diff --git a/auth/auth.go b/auth/auth.go index 35db896..8e2a432 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -323,7 +323,9 @@ func (a *Authenticator) ValidateSession(token string) (*Session, error) { } if time.Now().After(session.ExpiresAt) { - _ = a.store.Delete(token) + if err := a.store.Delete(token); err != nil { + return nil, coreerr.E(op, "session expired", err) + } return nil, coreerr.E(op, "session expired", nil) } @@ -340,7 +342,9 @@ func (a *Authenticator) RefreshSession(token string) (*Session, error) { } if time.Now().After(session.ExpiresAt) { - _ = a.store.Delete(token) + if err := a.store.Delete(token); err != nil { + return nil, coreerr.E(op, "session expired", err) + } return nil, coreerr.E(op, "session expired", nil) } @@ -389,7 +393,9 @@ func (a *Authenticator) DeleteUser(userID string) error { } // Revoke any active sessions for this user - _ = a.store.DeleteByUser(userID) + if err := a.store.DeleteByUser(userID); err != nil { + return coreerr.E(op, "failed to delete user sessions", err) + } return nil } @@ -565,7 +571,9 @@ func (a *Authenticator) RevokeKey(userID, password, reason string) error { } // Invalidate all sessions - _ = a.store.DeleteByUser(userID) + if err := a.store.DeleteByUser(userID); err != nil { + return coreerr.E(op, "failed to delete user sessions", err) + } return nil } diff --git a/cmd/testcmd/cmd_runner.go b/cmd/testcmd/cmd_runner.go index d952b1b..6aa312e 100644 --- a/cmd/testcmd/cmd_runner.go +++ b/cmd/testcmd/cmd_runner.go @@ -49,7 +49,11 @@ func runTest(verbose, coverage, short bool, pkg, run string, race, jsonOutput bo // Create command cmd := exec.Command("go", args...) - cmd.Dir, _ = os.Getwd() + cwd, err := os.Getwd() + if err != nil { + return coreerr.E("cmd.test", "failed to determine working directory", err) + } + cmd.Dir = cwd // Set environment to suppress macOS linker warnings cmd.Env = append(os.Environ(), getMacOSDeploymentTarget()) @@ -76,7 +80,7 @@ func runTest(verbose, coverage, short bool, pkg, run string, race, jsonOutput bo cmd.Stderr = &stderr } - err := cmd.Run() + err = cmd.Run() exitCode := 0 if err != nil { if exitErr, ok := err.(*exec.ExitError); ok { diff --git a/crypt/chachapoly/chachapoly_test.go b/crypt/chachapoly/chachapoly_test.go index 1123f2c..2bc9cf5 100644 --- a/crypt/chachapoly/chachapoly_test.go +++ b/crypt/chachapoly/chachapoly_test.go @@ -2,9 +2,10 @@ package chachapoly import ( "crypto/rand" - "errors" "testing" + coreerr "dappco.re/go/core/log" + "github.com/stretchr/testify/assert" ) @@ -12,7 +13,7 @@ import ( type mockReader struct{} func (r *mockReader) Read(p []byte) (n int, err error) { - return 0, errors.New("read error") + return 0, coreerr.E("chachapoly.mockReader.Read", "read error", nil) } func TestEncryptDecrypt(t *testing.T) { diff --git a/crypt/openpgp/service.go b/crypt/openpgp/service.go index cc63e26..50fc7d3 100644 --- a/crypt/openpgp/service.go +++ b/crypt/openpgp/service.go @@ -149,7 +149,9 @@ func (s *Service) DecryptPGP(privateKey, message, passphrase string, opts ...any return "", coreerr.E("openpgp.DecryptPGP", "failed to decrypt private key", err) } for _, subkey := range entity.Subkeys { - _ = subkey.PrivateKey.Decrypt([]byte(passphrase)) + if err := subkey.PrivateKey.Decrypt([]byte(passphrase)); err != nil { + return "", coreerr.E("openpgp.DecryptPGP", "failed to decrypt subkey", err) + } } } diff --git a/crypt/pgp/pgp.go b/crypt/pgp/pgp.go index 56bfef8..a0ce9d6 100644 --- a/crypt/pgp/pgp.go +++ b/crypt/pgp/pgp.go @@ -34,7 +34,9 @@ func CreateKeyPair(name, email, password string) (*KeyPair, error) { // Sign all the identities for _, id := range entity.Identities { - _ = id.SelfSignature.SignUserId(id.UserId.Id, entity.PrimaryKey, entity.PrivateKey, nil) + if err := id.SelfSignature.SignUserId(id.UserId.Id, entity.PrimaryKey, entity.PrivateKey, nil); err != nil { + return nil, coreerr.E(op, "failed to sign identity", err) + } } // Encrypt private key with password if provided @@ -166,7 +168,9 @@ func Decrypt(data []byte, privateKeyArmor, password string) ([]byte, error) { } for _, subkey := range entity.Subkeys { if subkey.PrivateKey != nil && subkey.PrivateKey.Encrypted { - _ = subkey.PrivateKey.Decrypt([]byte(password)) + if err := subkey.PrivateKey.Decrypt([]byte(password)); err != nil { + return nil, coreerr.E(op, "failed to decrypt subkey", err) + } } } } diff --git a/crypt/rsa/rsa_test.go b/crypt/rsa/rsa_test.go index 7211995..58ca877 100644 --- a/crypt/rsa/rsa_test.go +++ b/crypt/rsa/rsa_test.go @@ -6,9 +6,10 @@ import ( "crypto/rand" "crypto/x509" "encoding/pem" - "errors" "testing" + coreerr "dappco.re/go/core/log" + "github.com/stretchr/testify/assert" ) @@ -16,7 +17,7 @@ import ( type mockReader struct{} func (r *mockReader) Read(p []byte) (n int, err error) { - return 0, errors.New("read error") + return 0, coreerr.E("rsa.mockReader.Read", "read error", nil) } func TestRSA_Good(t *testing.T) { diff --git a/trust/approval.go b/trust/approval.go index fbf6bbd..627ca0b 100644 --- a/trust/approval.go +++ b/trust/approval.go @@ -151,8 +151,8 @@ func (q *ApprovalQueue) Get(id string) *ApprovalRequest { return nil } // Return a copy to prevent mutation. - copy := *req - return © + snapshot := *req + return &snapshot } // Pending returns all requests with ApprovalPending status.