-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[bug] - Refactor newDiff constructor to avoid double initialization of contentWriter #2742
Conversation
mockWriter := newMockContentWriter() | ||
assert.NotNil(t, mockWriter, "Failed to create mockWriter") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is mockWriter
doing anything useful in this test? It seems to be just a test fixture.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🤦 Thank you for catching this. I updated the test to ensure mockContentWriter
implements contentWriter
as well as using it as part of the opts
for the second test case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm still not sure I understand how the test catches double initialization. It looks like counter is set to 1
in newMockContentWriter()
and never modified, so it'll always be 1
regardless of what newDiff
does.
This wasn't actually testing the fix, which is more difficult to orchestrate than is worth. See: #2742
This wasn't actually testing the fix, which is more difficult to orchestrate than is worth. See: #2742
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [trufflesecurity/trufflehog](https://togithub.com/trufflesecurity/trufflehog) | action | minor | `v3.74.0` -> `v3.75.0` | --- ### Release Notes <details> <summary>trufflesecurity/trufflehog (trufflesecurity/trufflehog)</summary> ### [`v3.75.0`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.75.0) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.74.0...v3.75.0) #### What's Changed - \[chore] - update buffer metrics by [@​ahrav](https://togithub.com/ahrav) in [trufflesecurity/trufflehog#2737 - fix(deps): update module github.com/aws/aws-sdk-go to v1.51.28 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2741 - chore(deps): update golangci/golangci-lint-action action to v5 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2744 - Scan commit metadata by [@​rgmz](https://togithub.com/rgmz) in [trufflesecurity/trufflehog#2713 - Fix SQL Server detector tests by [@​rosecodym](https://togithub.com/rosecodym) in [trufflesecurity/trufflehog#2716 - Revert "Scan commit metadata" by [@​rosecodym](https://togithub.com/rosecodym) in [trufflesecurity/trufflehog#2747 - \[bug] - Refactor newDiff constructor to avoid double initialization of contentWriter by [@​ahrav](https://togithub.com/ahrav) in [trufflesecurity/trufflehog#2742 - \[chore] - update buffered file writer metric by [@​ahrav](https://togithub.com/ahrav) in [trufflesecurity/trufflehog#2740 - \[refactor] - lazy buffer retrieval by [@​ahrav](https://togithub.com/ahrav) in [trufflesecurity/trufflehog#2745 - \[chore] Remove broken test by [@​mcastorina](https://togithub.com/mcastorina) in [trufflesecurity/trufflehog#2748 - \[bug] - fix buffer size metric by [@​ahrav](https://togithub.com/ahrav) in [trufflesecurity/trufflehog#2749 - \[bug] - Fix the metric for buffered file writer writes by [@​ahrav](https://togithub.com/ahrav) in [trufflesecurity/trufflehog#2750 - fix(deps): update module github.com/aws/aws-sdk-go to v1.51.29 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2751 - update integration logos by [@​dustin-decker](https://togithub.com/dustin-decker) in [trufflesecurity/trufflehog#2752 - fix(deps): update module github.com/aws/aws-sdk-go to v1.51.30 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2756 - \[chore] - add additional binary extension by [@​ahrav](https://togithub.com/ahrav) in [trufflesecurity/trufflehog#2760 - pkg: fix function names in comment by [@​mountcount](https://togithub.com/mountcount) in [trufflesecurity/trufflehog#2761 - \[chore] - ignore pbix and vsdx files by [@​ahrav](https://togithub.com/ahrav) in [trufflesecurity/trufflehog#2762 - fix(deps): update module github.com/aws/aws-sdk-go to v1.51.31 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2763 - Scan commit metadata by [@​rgmz](https://togithub.com/rgmz) in [trufflesecurity/trufflehog#2754 - \[bug] - Correctly set metrics for enumerated orgs by [@​ahrav](https://togithub.com/ahrav) in [trufflesecurity/trufflehog#2757 - \[chore ] -Update ignore extensions by [@​ahrav](https://togithub.com/ahrav) in [trufflesecurity/trufflehog#2764 - \[chore] Add some happy path logs to GitLab by [@​mcastorina](https://togithub.com/mcastorina) in [trufflesecurity/trufflehog#2765 - Fix Git source test by [@​rgmz](https://togithub.com/rgmz) in [trufflesecurity/trufflehog#2767 - \[feat] - buffered file reader by [@​ahrav](https://togithub.com/ahrav) in [trufflesecurity/trufflehog#2731 - \[feat] - Add ReadFrom method to BufferedFileWriter by [@​ahrav](https://togithub.com/ahrav) in [trufflesecurity/trufflehog#2759 - fix(deps): update module google.golang.org/protobuf to v1.34.0 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2766 - \[bug] - Improve BufferedFileReader Close Behavior by [@​ahrav](https://togithub.com/ahrav) in [trufflesecurity/trufflehog#2768 - fixes calendly api key regex by [@​ankushgoel27](https://togithub.com/ankushgoel27) in [trufflesecurity/trufflehog#2368 - Expose detector-specific false positive logic by [@​rosecodym](https://togithub.com/rosecodym) in [trufflesecurity/trufflehog#2743 - Detector-Fix: Reintroduce Cloudflareglobalapikey by [@​ankushgoel27](https://togithub.com/ankushgoel27) in [trufflesecurity/trufflehog#2101 - Detector-Competition-Fix - fixed the alchemy detector regex by [@​ankushgoel27](https://togithub.com/ankushgoel27) in [trufflesecurity/trufflehog#1821 - fix(deps): update module github.com/aws/aws-sdk-go to v1.51.32 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2769 - fix(deps): update module google.golang.org/api to v0.177.0 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2770 - \[chore] - update imports by [@​ahrav](https://togithub.com/ahrav) in [trufflesecurity/trufflehog#2772 - adds build version to finished scanning log by [@​zricethezav](https://togithub.com/zricethezav) in [trufflesecurity/trufflehog#2773 - Update rabbitmq.go regex detect amqps protocol by [@​NikhilPanwar](https://togithub.com/NikhilPanwar) in [trufflesecurity/trufflehog#2609 - fix for infinite recursion in Postman var sub by [@​zricethezav](https://togithub.com/zricethezav) in [trufflesecurity/trufflehog#2780 #### New Contributors - [@​mountcount](https://togithub.com/mountcount) made their first contribution in [trufflesecurity/trufflehog#2761 **Full Changelog**: trufflesecurity/trufflehog@v3.74.0...v3.75.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/matter-labs/vault-auth-tee). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMzEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjMzMS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
Description:
This PR addresses an issue in the
newDiff
constructor where thecontentWriter
could potentially be double initialized, leading to duplicate resource creation and potential resource leaks.Suggested improvement for bufferwriter package:
While investigating the issue with the newDiff constructor, it became apparent that the current design of the bufferwriter package could be improved to make it more ergonomic and less prone to misuse.
Instead of allocating resources (i.e., the underlying buffer) in the
New
constructor, we should consider modifying the implementation to allocate resources lazily, only when theWrite
method is called for the first time. This lazy allocation approach would prevent potential resource leaks and make it easier to use the package correctly.Checklist:
make test-community
)?make lint
this requires golangci-lint)?