-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Staticcheck fixes / input sanitation #7
base: main
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you have some time, feel free to also add a github workflow that validates the code passes staticcheck.
@@ -57,7 +57,7 @@ func generateKey(org, country, province, locality, streetAddress, postalCode, cn | |||
return err | |||
} | |||
defer file.Close() | |||
_, err = file.Write(caPEM.Bytes()) | |||
file.Write(caPEM.Bytes()) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
tbh we should do something with the err
@@ -72,6 +72,6 @@ func generateKey(org, country, province, locality, streetAddress, postalCode, cn | |||
return err | |||
} | |||
defer keyF.Close() | |||
_, err = keyF.Write(caPrivKeyPEM.Bytes()) | |||
keyF.Write(caPrivKeyPEM.Bytes()) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here as well, even if just returning it
@@ -35,7 +35,7 @@ func (m *MatrixMessenger) SendMessage(title string, message Message, reportURL s | |||
if err != nil { | |||
return err | |||
} | |||
resp, err := http.Post( | |||
resp, _ := http.Post( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's not ignore errors, return them instead
err := mail.SendMail( | ||
a.config.Mail.User, a.config.Mail.Password, | ||
a.config.Mail.SMTPServer, a.config.Mail.SMTPPort, | ||
a.config.Mail.FromName, a.config.Mail.From, topic.Email, | ||
fmt.Sprintf("[%s]: report #%d updated", topic.Name.En, report.ID), | ||
"Hi, there is a new message regarding "+topic.Name.En+":\n\n"+c.PostForm("reply")+"\n\nYou can reply to it <a href=\""+a.config.URL+"/report?administratorToken="+report.AdministratorToken+"\">here</a>.") | ||
"Hi, there is a new message regarding "+topic.Name.En+":\n\n"+string(message.GetBody())+"\n\nYou can reply to it <a href=\""+a.config.URL+"/report?administratorToken="+report.AdministratorToken+"\">here</a>.") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agreed that this should be done, but it has some implications: Instead of sending the raw message, we now convert it to html and send that. Have you tested that this renders as expected?
This PR addresses unused err variables and adds sanitation to the user input in the reply route.