core/go-p2p
8
0
Fork 0
Code Issues 4 Pull requests 1 Projects Releases Packages Wiki Activity Actions 2

fix(node): DX audit — document conventions, wrap raw errors
All checks were successful
Security Scan / security (pull_request) Successful in 8s
Details
Test / test (pull_request) Successful in 1m14s
Details

Browse source 
Add coreerr.E() and coreio.Local conventions to CLAUDE.md coding
standards. Wrap two raw os.OpenFile/io.Copy errors in extractTarball
with coreerr.E for consistent error context.

Coverage: logging 86%, node 86%, levin 87%, ueps 92%.
No fmt.Errorf or os.ReadFile/os.WriteFile in production code.

Co-Authored-By: Virgil <virgil@lethean.io>
This commit is contained in:
Snider 2026-03-17 08:39:36 +00:00
parent bc47006152
commit 3ea407c115
2 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
CLAUDE.md
View file

@ -80,6 +80,8 @@ type ProfileManager interface {
- Licence: EUPL-1.2 — new files need `// SPDX-License-Identifier: EUPL-1.2` - Licence: EUPL-1.2 — new files need `// SPDX-License-Identifier: EUPL-1.2`
- Security-first: do not weaken HMAC, challenge-response, Zip Slip defence, or rate limiting - Security-first: do not weaken HMAC, challenge-response, Zip Slip defence, or rate limiting
- Use `logging` package only — no `fmt.Println` or `log.Printf` in library code - Use `logging` package only — no `fmt.Println` or `log.Printf` in library code
- Error handling: use `coreerr.E()` from `go-log` — never `fmt.Errorf` or `errors.New` in library code
- File I/O: use `coreio.Local` from `go-io` — never `os.ReadFile`/`os.WriteFile` in library code (exception: `os.OpenFile` for streaming writes where `coreio` lacks support)
- Hot-path debug logging uses sampling pattern: `if counter.Add(1)%interval == 0` - Hot-path debug logging uses sampling pattern: `if counter.Add(1)%interval == 0`
### Transport test helper ### Transport test helper

4
node/bundle.go
View file

@ -311,7 +311,7 @@ func extractTarball(tarData []byte, destDir string) (string, error) {
f, err := os.OpenFile(fullPath, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, os.FileMode(hdr.Mode)) f, err := os.OpenFile(fullPath, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, os.FileMode(hdr.Mode))
if err != nil { if err != nil {
return "", err return "", coreerr.E("extractTarball", "failed to create file "+hdr.Name, err)
} }
// Limit file size to prevent decompression bombs (100MB max per file) // Limit file size to prevent decompression bombs (100MB max per file)
@ -320,7 +320,7 @@ func extractTarball(tarData []byte, destDir string) (string, error) {
written, err := io.Copy(f, limitedReader) written, err := io.Copy(f, limitedReader)
f.Close() f.Close()
if err != nil { if err != nil {
return "", err return "", coreerr.E("extractTarball", "failed to write file "+hdr.Name, err)
} }
if written > maxFileSize { if written > maxFileSize {
coreio.Local.Delete(fullPath) coreio.Local.Delete(fullPath)