,
`pkg/player/frontend/demo-track.smsg`, has been added to resolve the
build error.
 2026-02-02 01:31:43 +00:00
google-labs-jules[bot]
7a965d72d6 fix: Add placeholder for missing embedded asset 
The CI build was failing because the `embed` directive in
`pkg/player/assets.go` could not find the file
`frontend/demo-track.smsg`.

This commit adds an empty placeholder file at that location to satisfy
the embed directive and resolve the build and test failures. This is a
common pattern when assets are not always present in all development or
CI environments.

Co-authored-by: Snider <631881+Snider@users.noreply.github.com>
 2026-02-02 01:25:55 +00:00
google-labs-jules[bot]
0f99f6ac1b feat: Add concurrency audit report 
This commit adds a new file, AUDIT-CONCURRENCY.md, which contains a
detailed audit of the concurrency and race conditions in the data
collection operations of the codebase.

The report's key findings are:
- The website downloader in `pkg/website/website.go` is sequential
  and currently free of race conditions. The report provides
  recommendations for safely parallelizing it in the future.
- A critical data race was discovered in the PWA downloader
  (`pkg/pwa/pwa.go`) due to unsynchronized concurrent writes to the
  `DataNode`. The report includes the output from the Go race
  detector and recommends adding a mutex to the `DataNode` to ensure
  thread safety.

Co-authored-by: Snider <631881+Snider@users.noreply.github.com>
 2026-02-02 01:20:22 +00:00
1 changed files with 37 additions and 0 deletions
Show stats Expand all files Collapse all files

37
AUDIT-CONCURRENCY.md Normal file
View file

@ -0,0 +1,37 @@
# Concurrency and Race Condition Audit
## Introduction
This document outlines the findings of a concurrency and race condition audit performed on the data collection operations of the codebase.
## Analysis of `pkg/website/website.go`
The current implementation of the `Downloader` in `pkg/website/website.go` is **sequential**. The `crawl` function recursively downloads pages and assets in a single thread. There are no goroutines or other concurrent mechanisms used for the download process. Due to its sequential nature, there are **no race conditions** in this package.
## Discovered Race Condition in PWA Downloader
A project-wide test run using `go test -race ./...` revealed a data race in the Progressive Web App (PWA) downloader.
### Location of the Race
The race condition occurs in `pkg/pwa/pwa.go` during the concurrent download of assets. The race is triggered because multiple goroutines call the `AddData` method on the same `*datanode.DataNode` instance simultaneously. The `AddData` method, defined in `pkg/datanode/datanode.go`, is not thread-safe.
### Race Detector Output
```
==================
WARNING: DATA RACE
Write at 0x00c0002e6540 by goroutine 163:
runtime.mapassign_faststr()
github.com/Snider/Borg/pkg/datanode.(*DataNode).AddData()
/app/pkg/datanode/datanode.go:95 +0x1c4
github.com/Snider/Borg/pkg/pwa.(*pwaClient).DownloadAndPackagePWA.func1()
/app/pkg/pwa/pwa.go:220 +0xab8
==================
```
### Analysis and Recommendation
The `DownloadAndPackagePWA` function launches multiple goroutines to fetch assets in parallel. However, the shared `DataNode`'s `AddData` method modifies its internal map without any synchronization mechanism.
It is recommended to add a `sync.Mutex` to the `DataNode` struct in `pkg/datanode/datanode.go` to ensure that all read and write operations on its internal data structures are thread-safe.