diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index e02652f921..a587283c84 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -56,7 +56,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v3 + uses: github/codeql-action/init@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -67,7 +67,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v3 + uses: github/codeql-action/autobuild@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -81,4 +81,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v3 + uses: github/codeql-action/analyze@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v3 diff --git a/.github/workflows/deploy_node.yml b/.github/workflows/deploy_node.yml index df1bc51cd6..ecfa9c42bf 100644 --- a/.github/workflows/deploy_node.yml +++ b/.github/workflows/deploy_node.yml @@ -4,13 +4,20 @@ on: inputs: network: required: true - type: string + type: choice description: "Waves network name (mainnet, testnet, stagenet)" + options: + - mainnet + - testnet + - stagenet arch: required: true - type: string + type: choice description: "Machine architecture (amd64, arm64)" default: "amd64" + options: + - amd64 + - arm64 workflow_call: inputs: network: diff --git a/.github/workflows/deploy_nodes.yml b/.github/workflows/deploy_nodes.yml index 135923c66e..b9530102f7 100644 --- a/.github/workflows/deploy_nodes.yml +++ b/.github/workflows/deploy_nodes.yml @@ -7,9 +7,12 @@ on: inputs: arch: required: true - type: string + type: choice description: "Machine architecture (amd64, arm64)" default: "amd64" + options: + - amd64 + - arm64 jobs: deploy: @@ -19,7 +22,11 @@ jobs: network: [ stagenet, testnet, mainnet ] arch: [ "${{ inputs.arch }}" ] uses: "./.github/workflows/deploy_node.yml" - secrets: inherit + secrets: + SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} + DEPLOYMENT_SERVER: ${{ secrets.DEPLOYMENT_SERVER }} + DEPLOYMENT_PORT: ${{ secrets.DEPLOYMENT_PORT }} + DEPLOYMENT_USER: ${{ secrets.DEPLOYMENT_USER }} with: network: ${{ matrix.network }} arch: ${{ matrix.arch }} diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 8a81a8eaf6..b82b2668c5 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -73,7 +73,9 @@ jobs: cache: true - name: Set up GolangCI-Lint - run: curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh| sh -s -- -b $HOME/bin latest + uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v8 + with: + version: latest - name: Get dependencies run: go mod vendor diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index dde7868aa7..4235aaf4f9 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -32,7 +32,7 @@ jobs: with: persist-credentials: false - name: Run gosec security scanner - uses: securego/gosec@223e19b8856e00f02cc67804499a83f77e208f3c # v2.25.0 + uses: securego/gosec@4a3bd8af174872c778439083ded7adbf3747e770 # v2.26.1 with: # with '-no-fail' we let the report trigger content trigger a failure using the GitHub Security features. args: "-no-fail -fmt sarif -out gosec.sarif ./..." @@ -50,7 +50,7 @@ jobs: jq empty gosec_fixed.sarif mv gosec_fixed.sarif gosec.sarif - name: Upload SARIF file for GitHub Advanced Security Dashboard - uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v3 + uses: github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v3 with: sarif_file: gosec.sarif @@ -88,7 +88,7 @@ jobs: fi EOF - name: Upload SARIF file for GitHub Advanced Security Dashboard - uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v3 + uses: github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v3 with: sarif_file: semgrep.sarif diff --git a/.golangci-strict.yml b/.golangci-strict.yml index 519c16c97d..d1e5c63af4 100644 --- a/.golangci-strict.yml +++ b/.golangci-strict.yml @@ -25,7 +25,7 @@ linters: - gocyclo - godot - gomoddirectives - - gomodguard + - gomodguard_v2 - goprintffuncname - gosec - govet @@ -106,21 +106,20 @@ linters: paramsOnly: false underef: skipRecvDeref: false - gomodguard: + gomodguard_v2: blocked: - modules: - - github.com/golang/protobuf: - recommendations: - - google.golang.org/protobuf - reason: see https://developers.google.com/protocol-buffers/docs/reference/go/faq#modules - - github.com/satori/go.uuid: - recommendations: - - github.com/google/uuid - reason: satori's package is not maintained - - github.com/gofrs/uuid: - recommendations: - - github.com/google/uuid - reason: gofrs' package is not go module + - module: github.com/golang/protobuf + recommendations: + - google.golang.org/protobuf + reason: see https://developers.google.com/protocol-buffers/docs/reference/go/faq#modules + - module: github.com/satori/go.uuid + recommendations: + - github.com/google/uuid + reason: satori's package is not maintained + - module: github.com/gofrs/uuid + recommendations: + - github.com/google/uuid + reason: gofrs' package is not go module govet: disable: - fieldalignment diff --git a/.golangci.yml b/.golangci.yml index 2625330528..fedd070a15 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -29,21 +29,20 @@ linters: - ^golang.org/x/tools/go/analysis.Analyzer$ - ^google.golang.org/protobuf/.+Options$ - ^gopkg.in/yaml.v3.Node$ - gomodguard: + gomodguard_v2: blocked: - modules: - - github.com/golang/protobuf: - recommendations: - - google.golang.org/protobuf - reason: see https://developers.google.com/protocol-buffers/docs/reference/go/faq#modules - - github.com/satori/go.uuid: - recommendations: - - github.com/google/uuid - reason: satori's package is not maintained - - github.com/gofrs/uuid: - recommendations: - - github.com/google/uuid - reason: gofrs' package is not go module + - module: github.com/golang/protobuf + recommendations: + - google.golang.org/protobuf + reason: see https://developers.google.com/protocol-buffers/docs/reference/go/faq#modules + - module: github.com/satori/go.uuid + recommendations: + - github.com/google/uuid + reason: satori's package is not maintained + - module: github.com/gofrs/uuid + recommendations: + - github.com/google/uuid + reason: gofrs' package is not go module govet: disable: - fieldalignment diff --git a/cmd/chaincmp/chaincmp.go b/cmd/chaincmp/chaincmp.go index 5c74f54fa6..c834237b26 100644 --- a/cmd/chaincmp/chaincmp.go +++ b/cmd/chaincmp/chaincmp.go @@ -11,6 +11,7 @@ import ( "os/signal" "slices" "strings" + "syscall" "time" flag "github.com/spf13/pflag" @@ -109,7 +110,7 @@ func run() error { urls := append([]string{node}, other...) slog.Debug("Requesting height from nodes", "count", len(urls)) - ctx, done := signal.NotifyContext(context.Background(), os.Interrupt) + ctx, done := signal.NotifyContext(context.Background(), os.Interrupt, syscall.SIGTERM) defer done() clients := make([]*client.Client, len(urls)) @@ -224,6 +225,9 @@ func findLastCommonHeight(ctx context.Context, clients []*client.Client, start, return 0, fmt.Errorf("failed to get blocks signatures at height %d: %w", middle, err) } if c >= 2 { + if middle == 0 { + return 0, errors.New("no common height found") + } stop = middle - 1 r = stop } else { diff --git a/cmd/node/node.go b/cmd/node/node.go index 9228d817c5..0ef2c964af 100644 --- a/cmd/node/node.go +++ b/cmd/node/node.go @@ -545,6 +545,7 @@ func blockchainSettings(nc *config) (_ *settings.BlockchainSettings, retErr erro return nil, errors.Wrap(err, "failed to open configuration file") } defer func() { + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if clErr := f.Close(); clErr != nil { retErr = stderrs.Join(retErr, errors.Wrap(clErr, "failed to close configuration file")) } diff --git a/cmd/statehash/statehash.go b/cmd/statehash/statehash.go index d78d33366c..b43113700f 100644 --- a/cmd/statehash/statehash.go +++ b/cmd/statehash/statehash.go @@ -28,7 +28,8 @@ const ( ) var ( - version = "v0.0.0" + version = "v0.0.0" + errEarlyExit = errors.New("early exit") ) func main() { @@ -38,36 +39,38 @@ func main() { } } -func run() error { - var ( - node string - statePath string - blockchainType string - height uint64 - extendedAPI bool - compare bool - search bool - showHelp bool - showVersion bool - onlyLegacy bool - disableBloomFilter bool - compressionAlgo keyvalue.CompressionAlgo - ) +type runConfig struct { + node string + statePath string + blockchainType string + height uint64 + extendedAPI bool + compare bool + search bool + onlyLegacy bool + disableBloom bool + compressionAlgo keyvalue.CompressionAlgo +} - slog.SetDefault(slog.New(logging.NewHandler(logging.LoggerPrettyNoColor, slog.LevelInfo))) +// parseFlags parses command-line flags and returns the configuration. +// It returns nil config if the program should exit early (help/version). +func parseFlags() (*runConfig, error) { + var cfg runConfig + var showHelp, showVersion bool - flag.StringVar(&node, "node", "", "Path to node's state folder") - flag.StringVar(&statePath, "state-path", "", "Path to node's state folder") - flag.StringVar(&blockchainType, "blockchain-type", "mainnet", "Blockchain type mainnet/testnet/stagenet, default value is mainnet") - flag.Uint64Var(&height, "at-height", 0, "Height to get state hash at, defaults to the top most value") - flag.BoolVar(&extendedAPI, "extended-api", false, "Open state with extended API") - flag.BoolVar(&compare, "compare", false, "Compare the state hash with the node's state hash at the same height") - flag.BoolVar(&search, "search", false, "Search for the topmost equal state hashes") + flag.StringVar(&cfg.node, "node", "", "Path to node's state folder") + flag.StringVar(&cfg.statePath, "state-path", "", "Path to node's state folder") + flag.StringVar(&cfg.blockchainType, "blockchain-type", "mainnet", + "Blockchain type mainnet/testnet/stagenet, default value is mainnet") + flag.Uint64Var(&cfg.height, "at-height", 0, "Height to get state hash at, defaults to the top most value") + flag.BoolVar(&cfg.extendedAPI, "extended-api", false, "Open state with extended API") + flag.BoolVar(&cfg.compare, "compare", false, "Compare the state hash with the node's state hash at the same height") + flag.BoolVar(&cfg.search, "search", false, "Search for the topmost equal state hashes") flag.BoolVar(&showHelp, "help", false, "Show usage information and exit") flag.BoolVar(&showVersion, "version", false, "Print version information and quit") - flag.BoolVar(&onlyLegacy, "legacy", false, "Compare only legacy state hashes") - flag.BoolVar(&disableBloomFilter, "disable-bloom", false, "Disable bloom filter") - flag.TextVar(&compressionAlgo, "db-compression-algo", keyvalue.CompressionDefault, + flag.BoolVar(&cfg.onlyLegacy, "legacy", false, "Compare only legacy state hashes") + flag.BoolVar(&cfg.disableBloom, "disable-bloom", false, "Disable bloom filter") + flag.TextVar(&cfg.compressionAlgo, "db-compression-algo", keyvalue.CompressionDefault, fmt.Sprintf("Set the compression algorithm for the state database. Supported: %v", keyvalue.CompressionAlgoStrings(), ), @@ -76,17 +79,23 @@ func run() error { if showHelp { showUsage() - return nil + return nil, errEarlyExit } if showVersion { fmt.Printf("Waves RIDE Appraiser %s\n", version) - return nil + return nil, errEarlyExit } - - if search { - compare = true + if cfg.search { + cfg.compare = true } + if cfg.statePath == "" || len(strings.Fields(cfg.statePath)) > 1 { + slog.Error("Invalid path to state", "path", cfg.statePath) + return nil, errors.New("invalid state path") + } + return &cfg, nil +} +func setupFDLimits() { maxFDs, err := fdlimit.MaxFDs() if err != nil { slog.Error("Initialization failed", logging.Error(err)) @@ -97,58 +106,76 @@ func run() error { slog.Error("Initialization failed", logging.Error(err)) os.Exit(1) } +} - if statePath == "" || len(strings.Fields(statePath)) > 1 { - slog.Error("Invalid path to state", "path", statePath) - return errors.New("invalid state path") - } - - ss, err := settings.BlockchainSettingsByTypeName(blockchainType) +func openState(ctx context.Context, cfg *runConfig) (state.State, error) { + ss, err := settings.BlockchainSettingsByTypeName(cfg.blockchainType) if err != nil { slog.Error("Failed to load blockchain settings", logging.Error(err)) - return err + return nil, err } params := state.DefaultStateParams() params.VerificationGoroutinesNum = 2 * runtime.NumCPU() params.DbParams.WriteBuffer = 16 * MB - params.DbParams.DisableBloomFilter = disableBloomFilter - params.StoreExtendedApiData = extendedAPI + params.DbParams.DisableBloomFilter = cfg.disableBloom + params.StoreExtendedApiData = cfg.extendedAPI params.BuildStateHashes = true params.ProvideExtendedApi = false - params.DbParams.CompressionAlgo = compressionAlgo + params.DbParams.CompressionAlgo = cfg.compressionAlgo + + st, err := state.NewState(ctx, cfg.statePath, false, params, ss, false, nil) + if err != nil { + slog.Error("Failed to open state", slog.String("path", cfg.statePath), logging.Error(err)) + return nil, err + } + return st, nil +} + +func run() (err error) { + slog.SetDefault(slog.New(logging.NewHandler(logging.LoggerPrettyNoColor, slog.LevelInfo))) + + cfg, err := parseFlags() + if err != nil { + if errors.Is(err, errEarlyExit) { + return nil + } + return err + } + + setupFDLimits() ctx, done := signal.NotifyContext(context.Background(), os.Interrupt) defer done() - st, err := state.NewState(ctx, statePath, false, params, ss, false, nil) + st, err := openState(ctx, cfg) if err != nil { - slog.Error("Failed to open state", slog.String("path", statePath), logging.Error(err)) return err } - defer func(st state.StateModifier) { + defer func(st state.State) { if clErr := st.Close(); clErr != nil { slog.Error("Failed to close state", logging.Error(clErr)) + err = errors.Join(err, clErr) } }(st) - c, err := createClient(node) + c, err := createClient(cfg.node) if err != nil { return err } - if compare { - if cmpErr := compareAtHeight(ctx, st, c, 1, onlyLegacy); cmpErr != nil { + if cfg.compare { + if cmpErr := compareAtHeight(ctx, st, c, 1, cfg.onlyLegacy); cmpErr != nil { return cmpErr } } + height := cfg.height if height == 0 { // determine the topmost height - h, err := st.Height() + height, err = st.Height() if err != nil { slog.Error("Failed to get current blockchain height", logging.Error(err)) return err } - height = h } lsh, err := getLocalStateHash(st, height) if err != nil { @@ -156,23 +183,33 @@ func run() error { return err } slog.Info("State hash at height", "height", height, "stateHash", stateHashToString(lsh)) - if compare { - ok, rsh, cmpErr := compareWithRemote(ctx, lsh, c, height, onlyLegacy) - if cmpErr != nil { - slog.Error("Failed to compare", logging.Error(cmpErr)) - return cmpErr - } - if !ok { - slog.Warn("[NOT OK] State hashes are different") - slog.Info("Remote state hash", "height", height, "stateHash", stateHashToString(rsh)) - if search { - if sErr := searchLastEqualStateLash(ctx, c, st, height, onlyLegacy); sErr != nil { - return sErr - } - } - return nil - } + if cfg.compare { + return compareAndSearch(ctx, lsh, c, st, height, cfg) + } + return nil +} + +func compareAndSearch( + ctx context.Context, + lsh *proto.StateHashDebug, + c *client.Client, + st state.State, + height uint64, + cfg *runConfig, +) error { + ok, rsh, cmpErr := compareWithRemote(ctx, lsh, c, height, cfg.onlyLegacy) + if cmpErr != nil { + slog.Error("Failed to compare", logging.Error(cmpErr)) + return cmpErr + } + if ok { slog.Info("[OK] State hash is equal to remote state hash at the same height") + return nil + } + slog.Warn("[NOT OK] State hashes are different") + slog.Info("Remote state hash", "height", height, "stateHash", stateHashToString(rsh)) + if cfg.search { + return searchLastEqualStateLash(ctx, c, st, height, cfg.onlyLegacy) } return nil } diff --git a/cmd/wmd/internal/data/symbols.go b/cmd/wmd/internal/data/symbols.go index f50c6fa1d5..6ed73bdbbd 100644 --- a/cmd/wmd/internal/data/symbols.go +++ b/cmd/wmd/internal/data/symbols.go @@ -117,7 +117,7 @@ func (s *Symbols) ParseTicker(ticker string) (crypto.Digest, error) { defer s.mu.RUnlock() id, ok := s.tickers[ticker] if !ok { - return crypto.Digest{}, fmt.Errorf("unknown ticker or invalid asset ID '%s': %w", ticker, err) + return crypto.Digest{}, fmt.Errorf("unknown ticker or invalid asset ID '%s'", ticker) } return id, nil } diff --git a/go.mod b/go.mod index 84ead6a3d4..96754d25af 100644 --- a/go.mod +++ b/go.mod @@ -16,7 +16,7 @@ require ( github.com/dpotapov/slogpfx v0.0.0-20230917063348-41a73c95c536 github.com/elliotchance/orderedmap/v2 v2.7.0 github.com/ericlagergren/decimal v0.0.0-20210307182354-5f8425a47c58 - github.com/fxamacker/cbor/v2 v2.9.1 + github.com/fxamacker/cbor/v2 v2.9.2 github.com/go-chi/chi/v5 v5.2.5 github.com/go-test/deep v1.1.1 github.com/howeyc/gopass v0.0.0-20210920133722-c8aef6fb66ef @@ -24,11 +24,11 @@ require ( github.com/jinzhu/copier v0.4.0 github.com/lanrat/extsort v1.4.2 github.com/lmittmann/tint v1.1.3 - github.com/mattn/go-isatty v0.0.21 - github.com/minio/minlz v1.1.0 + github.com/mattn/go-isatty v0.0.22 + github.com/minio/minlz v1.1.1 github.com/mr-tron/base58 v1.3.0 - github.com/nats-io/nats-server/v2 v2.12.7 - github.com/nats-io/nats.go v1.51.0 + github.com/nats-io/nats-server/v2 v2.14.0 + github.com/nats-io/nats.go v1.52.0 github.com/neilotoole/slogt v1.1.0 github.com/ory/dockertest/v3 v3.12.0 github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5 @@ -49,11 +49,11 @@ require ( github.com/xenolf/lego v2.7.2+incompatible go.uber.org/atomic v1.11.0 go.uber.org/goleak v1.3.0 - golang.org/x/crypto v0.50.0 + golang.org/x/crypto v0.51.0 golang.org/x/exp v0.0.0-20251023183803-a4bb9ffd2546 golang.org/x/sync v0.20.0 - golang.org/x/sys v0.43.0 - google.golang.org/grpc v1.80.0 + golang.org/x/sys v0.44.0 + google.golang.org/grpc v1.81.0 google.golang.org/protobuf v1.36.11 ) @@ -62,7 +62,7 @@ require ( github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c // indirect github.com/Microsoft/go-winio v0.6.2 // indirect github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 // indirect - github.com/antithesishq/antithesis-sdk-go v0.6.0-default-no-op // indirect + github.com/antithesishq/antithesis-sdk-go v0.7.0-default-no-op // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/bits-and-blooms/bitset v1.24.0 // indirect github.com/blang/semver/v4 v4.0.0 // indirect @@ -91,7 +91,7 @@ require ( github.com/ingonyama-zk/icicle-gnark/v3 v3.2.2 // indirect github.com/klauspost/compress v1.18.5 // indirect github.com/mattn/go-colorable v0.1.14 // indirect - github.com/minio/highwayhash v1.0.4-0.20251030100505-070ab1a87a76 // indirect + github.com/minio/highwayhash v1.0.4 // indirect github.com/moby/docker-image-spec v1.3.1 // indirect github.com/moby/moby/api v1.53.0 // indirect github.com/moby/moby/client v0.2.2 // indirect @@ -122,15 +122,15 @@ require ( github.com/xeipuuv/gojsonschema v1.2.0 // indirect go.opentelemetry.io/auto/sdk v1.2.1 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 // indirect - go.opentelemetry.io/otel v1.39.0 // indirect - go.opentelemetry.io/otel/metric v1.39.0 // indirect - go.opentelemetry.io/otel/trace v1.39.0 // indirect + go.opentelemetry.io/otel v1.43.0 // indirect + go.opentelemetry.io/otel/metric v1.43.0 // indirect + go.opentelemetry.io/otel/trace v1.43.0 // indirect go.yaml.in/yaml/v2 v2.4.2 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect - golang.org/x/net v0.52.0 // indirect - golang.org/x/term v0.42.0 // indirect - golang.org/x/text v0.36.0 // indirect + golang.org/x/net v0.53.0 // indirect + golang.org/x/term v0.43.0 // indirect + golang.org/x/text v0.37.0 // indirect golang.org/x/time v0.15.0 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20260120221211-b8f7ae30c516 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20260226221140-a57be14db171 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 19677b9e11..89651c5ed6 100644 --- a/go.sum +++ b/go.sum @@ -12,8 +12,8 @@ github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuy github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/antithesishq/antithesis-sdk-go v0.6.0-default-no-op h1:kpBdlEPbRvff0mDD1gk7o9BhI16b9p5yYAXRlidpqJE= -github.com/antithesishq/antithesis-sdk-go v0.6.0-default-no-op/go.mod h1:IUpT2DPAKh6i/YhSbt6Gl3v2yvUZjmKncl7U91fup7E= +github.com/antithesishq/antithesis-sdk-go v0.7.0-default-no-op h1:Z/MZK75wC/NSrkgqeNIa7jexam9uWzhLmFTSCPI/kn0= +github.com/antithesishq/antithesis-sdk-go v0.7.0-default-no-op/go.mod h1:FQyySiasQQM8735Ddel3MRojmy4dA1IqCeyJ5jmPMbI= github.com/apmckinlay/gsuneido v0.0.0-20190404155041-0b6cd442a18f/go.mod h1:JU2DOj5Fc6rol0yaT79Csr47QR0vONGwJtBNGRD7jmc= github.com/beevik/ntp v1.5.0 h1:y+uj/JjNwlY2JahivxYvtmv4ehfi3h74fAuABB9ZSM4= github.com/beevik/ntp v1.5.0/go.mod h1:mJEhBrwT76w9D+IfOEGvuzyuudiW9E52U2BaTrMOYow= @@ -79,8 +79,8 @@ github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2 github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k= github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= -github.com/fxamacker/cbor/v2 v2.9.1 h1:2rWm8B193Ll4VdjsJY28jxs70IdDsHRWgQYAI80+rMQ= -github.com/fxamacker/cbor/v2 v2.9.1/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= +github.com/fxamacker/cbor/v2 v2.9.2 h1:X4Ksno9+x3cz0TZv69ec1hxP/+tymuR8PXQJyDwfh78= +github.com/fxamacker/cbor/v2 v2.9.2/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= github.com/go-chi/chi/v5 v5.2.5 h1:Eg4myHZBjyvJmAFjFvWgrqDTXFyOzjj7YIm3L3mu6Ug= github.com/go-chi/chi/v5 v5.2.5/go.mod h1:X7Gx4mteadT3eDOMTsXzmI4/rwUpOwBHLpAfupzFJP0= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= @@ -177,13 +177,13 @@ github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHP github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= -github.com/mattn/go-isatty v0.0.21 h1:xYae+lCNBP7QuW4PUnNG61ffM4hVIfm+zUzDuSzYLGs= -github.com/mattn/go-isatty v0.0.21/go.mod h1:ZXfXG4SQHsB/w3ZeOYbR0PrPwLy+n6xiMrJlRFqopa4= +github.com/mattn/go-isatty v0.0.22 h1:j8l17JJ9i6VGPUFUYoTUKPSgKe/83EYU2zBC7YNKMw4= +github.com/mattn/go-isatty v0.0.22/go.mod h1:ZXfXG4SQHsB/w3ZeOYbR0PrPwLy+n6xiMrJlRFqopa4= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/minio/highwayhash v1.0.4-0.20251030100505-070ab1a87a76 h1:KGuD/pM2JpL9FAYvBrnBBeENKZNh6eNtjqytV6TYjnk= -github.com/minio/highwayhash v1.0.4-0.20251030100505-070ab1a87a76/go.mod h1:GGYsuwP/fPD6Y9hMiXuapVvlIUEhFhMTh0rxU3ik1LQ= -github.com/minio/minlz v1.1.0 h1:rUOGu3EP4EqJC5k3qCsIwEnZiJULKqtRyDdqbhlvMmQ= -github.com/minio/minlz v1.1.0/go.mod h1:qT0aEB35q79LLornSzeDH75LBf3aH1MV+jB5w9Wasec= +github.com/minio/highwayhash v1.0.4 h1:asJizugGgchQod2ja9NJlGOWq4s7KsAWr5XUc9Clgl4= +github.com/minio/highwayhash v1.0.4/go.mod h1:GGYsuwP/fPD6Y9hMiXuapVvlIUEhFhMTh0rxU3ik1LQ= +github.com/minio/minlz v1.1.1 h1:OGmft1V6AnI/Wme332U6bhG54nxEan+VFgkD7lat4KM= +github.com/minio/minlz v1.1.1/go.mod h1:qT0aEB35q79LLornSzeDH75LBf3aH1MV+jB5w9Wasec= github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo= github.com/moby/moby/api v1.53.0 h1:PihqG1ncw4W+8mZs69jlwGXdaYBeb5brF6BL7mPIS/w= @@ -205,10 +205,10 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8m github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/nats-io/jwt/v2 v2.8.1 h1:V0xpGuD/N8Mi+fQNDynXohVvp7ZztevW5io8CUWlPmU= github.com/nats-io/jwt/v2 v2.8.1/go.mod h1:nWnOEEiVMiKHQpnAy4eXlizVEtSfzacZ1Q43LIRavZg= -github.com/nats-io/nats-server/v2 v2.12.7 h1:prQ9cPiWHcnwfT81Wi5lU9LL8TLY+7pxDru6fQYLCQQ= -github.com/nats-io/nats-server/v2 v2.12.7/go.mod h1:dOnmkprKMluTmTF7/QHZioxlau3sKHUM/LBPy9AiBPw= -github.com/nats-io/nats.go v1.51.0 h1:ByW84XTz6W03GSSsygsZcA+xgKK8vPGaa/FCAAEHnAI= -github.com/nats-io/nats.go v1.51.0/go.mod h1:26HypzazeOkyO3/mqd1zZd53STJN0EjCYF9Uy2ZOBno= +github.com/nats-io/nats-server/v2 v2.14.0 h1:+8q0HrDFotwLLcGH/legOEOnowunhK+aZ4GYBIWpQlM= +github.com/nats-io/nats-server/v2 v2.14.0/go.mod h1:ImVUUDvfClJbb6cuJQRc1VmgDCXKM5ds0OoiG9MVOKo= +github.com/nats-io/nats.go v1.52.0 h1:n3avV4VBsCgsdwh71TppsTwtv+QdPs7ntSKM8qJLGsc= +github.com/nats-io/nats.go v1.52.0/go.mod h1:26HypzazeOkyO3/mqd1zZd53STJN0EjCYF9Uy2ZOBno= github.com/nats-io/nkeys v0.4.15 h1:JACV5jRVO9V856KOapQ7x+EY8Jo3qw1vJt/9Jpwzkk4= github.com/nats-io/nkeys v0.4.15/go.mod h1:CpMchTXC9fxA5zrMo4KpySxNjiDVvr8ANOSZdiNfUrs= github.com/nats-io/nuid v1.0.1 h1:5iA8DT8V7q8WK2EScv2padNa/rTESc1KdnPw4TC2paw= @@ -333,16 +333,16 @@ go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 h1:sbiXRNDSWJOTobXh5HyQKjq6wUC5tNybqjIqDpAY4CU= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0/go.mod h1:69uWxva0WgAA/4bu2Yy70SLDBwZXuQ6PbBpbsa5iZrQ= -go.opentelemetry.io/otel v1.39.0 h1:8yPrr/S0ND9QEfTfdP9V+SiwT4E0G7Y5MO7p85nis48= -go.opentelemetry.io/otel v1.39.0/go.mod h1:kLlFTywNWrFyEdH0oj2xK0bFYZtHRYUdv1NklR/tgc8= -go.opentelemetry.io/otel/metric v1.39.0 h1:d1UzonvEZriVfpNKEVmHXbdf909uGTOQjA0HF0Ls5Q0= -go.opentelemetry.io/otel/metric v1.39.0/go.mod h1:jrZSWL33sD7bBxg1xjrqyDjnuzTUB0x1nBERXd7Ftcs= -go.opentelemetry.io/otel/sdk v1.39.0 h1:nMLYcjVsvdui1B/4FRkwjzoRVsMK8uL/cj0OyhKzt18= -go.opentelemetry.io/otel/sdk v1.39.0/go.mod h1:vDojkC4/jsTJsE+kh+LXYQlbL8CgrEcwmt1ENZszdJE= -go.opentelemetry.io/otel/sdk/metric v1.39.0 h1:cXMVVFVgsIf2YL6QkRF4Urbr/aMInf+2WKg+sEJTtB8= -go.opentelemetry.io/otel/sdk/metric v1.39.0/go.mod h1:xq9HEVH7qeX69/JnwEfp6fVq5wosJsY1mt4lLfYdVew= -go.opentelemetry.io/otel/trace v1.39.0 h1:2d2vfpEDmCJ5zVYz7ijaJdOF59xLomrvj7bjt6/qCJI= -go.opentelemetry.io/otel/trace v1.39.0/go.mod h1:88w4/PnZSazkGzz/w84VHpQafiU4EtqqlVdxWy+rNOA= +go.opentelemetry.io/otel v1.43.0 h1:mYIM03dnh5zfN7HautFE4ieIig9amkNANT+xcVxAj9I= +go.opentelemetry.io/otel v1.43.0/go.mod h1:JuG+u74mvjvcm8vj8pI5XiHy1zDeoCS2LB1spIq7Ay0= +go.opentelemetry.io/otel/metric v1.43.0 h1:d7638QeInOnuwOONPp4JAOGfbCEpYb+K6DVWvdxGzgM= +go.opentelemetry.io/otel/metric v1.43.0/go.mod h1:RDnPtIxvqlgO8GRW18W6Z/4P462ldprJtfxHxyKd2PY= +go.opentelemetry.io/otel/sdk v1.43.0 h1:pi5mE86i5rTeLXqoF/hhiBtUNcrAGHLKQdhg4h4V9Dg= +go.opentelemetry.io/otel/sdk v1.43.0/go.mod h1:P+IkVU3iWukmiit/Yf9AWvpyRDlUeBaRg6Y+C58QHzg= +go.opentelemetry.io/otel/sdk/metric v1.43.0 h1:S88dyqXjJkuBNLeMcVPRFXpRw2fuwdvfCGLEo89fDkw= +go.opentelemetry.io/otel/sdk/metric v1.43.0/go.mod h1:C/RJtwSEJ5hzTiUz5pXF1kILHStzb9zFlIEe85bhj6A= +go.opentelemetry.io/otel/trace v1.43.0 h1:BkNrHpup+4k4w+ZZ86CZoHHEkohws8AY+WTX09nk+3A= +go.opentelemetry.io/otel/trace v1.43.0/go.mod h1:/QJhyVBUUswCphDVxq+8mld+AvhXZLhe+8WVFxiFff0= go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE= go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= @@ -356,8 +356,8 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.50.0 h1:zO47/JPrL6vsNkINmLoo/PH1gcxpls50DNogFvB5ZGI= -golang.org/x/crypto v0.50.0/go.mod h1:3muZ7vA7PBCE6xgPX7nkzzjiUq87kRItoJQM1Yo8S+Q= +golang.org/x/crypto v0.51.0 h1:IBPXwPfKxY7cWQZ38ZCIRPI50YLeevDLlLnyC5wRGTI= +golang.org/x/crypto v0.51.0/go.mod h1:8AdwkbraGNABw2kOX6YFPs3WM22XqI4EXEd8g+x7Oc8= golang.org/x/exp v0.0.0-20251023183803-a4bb9ffd2546 h1:mgKeJMpvi0yx/sU5GsxQ7p6s2wtOnGAHZWCHUM4KGzY= golang.org/x/exp v0.0.0-20251023183803-a4bb9ffd2546/go.mod h1:j/pmGrbnkbPtQfxEe5D0VQhZC6qKbfKifgD0oM7sR70= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= @@ -367,8 +367,8 @@ golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.52.0 h1:He/TN1l0e4mmR3QqHMT2Xab3Aj3L9qjbhRm78/6jrW0= -golang.org/x/net v0.52.0/go.mod h1:R1MAz7uMZxVMualyPXb+VaqGSa3LIaUqk0eEt3w36Sw= +golang.org/x/net v0.53.0 h1:d+qAbo5L0orcWAr0a9JweQpjXF19LMXJE8Ey7hwOdUA= +golang.org/x/net v0.53.0/go.mod h1:JvMuJH7rrdiCfbeHoo3fCQU24Lf5JJwT9W3sJFulfgs= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -390,13 +390,13 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.43.0 h1:Rlag2XtaFTxp19wS8MXlJwTvoh8ArU6ezoyFsMyCTNI= -golang.org/x/sys v0.43.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= -golang.org/x/term v0.42.0 h1:UiKe+zDFmJobeJ5ggPwOshJIVt6/Ft0rcfrXZDLWAWY= -golang.org/x/term v0.42.0/go.mod h1:Dq/D+snpsbazcBG5+F9Q1n2rXV8Ma+71xEjTRufARgY= +golang.org/x/sys v0.44.0 h1:ildZl3J4uzeKP07r2F++Op7E9B29JRUy+a27EibtBTQ= +golang.org/x/sys v0.44.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= +golang.org/x/term v0.43.0 h1:S4RLU2sB31O/NCl+zFN9Aru9A/Cq2aqKpTZJ6B+DwT4= +golang.org/x/term v0.43.0/go.mod h1:lrhlHNdQJHO+1qVYiHfFKVuVioJIheAc3fBSMFYEIsk= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.36.0 h1:JfKh3XmcRPqZPKevfXVpI1wXPTqbkE5f7JA92a55Yxg= -golang.org/x/text v0.36.0/go.mod h1:NIdBknypM8iqVmPiuco0Dh6P5Jcdk8lJL0CUebqK164= +golang.org/x/text v0.37.0 h1:Cqjiwd9eSg8e0QAkyCaQTNHFIIzWtidPahFWR83rTrc= +golang.org/x/text v0.37.0/go.mod h1:a5sjxXGs9hsn/AJVwuElvCAo9v8QYLzvavO5z2PiM38= golang.org/x/time v0.15.0 h1:bbrp8t3bGUeFOx08pvsMYRTCVSMk89u4tKbNOZbp88U= golang.org/x/time v0.15.0/go.mod h1:Y4YMaQmXwGQZoFaVFk4YpCt4FLQMYKZe9oeV/f4MSno= golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= @@ -407,10 +407,10 @@ golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gonum.org/v1/gonum v0.17.0 h1:VbpOemQlsSMrYmn7T2OUvQ4dqxQXU+ouZFQsZOx50z4= gonum.org/v1/gonum v0.17.0/go.mod h1:El3tOrEuMpv2UdMrbNlKEh9vd86bmQ6vqIcDwxEOc1E= -google.golang.org/genproto/googleapis/rpc v0.0.0-20260120221211-b8f7ae30c516 h1:sNrWoksmOyF5bvJUcnmbeAmQi8baNhqg5IWaI3llQqU= -google.golang.org/genproto/googleapis/rpc v0.0.0-20260120221211-b8f7ae30c516/go.mod h1:j9x/tPzZkyxcgEFkiKEEGxfvyumM01BEtsW8xzOahRQ= -google.golang.org/grpc v1.80.0 h1:Xr6m2WmWZLETvUNvIUmeD5OAagMw3FiKmMlTdViWsHM= -google.golang.org/grpc v1.80.0/go.mod h1:ho/dLnxwi3EDJA4Zghp7k2Ec1+c2jqup0bFkw07bwF4= +google.golang.org/genproto/googleapis/rpc v0.0.0-20260226221140-a57be14db171 h1:ggcbiqK8WWh6l1dnltU4BgWGIGo+EVYxCaAPih/zQXQ= +google.golang.org/genproto/googleapis/rpc v0.0.0-20260226221140-a57be14db171/go.mod h1:4Hqkh8ycfw05ld/3BWL7rJOSfebL2Q+DVDeRgYgxUU8= +google.golang.org/grpc v1.81.0 h1:W3G9N3KQf3BU+YuCtGKJk0CmxQNbAISICD/9AORxLIw= +google.golang.org/grpc v1.81.0/go.mod h1:xGH9GfzOyMTGIOXBJmXt+BX/V0kcdQbdcuwQ/zNw42I= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= diff --git a/itests/config/additional_settings.go b/itests/config/additional_settings.go index fcb837cc0c..5f3abf6dbf 100644 --- a/itests/config/additional_settings.go +++ b/itests/config/additional_settings.go @@ -45,6 +45,7 @@ type PaymentSettings struct { func NewPaymentSettingsFromFile(path ...string) (*PaymentSettings, error) { f, err := readSettingsFromFile(testdataFolder, filepath.Join(path...)) defer func() { + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if cErr := f.Close(); cErr != nil { err = stderrs.Join(err, errors.Wrapf(cErr, "could not close settings file %q", f.Name())) } @@ -69,6 +70,7 @@ type FeatureSettings struct { func NewFeatureSettingsFromFile(path ...string) (*FeatureSettings, error) { f, err := readSettingsFromFile(testdataFolder, filepath.Join(path...)) defer func() { + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if cErr := f.Close(); cErr != nil { err = stderrs.Join(err, errors.Wrapf(cErr, "could not close settings file %q", f.Name())) } @@ -101,6 +103,7 @@ type RewardSettings struct { func NewRewardSettingsFromFile(path ...string) (*RewardSettings, error) { f, err := readSettingsFromFile(testdataFolder, filepath.Join(path...)) defer func() { + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if cErr := f.Close(); cErr != nil { err = stderrs.Join(err, errors.Wrapf(cErr, "could not close settings file %q", f.Name())) } diff --git a/itests/config/config.go b/itests/config/config.go index 3111fba426..f3a7562bf3 100644 --- a/itests/config/config.go +++ b/itests/config/config.go @@ -189,6 +189,7 @@ func (c *ScalaConfigurator) createNodeConfig() (err error) { if synErr := f.Sync(); synErr != nil { err = stderrs.Join(err, errors.Wrapf(synErr, "failed to sync file %q to disk", f.Name())) } + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if clErr := f.Close(); clErr != nil { err = stderrs.Join(err, errors.Wrapf(clErr, "failed to close file %q", f.Name())) } @@ -299,6 +300,7 @@ func (c *GoConfigurator) createNodeConfig() (err error) { if synErr := f.Sync(); synErr != nil { err = stderrs.Join(err, errors.Wrapf(synErr, "failed to sync file %q to disk", f.Name())) } + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if clErr := f.Close(); clErr != nil { err = stderrs.Join(err, errors.Wrapf(clErr, "failed to close file %q", f.Name())) } diff --git a/itests/config/genesis_settings.go b/itests/config/genesis_settings.go index 839a5dc8d3..683f209c8a 100644 --- a/itests/config/genesis_settings.go +++ b/itests/config/genesis_settings.go @@ -81,6 +81,7 @@ func parseGenesisSettings() (*GenesisSettings, error) { return nil, errors.Wrap(err, "failed to open file") } defer func() { + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if closeErr := f.Close(); closeErr != nil { err = stderrs.Join(err, closeErr) } diff --git a/pkg/api/node_api.go b/pkg/api/node_api.go index 071ccb594e..d0a494354f 100644 --- a/pkg/api/node_api.go +++ b/pkg/api/node_api.go @@ -86,7 +86,7 @@ func (a *NodeApi) TransactionInfo(w http.ResponseWriter, r *http.Request) error s := chi.URLParam(r, "id") id, err := crypto.NewDigestFromBase58(s) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return if invalidRune, isInvalid := findFirstInvalidRuneInBase58String(s); isInvalid { return transactionIDAtInvalidCharErr(invalidRune, s) } @@ -299,7 +299,7 @@ func (a *NodeApi) BlockIDAt(w http.ResponseWriter, r *http.Request) error { height, err := a.state.BlockIDToHeight(id) if err != nil { - // TODO(nickeskov): should handle state.IsNotFound(...)? + // TODO(nickeskov): should handle state.IsNotFound(...)? // nosemgrep: dgryski.semgrep-go.errtodo.err-todo return errors.Wrapf(err, "BlockIDAt: failed to execute state.BlockIDToHeight for blockID=%s", s) } @@ -391,12 +391,12 @@ func (a *NodeApi) BlockScoreAt(w http.ResponseWriter, r *http.Request) error { s := chi.URLParam(r, "id") id, err := strconv.ParseUint(s, 10, 64) if err != nil { - // TODO(nickeskov): which error it should send? + // TODO(nickeskov): which error it should send? // nosemgrep: dgryski.semgrep-go.errtodo.err-todo return wrapToBadRequestError(err) } rs, err := a.app.BlocksScoreAt(id) if err != nil { - // TODO(nickeskov): which error it should send? + // TODO(nickeskov): which error it should send? // nosemgrep: dgryski.semgrep-go.errtodo.err-todo return errors.Wrapf(err, "failed get blocks score at for id %d", id) } if jsErr := trySendJSON(w, rs); jsErr != nil { @@ -518,7 +518,7 @@ func (a *NodeApi) AddrByAlias(w http.ResponseWriter, r *http.Request) error { aliasShort := chi.URLParam(r, "alias") alias := proto.NewAlias(a.app.scheme(), aliasShort) - if _, err := alias.Valid(a.app.scheme()); err != nil { + if _, err := alias.Valid(a.app.scheme()); err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return msg := err.Error() return apiErrs.NewCustomValidationError(msg) } @@ -543,7 +543,7 @@ func (a *NodeApi) AliasesByAddr(w http.ResponseWriter, r *http.Request) error { addrBase58 := chi.URLParam(r, "address") addr, err := proto.NewAddressFromString(addrBase58) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return &apiErrs.InvalidAddressError{} } @@ -827,7 +827,7 @@ func (a *NodeApi) stateHash(w http.ResponseWriter, r *http.Request) error { s := chi.URLParam(r, "height") height, err := strconv.ParseUint(s, 10, 64) if err != nil { - // TODO(nickeskov): which error it should send? + // TODO(nickeskov): which error it should send? // nosemgrep: dgryski.semgrep-go.errtodo.err-todo return wrapToBadRequestError(err) } if height < 1 { @@ -873,7 +873,7 @@ func (a *NodeApi) snapshotStateHash(w http.ResponseWriter, r *http.Request) erro s := chi.URLParam(r, "height") height, err := strconv.ParseUint(s, 10, 64) if err != nil { - // TODO(nickeskov): which error it should send? + // TODO(nickeskov): which error it should send? // nosemgrep: dgryski.semgrep-go.errtodo.err-todo return wrapToBadRequestError(err) } if height < 1 { @@ -908,7 +908,7 @@ func wavesAddressInvalidCharErr(invalidChar rune, id string) *apiErrs.CustomVali func (a *NodeApi) EthereumDAppABI(w http.ResponseWriter, r *http.Request) error { s := chi.URLParam(r, "address") addr, err := proto.NewAddressFromString(s) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return if invalidRune, isInvalid := findFirstInvalidRuneInBase58String(s); isInvalid { return wavesAddressInvalidCharErr(invalidRune, s) } @@ -930,13 +930,13 @@ func (a *NodeApi) EthereumDAppABI(w http.ResponseWriter, r *http.Request) error func (a *NodeApi) AssetsDetailsByID(w http.ResponseWriter, r *http.Request) error { s := chi.URLParam(r, "id") fullAssetID, err := crypto.NewDigestFromBase58(s) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return apiErrs.InvalidAssetId } var full bool if f := r.URL.Query().Get("full"); f != "" { - if full, err = strconv.ParseBool(f); err != nil { + if full, err = strconv.ParseBool(f); err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return apiErrs.InvalidAssetId } } @@ -975,7 +975,7 @@ func (a *NodeApi) assetsDetailsByIDs(w http.ResponseWriter, fullQueryParam strin var full bool if fullQueryParam != "" { full, err = strconv.ParseBool(fullQueryParam) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return apiErrs.InvalidAssetId } } diff --git a/pkg/api/routes.go b/pkg/api/routes.go index 218c7e2db1..dfef057110 100644 --- a/pkg/api/routes.go +++ b/pkg/api/routes.go @@ -62,7 +62,7 @@ func (a *NodeApi) routes(opts *RunOptions) (chi.Router, error) { if opts.EnableHeartbeatRoute { r.Get("/go/node/healthz", func(w http.ResponseWriter, r *http.Request) { - if _, err := w.Write([]byte("OK")); err != nil { + if _, err := w.Write([]byte("OK")); err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return slog.Error("Can't write 'OK' to ResponseWriter", logging.Error(err)) w.WriteHeader(http.StatusInternalServerError) } diff --git a/pkg/client/addresses.go b/pkg/client/addresses.go index e2600df663..b869f050ca 100644 --- a/pkg/client/addresses.go +++ b/pkg/client/addresses.go @@ -272,12 +272,7 @@ func (a *Addresses) AddressesData(ctx context.Context, address proto.WavesAddres for _, key := range params.keys { v.Add("key", key) } - rel, err := url.Parse(fmt.Sprintf("/addresses/data/%s", address.String())) - if err != nil { - return nil, nil, err - } - - u, err := joinUrl(a.options.BaseUrl, rel.String()) + u, err := joinUrl(a.options.BaseUrl, fmt.Sprintf("/addresses/data/%s", address.String())) if err != nil { return nil, nil, err } diff --git a/pkg/client/transactions_test.go b/pkg/client/transactions_test.go index 09c640938e..19f950fe69 100644 --- a/pkg/client/transactions_test.go +++ b/pkg/client/transactions_test.go @@ -98,6 +98,7 @@ func TestTransactions_Info(t *testing.T) { assert.Equal(t, "https://testnodes.wavesnodes.com/transactions/info/95DEg9uS9Ez2RoAQWsBgW8hDmHEJzWB1nMpPZdSp1JbB", resp.Request.URL.String()) } +// nosemgrep: generic.secrets.gitleaks.generic-api-key.generic-api-key var dataTransaction = ` { "type": 12, diff --git a/pkg/client/utils_test.go b/pkg/client/utils_test.go index a6346086fb..2e0f9126af 100644 --- a/pkg/client/utils_test.go +++ b/pkg/client/utils_test.go @@ -135,6 +135,7 @@ func TestUtils_ScriptCompile(t *testing.T) { assert.Equal(t, "https://testnode1.wavesnodes.com/utils/script/compileCode?compact=false", resp.Request.URL.String()) } +// nosemgrep: generic.secrets.security.detected-telegram-bot-api-key.detected-telegram-bot-api-key const utilsScriptCompileCodeJSON = `{ "script": "base64:AAIFAAAAAAAAACMIAhIAIgFpIgVhc3NldCIHYXNzZXRJZCICdHgiBnZlcmlmeQAAAAAAAAABAAAAAWEBAAAABGNhbGwAAAAABAAAAAFiCQAEQwAAAAcCAAAABUFzc2V0AgAAAAAAAAAAAAAAAAEAAAAAAAAAAAAGBQAAAAR1bml0AAAAAAAAAAAABAAAAAFjCQAEOAAAAAEFAAAAAWIJAARMAAAAAgkBAAAAC0JpbmFyeUVudHJ5AAAAAgIAAAADYmluAQAAAAAJAARMAAAAAgkBAAAADEJvb2xlYW5FbnRyeQAAAAICAAAABGJvb2wGCQAETAAAAAIJAQAAAAxJbnRlZ2VyRW50cnkAAAACAgAAAANpbnQAAAAAAAAAAAEJAARMAAAAAgkBAAAAC1N0cmluZ0VudHJ5AAAAAgIAAAADc3RyAgAAAAAJAARMAAAAAgkBAAAAC0RlbGV0ZUVudHJ5AAAAAQIAAAADc3RyCQAETAAAAAIFAAAAAWIJAARMAAAAAgkBAAAAB1JlaXNzdWUAAAADBQAAAAFjAAAAAAAAAAABBwkABEwAAAACCQEAAAAEQnVybgAAAAIFAAAAAWMAAAAAAAAAAAEJAARMAAAAAgkBAAAADlNjcmlwdFRyYW5zZmVyAAAAAwgFAAAAAWEAAAAGY2FsbGVyAAAAAAAAAAABBQAAAAFjBQAAAANuaWwAAAABAAAAAWQBAAAAAWUAAAAACQAB9AAAAAMIBQAAAAFkAAAACWJvZHlCeXRlcwkAAZEAAAACCAUAAAABZAAAAAZwcm9vZnMAAAAAAAAAAAAIBQAAAAFkAAAAD3NlbmRlclB1YmxpY0tleS+y6UM=", "complexity": 202, @@ -166,6 +167,7 @@ func TestUtils_ScriptCompileCode(t *testing.T) { assert.Equal(t, "https://testnode1.wavesnodes.com/utils/script/compileCode?compact=true", resp.Request.URL.String()) } +// nosemgrep: generic.secrets.security.detected-telegram-bot-api-key.detected-telegram-bot-api-key const utilsScriptEstimateJSON = `{ "script": "base64:AAIFAAAAAAAAAAQIAhIAAAAAAAAAAAEAAAABaQEAAAAEY2FsbAAAAAAEAAAABWFzc2V0CQAEQwAAAAcCAAAABUFzc2V0AgAAAAAAAAAAAAAAAAEAAAAAAAAAAAAGBQAAAAR1bml0AAAAAAAAAAAABAAAAAdhc3NldElkCQAEOAAAAAEFAAAABWFzc2V0CQAETAAAAAIJAQAAAAtCaW5hcnlFbnRyeQAAAAICAAAAA2JpbgEAAAAACQAETAAAAAIJAQAAAAxCb29sZWFuRW50cnkAAAACAgAAAARib29sBgkABEwAAAACCQEAAAAMSW50ZWdlckVudHJ5AAAAAgIAAAADaW50AAAAAAAAAAABCQAETAAAAAIJAQAAAAtTdHJpbmdFbnRyeQAAAAICAAAAA3N0cgIAAAAACQAETAAAAAIJAQAAAAtEZWxldGVFbnRyeQAAAAECAAAAA3N0cgkABEwAAAACBQAAAAVhc3NldAkABEwAAAACCQEAAAAHUmVpc3N1ZQAAAAMFAAAAB2Fzc2V0SWQAAAAAAAAAAAEHCQAETAAAAAIJAQAAAARCdXJuAAAAAgUAAAAHYXNzZXRJZAAAAAAAAAAAAQkABEwAAAACCQEAAAAOU2NyaXB0VHJhbnNmZXIAAAADCAUAAAABaQAAAAZjYWxsZXIAAAAAAAAAAAEFAAAAB2Fzc2V0SWQFAAAAA25pbAAAAAEAAAACdHgBAAAABnZlcmlmeQAAAAAJAAH0AAAAAwgFAAAAAnR4AAAACWJvZHlCeXRlcwkAAZEAAAACCAUAAAACdHgAAAAGcHJvb2ZzAAAAAAAAAAAACAUAAAACdHgAAAAPc2VuZGVyUHVibGljS2V5ZN0QxA==", "scriptText": "DApp(DAppMeta(2,Vector(CallableFuncSignature(,UnknownFieldSet(Map()))),Vector(),Vector(),UnknownFieldSet(Map())),List(),List(CallableFunction(CallableAnnotation(i),FUNC(call,List(),LET_BLOCK(LET(asset,FUNCTION_CALL(Native(1091),List(Asset, , 1, 0, true, REF(unit), 0))),LET_BLOCK(LET(assetId,FUNCTION_CALL(Native(1080),List(REF(asset)))),FUNCTION_CALL(Native(1100),List(FUNCTION_CALL(User(BinaryEntry),List(bin, )), FUNCTION_CALL(Native(1100),List(FUNCTION_CALL(User(BooleanEntry),List(bool, true)), FUNCTION_CALL(Native(1100),List(FUNCTION_CALL(User(IntegerEntry),List(int, 1)), FUNCTION_CALL(Native(1100),List(FUNCTION_CALL(User(StringEntry),List(str, )), FUNCTION_CALL(Native(1100),List(FUNCTION_CALL(User(DeleteEntry),List(str)), FUNCTION_CALL(Native(1100),List(REF(asset), FUNCTION_CALL(Native(1100),List(FUNCTION_CALL(User(Reissue),List(REF(assetId), 1, false)), FUNCTION_CALL(Native(1100),List(FUNCTION_CALL(User(Burn),List(REF(assetId), 1)), FUNCTION_CALL(Native(1100),List(FUNCTION_CALL(User(ScriptTransfer),List(GETTER(REF(i),caller), 1, REF(assetId))), REF(nil)))))))))))))))))))))))),Some(VerifierFunction(VerifierAnnotation(tx),FUNC(verify,List(),FUNCTION_CALL(Native(500),List(GETTER(REF(tx),bodyBytes), FUNCTION_CALL(Native(401),List(GETTER(REF(tx),proofs), 0)), GETTER(REF(tx),senderPublicKey)))))))", diff --git a/pkg/crypto/groth16.go b/pkg/crypto/groth16.go index 9dcb260980..59aedb742b 100644 --- a/pkg/crypto/groth16.go +++ b/pkg/crypto/groth16.go @@ -77,7 +77,7 @@ func Groth16Verify(vkBytes []byte, proofBytes []byte, inputsBytes []byte, curve return false, err } err = gnark.Verify(proof, vk, wit) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return false, nil } return true, nil diff --git a/pkg/crypto/vxeddsa_test.go b/pkg/crypto/vxeddsa_test.go index 7b4e3c6198..116cd45935 100644 --- a/pkg/crypto/vxeddsa_test.go +++ b/pkg/crypto/vxeddsa_test.go @@ -4,7 +4,7 @@ import ( "crypto/rand" "encoding/hex" "fmt" - mrand "math/rand" + mrand "math/rand" // nosemgrep: go.lang.security.audit.crypto.math_random.math-random-used "testing" "github.com/stretchr/testify/assert" diff --git a/pkg/execution/taskgroup_test.go b/pkg/execution/taskgroup_test.go index cd8cba4957..300e84f717 100644 --- a/pkg/execution/taskgroup_test.go +++ b/pkg/execution/taskgroup_test.go @@ -3,7 +3,7 @@ package execution_test import ( "context" "errors" - "math/rand/v2" + "math/rand/v2" // nosemgrep: go.lang.security.audit.crypto.math_random.math-random-used "sync" "sync/atomic" "testing" diff --git a/pkg/grpc/server/accounts_api.go b/pkg/grpc/server/accounts_api.go index c8093d5cb9..539571fbb2 100644 --- a/pkg/grpc/server/accounts_api.go +++ b/pkg/grpc/server/accounts_api.go @@ -18,30 +18,32 @@ import ( func (s *Server) GetBalances(req *g.BalancesRequest, srv g.AccountsApi_GetBalancesServer) error { c := proto.ProtobufConverter{FallbackChainID: s.scheme} addr, err := c.Address(s.scheme, req.Address) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.InvalidArgument, err.Error()) } rcp := proto.NewRecipientFromAddress(addr) if len(req.Assets) == 0 { // TODO(nickeskov): send waves balance AND all assets balances (portfolio) // by the given address according to the scala node implementation - if err := s.sendWavesBalance(rcp, srv); err != nil { - return status.Error(codes.Internal, err.Error()) + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return + if sErr := s.sendWavesBalance(rcp, srv); sErr != nil { + return status.Error(codes.Internal, sErr.Error()) } } for _, asset := range req.Assets { if len(asset) == 0 { - if err := s.sendWavesBalance(rcp, srv); err != nil { - return status.Error(codes.Internal, err.Error()) + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return + if sErr := s.sendWavesBalance(rcp, srv); sErr != nil { + return status.Error(codes.Internal, sErr.Error()) } } else { // Asset. fullAssetID, err := crypto.NewDigestFromBytes(asset) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.InvalidArgument, err.Error()) } balance, err := s.state.AssetBalance(rcp, proto.AssetIDFromDigest(fullAssetID)) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.NotFound, err.Error()) } var res g.BalanceResponse @@ -51,8 +53,9 @@ func (s *Server) GetBalances(req *g.BalancesRequest, srv g.AccountsApi_GetBalanc Amount: int64(balance), }, } - if err := srv.Send(&res); err != nil { - return status.Error(codes.Internal, err.Error()) + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return + if sErr := srv.Send(&res); sErr != nil { + return status.Error(codes.Internal, sErr.Error()) } } } @@ -62,7 +65,7 @@ func (s *Server) GetBalances(req *g.BalancesRequest, srv g.AccountsApi_GetBalanc func (s *Server) GetScript(_ context.Context, req *g.AccountRequest) (*g.ScriptResponse, error) { c := proto.ProtobufConverter{FallbackChainID: s.scheme} addr, err := c.Address(s.scheme, req.Address) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.InvalidArgument, err.Error()) } rcp := proto.NewRecipientFromAddress(addr) @@ -75,7 +78,7 @@ func (s *Server) GetScript(_ context.Context, req *g.AccountRequest) (*g.ScriptR func (s *Server) GetActiveLeases(req *g.AccountRequest, srv g.AccountsApi_GetActiveLeasesServer) error { extendedApi, err := s.state.ProvidesExtendedApi() - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.Internal, err.Error()) } if !extendedApi { @@ -83,7 +86,7 @@ func (s *Server) GetActiveLeases(req *g.AccountRequest, srv g.AccountsApi_GetAct } c := proto.ProtobufConverter{FallbackChainID: s.scheme} addr, err := c.Address(s.scheme, req.Address) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.InvalidArgument, err.Error()) } @@ -100,7 +103,7 @@ func (s *Server) GetActiveLeases(req *g.AccountRequest, srv g.AccountsApi_GetAct } } iter, err := s.state.NewAddrTransactionsIterator(addr) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.Internal, err.Error()) } if iter == nil { @@ -108,8 +111,9 @@ func (s *Server) GetActiveLeases(req *g.AccountRequest, srv g.AccountsApi_GetAct return nil } handler := &getActiveLeasesHandler{srv, s} - if err := s.iterateAndHandleTransactions(iter, filterFn, handler.handle); err != nil { - return status.Error(codes.Internal, err.Error()) + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return + if iErr := s.iterateAndHandleTransactions(iter, filterFn, handler.handle); iErr != nil { + return status.Error(codes.Internal, iErr.Error()) } return nil } @@ -117,13 +121,13 @@ func (s *Server) GetActiveLeases(req *g.AccountRequest, srv g.AccountsApi_GetAct func (s *Server) GetDataEntries(req *g.DataRequest, srv g.AccountsApi_GetDataEntriesServer) error { c := proto.ProtobufConverter{FallbackChainID: s.scheme} addr, err := c.Address(s.scheme, req.Address) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.InvalidArgument, err.Error()) } rcp := proto.NewRecipientFromAddress(addr) if req.Key != "" { entry, err := s.state.RetrieveEntry(rcp, req.Key) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return if stateerr.IsNotFound(err) { return nil } @@ -133,13 +137,14 @@ func (s *Server) GetDataEntries(req *g.DataRequest, srv g.AccountsApi_GetDataEnt return status.Error(codes.NotFound, "entry removed") } res := &g.DataEntryResponse{Address: req.Address, Entry: entry.ToProtobuf()} - if err := srv.Send(res); err != nil { - return status.Error(codes.Internal, err.Error()) + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return + if sErr := srv.Send(res); sErr != nil { + return status.Error(codes.Internal, sErr.Error()) } return nil } entries, err := s.state.RetrieveEntries(rcp) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return if stateerr.IsNotFound(err) { return nil } @@ -150,8 +155,9 @@ func (s *Server) GetDataEntries(req *g.DataRequest, srv g.AccountsApi_GetDataEnt continue // Do not send removed entries } res := &g.DataEntryResponse{Address: req.Address, Entry: entry.ToProtobuf()} - if err := srv.Send(res); err != nil { - return status.Error(codes.Internal, err.Error()) + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return + if sErr := srv.Send(res); sErr != nil { + return status.Error(codes.Internal, sErr.Error()) } } return nil @@ -160,7 +166,7 @@ func (s *Server) GetDataEntries(req *g.DataRequest, srv g.AccountsApi_GetDataEnt func (s *Server) ResolveAlias(_ context.Context, req *wrapperspb.StringValue) (*wrapperspb.BytesValue, error) { alias := proto.NewAlias(s.scheme, req.Value) addr, err := s.state.AddrByAlias(*alias) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.NotFound, err.Error()) } return &wrapperspb.BytesValue{Value: addr.Bytes()}, nil diff --git a/pkg/grpc/server/assets_api.go b/pkg/grpc/server/assets_api.go index 4644a4547f..36a11a18cf 100644 --- a/pkg/grpc/server/assets_api.go +++ b/pkg/grpc/server/assets_api.go @@ -14,15 +14,15 @@ import ( func (s *Server) GetInfo(_ context.Context, req *g.AssetRequest) (*g.AssetInfoResponse, error) { // we expect full asset id (crypto.Digest) fullAssetID, err := crypto.NewDigestFromBytes(req.AssetId) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.InvalidArgument, err.Error()) } ai, err := s.state.FullAssetInfo(proto.AssetIDFromDigest(fullAssetID)) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.NotFound, err.Error()) } res, err := ai.ToProtobuf(s.scheme) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.Internal, err.Error()) } return res, nil @@ -31,31 +31,32 @@ func (s *Server) GetInfo(_ context.Context, req *g.AssetRequest) (*g.AssetInfoRe func (s *Server) GetNFTList(req *g.NFTRequest, srv g.AssetsApi_GetNFTListServer) error { c := proto.ProtobufConverter{FallbackChainID: s.scheme} addr, err := c.Address(s.scheme, req.Address) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.InvalidArgument, err.Error()) } var afterAssetID *proto.AssetID if len(req.AfterAssetId) != 0 { // we expect full asset id (crypto.Digest) fullAssetID, err := crypto.NewDigestFromBytes(req.AfterAssetId) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.InvalidArgument, err.Error()) } assetID := proto.AssetIDFromDigest(fullAssetID) afterAssetID = &assetID } nfts, err := s.state.NFTList(proto.NewRecipientFromAddress(addr), uint64(req.Limit), afterAssetID) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.Internal, err.Error()) } for _, nft := range nfts { ai, err := nft.ToProtobuf(s.scheme) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.Internal, err.Error()) } res := &g.NFTResponse{AssetId: nft.ID.Bytes(), AssetInfo: ai} - if err := srv.Send(res); err != nil { - return status.Error(codes.Internal, err.Error()) + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return + if sErr := srv.Send(res); sErr != nil { + return status.Error(codes.Internal, sErr.Error()) } } return nil diff --git a/pkg/grpc/server/blockchain_api.go b/pkg/grpc/server/blockchain_api.go index 88c8be9df4..04ca11d725 100644 --- a/pkg/grpc/server/blockchain_api.go +++ b/pkg/grpc/server/blockchain_api.go @@ -80,7 +80,7 @@ func (s *Server) featureActivationStatus(id int16, height uint64) (*g.FeatureAct func (s *Server) GetActivationStatus(ctx context.Context, req *g.ActivationStatusRequest) (*g.ActivationStatusResponse, error) { height, err := s.state.Height() - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.Internal, err.Error()) } if req.Height > int32(height) { @@ -89,7 +89,7 @@ func (s *Server) GetActivationStatus(ctx context.Context, req *g.ActivationStatu reqHeight := uint64(req.Height) res := &g.ActivationStatusResponse{Height: req.Height} sets, err := s.state.BlockchainSettings() - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.Internal, err.Error()) } res.VotingInterval = int32(sets.ActivationWindowSize(reqHeight)) @@ -97,13 +97,13 @@ func (s *Server) GetActivationStatus(ctx context.Context, req *g.ActivationStatu prevCheck := reqHeight - (reqHeight % uint64(res.VotingInterval)) res.NextCheck = int32(prevCheck) + res.VotingInterval features, err := s.allFeatures() - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.Internal, err.Error()) } res.Features = make([]*g.FeatureActivationStatus, len(features)) for i, id := range features { res.Features[i], err = s.featureActivationStatus(id, reqHeight) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.Internal, err.Error()) } } @@ -112,11 +112,11 @@ func (s *Server) GetActivationStatus(ctx context.Context, req *g.ActivationStatu func (s *Server) GetBaseTarget(ctx context.Context, req *emptypb.Empty) (*g.BaseTargetResponse, error) { height, err := s.state.Height() - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.Internal, err.Error()) } block, err := s.state.BlockByHeight(height) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.NotFound, err.Error()) } return &g.BaseTargetResponse{BaseTarget: int64(block.BaseTarget)}, nil @@ -124,11 +124,11 @@ func (s *Server) GetBaseTarget(ctx context.Context, req *emptypb.Empty) (*g.Base func (s *Server) GetCumulativeScore(ctx context.Context, req *emptypb.Empty) (*g.ScoreResponse, error) { score, err := s.state.CurrentScore() - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.Internal, err.Error()) } scoreBytes, err := score.GobEncode() - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.Internal, err.Error()) } return &g.ScoreResponse{Score: scoreBytes}, nil diff --git a/pkg/grpc/server/blocks_api.go b/pkg/grpc/server/blocks_api.go index e8bbe67a9b..78e5d79202 100644 --- a/pkg/grpc/server/blocks_api.go +++ b/pkg/grpc/server/blocks_api.go @@ -17,15 +17,15 @@ import ( func (s *Server) headerByHeight(height proto.Height) (*g.BlockWithHeight, error) { header, err := s.state.HeaderByHeight(height) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.NotFound, err.Error()) } vrf, rewards, err := calculateVRFAndRewards(s.state, s.scheme, header, height) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.Internal, err.Error()) } res, err := header.HeaderToProtobufWithHeight(s.scheme, height, vrf, rewards) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.Internal, err.Error()) } return res, nil @@ -33,15 +33,15 @@ func (s *Server) headerByHeight(height proto.Height) (*g.BlockWithHeight, error) func (s *Server) blockByHeight(height proto.Height) (*g.BlockWithHeight, error) { block, err := s.state.BlockByHeight(height) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.NotFound, err.Error()) } vrf, rewards, err := calculateVRFAndRewards(s.state, s.scheme, &block.BlockHeader, height) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.Internal, err.Error()) } res, err := block.ToProtobufWithHeight(s.scheme, height, vrf, rewards) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.Internal, err.Error()) } return res, nil @@ -85,11 +85,11 @@ func (s *Server) GetBlock(ctx context.Context, req *g.BlockRequest) (*g.BlockWit switch r := req.Request.(type) { case *g.BlockRequest_BlockId: id, err := proto.NewBlockIDFromBytes(r.BlockId) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.InvalidArgument, err.Error()) } blockHeight, err := s.state.BlockIDToHeight(id) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.NotFound, err.Error()) } return s.headerOrBlockByHeight(blockHeight, req.IncludeTransactions) @@ -109,7 +109,7 @@ func (s *Server) GetBlockRange(req *g.BlockRangeRequest, srv g.BlocksApi_GetBloc } case *g.BlockRangeRequest_GeneratorAddress: addr, err := proto.RebuildAddress(s.scheme, t.GeneratorAddress) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Errorf(codes.InvalidArgument, "Invalid address: %s", err.Error()) } filter = func(b *g.BlockWithHeight) bool { @@ -122,7 +122,7 @@ func (s *Server) GetBlockRange(req *g.BlockRangeRequest, srv g.BlocksApi_GetBloc } } stateHeight, err := s.state.Height() - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.Internal, err.Error()) } if req.ToHeight > uint32(stateHeight) { @@ -130,14 +130,15 @@ func (s *Server) GetBlockRange(req *g.BlockRangeRequest, srv g.BlocksApi_GetBloc } for height := proto.Height(req.FromHeight); height <= proto.Height(req.ToHeight); height++ { block, err := s.headerOrBlockByHeight(height, req.IncludeTransactions) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.NotFound, err.Error()) } if !filter(block) { continue } - if err := srv.Send(block); err != nil { - return status.Error(codes.Internal, err.Error()) + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return + if sErr := srv.Send(block); sErr != nil { + return status.Error(codes.Internal, sErr.Error()) } } return nil @@ -145,7 +146,7 @@ func (s *Server) GetBlockRange(req *g.BlockRangeRequest, srv g.BlocksApi_GetBloc func (s *Server) GetCurrentHeight(ctx context.Context, req *emptypb.Empty) (*wrapperspb.UInt32Value, error) { height, err := s.state.Height() - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, status.Error(codes.Internal, err.Error()) } return &wrapperspb.UInt32Value{Value: uint32(height)}, nil diff --git a/pkg/grpc/server/transactions_api.go b/pkg/grpc/server/transactions_api.go index 42d28e0998..a77ad0b366 100644 --- a/pkg/grpc/server/transactions_api.go +++ b/pkg/grpc/server/transactions_api.go @@ -37,18 +37,18 @@ func (h *getTransactionsHandler) handle(tx proto.Transaction, status proto.Trans func (s *Server) GetTransactions(req *g.TransactionsRequest, srv g.TransactionsApi_GetTransactionsServer) error { extendedApi, err := s.state.ProvidesExtendedApi() - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.Internal, err.Error()) } if !extendedApi { return status.Error(codes.FailedPrecondition, "Node's state does not have information required for extended API") } filter, err := newTxFilter(s.scheme, req) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.FailedPrecondition, err.Error()) } iter, err := s.newStateIterator(filter.getSenderRecipient()) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.Internal, err.Error()) } if iter == nil { @@ -68,8 +68,9 @@ func (s *Server) GetTransactions(req *g.TransactionsRequest, srv g.TransactionsA return nil } handler := &getTransactionsHandler{srv, s} - if err := s.iterateAndHandleTransactions(iter, filter.filter, handler.handle); err != nil { - return status.Error(codes.Internal, err.Error()) + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return + if iErr := s.iterateAndHandleTransactions(iter, filter.filter, handler.handle); iErr != nil { + return status.Error(codes.Internal, iErr.Error()) } return nil } @@ -119,14 +120,14 @@ func (h *getStateChangesHandler) handle(tx proto.Transaction, _ proto.Transactio func (s *Server) GetStateChanges(req *g.TransactionsRequest, srv g.TransactionsApi_GetStateChangesServer) error { extendedApi, err := s.state.ProvidesExtendedApi() - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.Internal, err.Error()) } if !extendedApi { return status.Error(codes.FailedPrecondition, "Node's state does not have information required for extended API") } ftr, err := newTxFilter(s.scheme, req) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.FailedPrecondition, err.Error()) } filter := newTxFilterInvoke(ftr) @@ -136,7 +137,7 @@ func (s *Server) GetStateChanges(req *g.TransactionsRequest, srv g.TransactionsA } else { iter, err = s.newStateIterator(ftr.getSenderRecipient()) } - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.Internal, err.Error()) } if iter == nil { @@ -144,8 +145,9 @@ func (s *Server) GetStateChanges(req *g.TransactionsRequest, srv g.TransactionsA return nil } handler := &getStateChangesHandler{srv, s} - if err := s.iterateAndHandleTransactions(iter, filter.filter, handler.handle); err != nil { - return status.Error(codes.Internal, err.Error()) + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return + if iErr := s.iterateAndHandleTransactions(iter, filter.filter, handler.handle); iErr != nil { + return status.Error(codes.Internal, iErr.Error()) } return nil } @@ -156,7 +158,7 @@ func (s *Server) GetStatuses(req *g.TransactionsByIdRequest, srv g.TransactionsA if _, txStatus, err := s.state.TransactionByIDWithStatus(id); err == nil { // Transaction is in state, it is confirmed. height, err := s.state.TransactionHeightByID(id) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.Internal, err.Error()) } res.Status = g.TransactionStatus_CONFIRMED @@ -179,6 +181,7 @@ func (s *Server) GetStatuses(req *g.TransactionsByIdRequest, srv g.TransactionsA res.Status = g.TransactionStatus_NOT_EXISTS res.ApplicationStatus = g.ApplicationStatus_UNKNOWN } + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if err := srv.Send(res); err != nil { return status.Error(codes.Internal, err.Error()) } @@ -204,7 +207,7 @@ func (h *getUnconfirmedHandler) handle(tx proto.Transaction, status proto.Transa func (s *Server) GetUnconfirmed(req *g.TransactionsRequest, srv g.TransactionsApi_GetUnconfirmedServer) error { filter, err := newTxFilter(s.scheme, req) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return status.Error(codes.FailedPrecondition, err.Error()) } handler := &getUnconfirmedHandler{srv, s} @@ -213,6 +216,7 @@ func (s *Server) GetUnconfirmed(req *g.TransactionsRequest, srv g.TransactionsAp if !filter.filter(tx) { continue } + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if hErr := handler.handle(tx, proto.TransactionSucceeded); hErr != nil { return status.Error(codes.Internal, hErr.Error()) } diff --git a/pkg/libs/ntptime/ntptime.go b/pkg/libs/ntptime/ntptime.go index 1ad6aae284..734958b7a1 100644 --- a/pkg/libs/ntptime/ntptime.go +++ b/pkg/libs/ntptime/ntptime.go @@ -46,7 +46,7 @@ func tryNew(addr string, tries uint, inner inner) (*ntpTimeImpl, error) { return newNTPTime(addr, inner) } rs, err := newNTPTime(addr, inner) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return tryNew(addr, tries-1, inner) } return rs, nil diff --git a/pkg/networking/session.go b/pkg/networking/session.go index 1d0f9bb345..4ab99a4501 100644 --- a/pkg/networking/session.go +++ b/pkg/networking/session.go @@ -415,7 +415,6 @@ func (s *Session) keepaliveLoop() error { timer := time.NewTimer(s.config.keepAliveInterval) defer timer.Stop() for { - timer.Reset(s.config.keepAliveInterval) select { case <-s.ctx.Done(): return s.ctx.Err() @@ -437,6 +436,7 @@ func (s *Session) keepaliveLoop() error { return fErr } } + timer.Reset(s.config.keepAliveInterval) } } } diff --git a/pkg/node/fsm/fsm_common.go b/pkg/node/fsm/fsm_common.go index 64ad50ec7e..52b174c89a 100644 --- a/pkg/node/fsm/fsm_common.go +++ b/pkg/node/fsm/fsm_common.go @@ -109,7 +109,7 @@ func tryBroadcastTransaction( fsm State, baseInfo BaseInfo, p peer.Peer, t proto.Transaction, ) (_ State, _ Async, err error) { defer func() { - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return err = fsm.Errorf(proto.NewInfoMsg(err)) } }() @@ -127,7 +127,7 @@ func tryBroadcastTransaction( return } txID := base58.Encode(txIDBytes) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return err = errors.Wrapf(err, "failed to broadcast transaction %q", txID) } else { baseInfo.logger.Debug("Transaction broadcasted successfully", "state", fsm.String(), "txID", txID) @@ -187,8 +187,9 @@ func convertToInterface[T any](arg any) T { } func isCanBeNil(t reflect.Type) bool { - return t.Kind() == reflect.Map || t.Kind() == reflect.Slice || t.Kind() == reflect.Interface || - t.Kind() == reflect.Chan || t.Kind() == reflect.Func || t.Kind() == reflect.Ptr + k := t.Kind() + return k == reflect.Map || k == reflect.Slice || k == reflect.Interface || k == reflect.Chan || + k == reflect.Func || k == reflect.Pointer } func validateEventArgs(event stateless.Trigger, args ...any) { diff --git a/pkg/node/fsm/sync_state.go b/pkg/node/fsm/sync_state.go index ab6726df5e..2d307bf0b6 100644 --- a/pkg/node/fsm/sync_state.go +++ b/pkg/node/fsm/sync_state.go @@ -211,7 +211,7 @@ func (a *SyncState) MinedBlock( a.baseInfo.storage, []*proto.Block{block}, ) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return slog.Warn("Failed to apply mined block", slog.String("state", a.String()), logging.Error(err)) return a, nil, nil // We've failed to apply mined block, it's not an error } diff --git a/pkg/node/fsm/wait_micro_snapshot.go b/pkg/node/fsm/wait_micro_snapshot.go index b9e1525697..f90e1f9dfd 100644 --- a/pkg/node/fsm/wait_micro_snapshot.go +++ b/pkg/node/fsm/wait_micro_snapshot.go @@ -105,7 +105,7 @@ func (a *WaitMicroSnapshotState) MicroBlockSnapshot( defer a.cleanupBeforeTransition() // the TopBlock() is used here block, err := a.checkAndAppendMicroBlock(a.microBlockWaitingForSnapshot, &snapshot) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return metrics.MicroBlockDeclined(a.microBlockWaitingForSnapshot) ae := a.Errorf(err) slog.Error("Failed to check and append microblock", slog.String("state", a.String()), logging.Error(ae)) @@ -121,7 +121,7 @@ func (a *WaitMicroSnapshotState) MicroBlockSnapshot( // Notify all connected peers about new microblock, send them microblock inv network message if inv, ok := a.baseInfo.MicroBlockInvCache.Get(block.BlockID()); ok { //TODO: We have to exclude from recipients peers that already have this microblock - if err = broadcastMicroBlockInv(a.baseInfo, inv); err != nil { + if err = broadcastMicroBlockInv(a.baseInfo, inv); err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return ae := a.Errorf(errors.Wrap(err, "Failed to handle micro block message")) slog.Error("Failed to broadcast microblock", slog.String("state", a.String()), logging.Error(ae)) return processScoreAfterApplyingOrReturnToNG(a, a.baseInfo, a.receivedScores, a.blocksCache) diff --git a/pkg/node/fsm/wait_snapshot_state.go b/pkg/node/fsm/wait_snapshot_state.go index 58351f3095..843d743cf9 100644 --- a/pkg/node/fsm/wait_snapshot_state.go +++ b/pkg/node/fsm/wait_snapshot_state.go @@ -117,7 +117,7 @@ func (a *WaitSnapshotState) BlockSnapshot( []*proto.Block{a.blockWaitingForSnapshot}, []*proto.BlockSnapshot{&snapshot}, ) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return slog.Error("Failed to apply block with snapshot", slog.String("state", a.String()), logging.Error(err), slog.Any("blockID", a.blockWaitingForSnapshot.BlockID())) return processScoreAfterApplyingOrReturnToNG(a, a.baseInfo, a.receivedScores, a.blocksCache) diff --git a/pkg/node/node.go b/pkg/node/node.go index 337e1b428c..46efe85458 100644 --- a/pkg/node/node.go +++ b/pkg/node/node.go @@ -121,8 +121,8 @@ func (a *Node) serveIncomingPeers(ctx context.Context) error { for { conn, acErr := l.Accept() - if acErr != nil { - if errors.Is(err, net.ErrClosed) && errors.Is(ctx.Err(), context.Canceled) { + if acErr != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return + if errors.Is(acErr, net.ErrClosed) && errors.Is(ctx.Err(), context.Canceled) { return nil // Listener closed due to context cancellation this is fine. } slog.Error("Failed to accept new peer", logging.Error(acErr)) diff --git a/pkg/node/peers/active_peers_internal_test.go b/pkg/node/peers/active_peers_internal_test.go index 3e5a9ea93b..792c8309b0 100644 --- a/pkg/node/peers/active_peers_internal_test.go +++ b/pkg/node/peers/active_peers_internal_test.go @@ -3,7 +3,7 @@ package peers import ( "encoding/binary" "math/big" - "math/rand" + "math/rand" // nosemgrep: go.lang.security.audit.crypto.math_random.math-random-used "net" "sort" "testing" diff --git a/pkg/node/peers/score_selector.go b/pkg/node/peers/score_selector.go index 0ce33ecba3..8a6bdb1d8b 100644 --- a/pkg/node/peers/score_selector.go +++ b/pkg/node/peers/score_selector.go @@ -3,7 +3,7 @@ package peers import ( "container/heap" "fmt" - "math/rand/v2" + "math/rand/v2" // nosemgrep: go.lang.security.audit.crypto.math_random.math-random-used "github.com/wavesplatform/gowaves/pkg/p2p/peer" "github.com/wavesplatform/gowaves/pkg/proto" diff --git a/pkg/node/peers/storage/cbor.go b/pkg/node/peers/storage/cbor.go index 72ce6b0f1c..ce0855548d 100644 --- a/pkg/node/peers/storage/cbor.go +++ b/pkg/node/peers/storage/cbor.go @@ -574,8 +574,9 @@ func createFileIfNotExist(path string) (err error) { return errors.Wrapf(err, "failed to create if not exist file %q", path) } defer func() { + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if closeErr := knownFile.Close(); closeErr != nil { - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return err = errors.Wrapf(err, "failed to close file %q, %v", path, closeErr) } else { err = errors.Wrapf(closeErr, "failed to close file %q", path) diff --git a/pkg/p2p/outgoing/outgoing.go b/pkg/p2p/outgoing/outgoing.go index ba3ce40837..0d9410c893 100644 --- a/pkg/p2p/outgoing/outgoing.go +++ b/pkg/p2p/outgoing/outgoing.go @@ -70,7 +70,7 @@ func (a *connector) connect( return nil, proto.Handshake{}, errors.Wrapf(err, "failed to dial with address %s", addr) } defer func() { - if err != nil { // close connection on error + if err != nil { // close connection on error // nosemgrep: semgrep.rules.if-incorrect-nil-err-return if clErr := c.Close(); clErr != nil { slog.Error("Failed to close outgoing connection", slog.String("address", addr), logging.Error(clErr)) } diff --git a/pkg/proto/block_test.go b/pkg/proto/block_test.go index 981461a1d5..445c7a7ae9 100644 --- a/pkg/proto/block_test.go +++ b/pkg/proto/block_test.go @@ -379,6 +379,24 @@ func TestEmptyBlockMarshall(t *testing.T) { require.Error(t, err) } +func TestEmptyBlockJSONRoundTrip(t *testing.T) { + var b Block + bts, err := json.Marshal(b) + require.NoError(t, err) + assert.Nil(t, b.GenSignature) + + var bb Block + err = json.Unmarshal(bts, &bb) + require.NoError(t, err) + + assert.NotNil(t, bb.GenSignature) // check B58Bytes behavior + assert.Empty(t, bb.GenSignature) + + bb.GenSignature = nil + + require.Equal(t, b, bb) +} + func TestBlockVerifyRootHash(t *testing.T) { // Waves waves := NewOptionalAssetWaves() diff --git a/pkg/proto/eth_typed_data.go b/pkg/proto/eth_typed_data.go index ce699633b8..938362a6e5 100644 --- a/pkg/proto/eth_typed_data.go +++ b/pkg/proto/eth_typed_data.go @@ -264,7 +264,7 @@ func parseInteger(encType string, encValue any) (*big.Int, error) { lengthStr = strings.TrimPrefix(encType, "int") } atoiSize, err := strconv.Atoi(lengthStr) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, errors.Errorf("invalid size on integer: %v", lengthStr) } length = atoiSize @@ -362,7 +362,7 @@ func (typedData *ethereumTypedData) EncodePrimitiveValue(encType string, encValu if after, ok := strings.CutPrefix(encType, "bytes"); ok { lengthStr := after length, err := strconv.Atoi(lengthStr) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, errors.Errorf("invalid size on bytes: %v", lengthStr) } if length < 0 || length > ethABISlotSize { diff --git a/pkg/proto/proto.go b/pkg/proto/proto.go index f18b35d183..a9a3db20c6 100644 --- a/pkg/proto/proto.go +++ b/pkg/proto/proto.go @@ -928,7 +928,7 @@ func ipsV4PortFromString(addr string) ([]net.IP, uint16, error) { return nil, 0, errors.Wrap(err, "failed to split host and port") } portNum, err := strconv.ParseUint(port, 10, 16) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, 0, errors.Errorf("invalid port %q", port) } if portNum == 0 { diff --git a/pkg/proto/transactions_test.go b/pkg/proto/transactions_test.go index 094c305df0..fc17c8d796 100644 --- a/pkg/proto/transactions_test.go +++ b/pkg/proto/transactions_test.go @@ -5589,6 +5589,7 @@ func TestDataWithProofsToJSON(t *testing.T) { } func TestDataWithProofsFromJSON(t *testing.T) { + // nosemgrep: generic.secrets.gitleaks.generic-api-key.generic-api-key var js = ` { "type": 12, diff --git a/pkg/ride/converters.go b/pkg/ride/converters.go index 3bc119816d..9bb051a2fc 100644 --- a/pkg/ride/converters.go +++ b/pkg/ride/converters.go @@ -1585,7 +1585,7 @@ func convertToAction(env environment, obj rideType) (proto.ScriptAction, error) // On asset ID conversion error we return empty action as in Scala // See example on MainNet: transaction (https://wavesexplorer.com/tx/AUpiEr49Jo43Q9zXKkNN23rstiq87hguvhfQqV8ov9uQ) // and script (https://wavesexplorer.com/tx/Bp1oieWHWpLz8vBFZui9tY1oDTAKUPTrBAGcwfRe9q5K) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return &proto.TransferScriptAction{ Recipient: recipient, Amount: 0, diff --git a/pkg/ride/functions_bigint.go b/pkg/ride/functions_bigint.go index 2721e0b50b..4e114d1b92 100644 --- a/pkg/ride/functions_bigint.go +++ b/pkg/ride/functions_bigint.go @@ -531,7 +531,7 @@ func stringToBigInt(_ environment, args ...rideType) (rideType, error) { func stringToBigIntOpt(env environment, args ...rideType) (rideType, error) { v, err := stringToBigInt(env, args...) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return newUnit(env), nil } return v, nil diff --git a/pkg/ride/functions_proto.go b/pkg/ride/functions_proto.go index d27bc1a509..df23f20d95 100644 --- a/pkg/ride/functions_proto.go +++ b/pkg/ride/functions_proto.go @@ -438,7 +438,7 @@ func addressFromString(env environment, args ...rideType) (rideType, error) { return nil, errors.Wrap(err, "addressFromString") } a, err := proto.NewAddressFromString(string(s)) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideUnit{}, nil } if a[1] != env.scheme() { @@ -506,7 +506,7 @@ func assetBalanceV3(env environment, args ...rideType) (rideType, error) { balance, err = env.state().NewestWavesBalance(recipient) case rideByteVector: asset, digestErr := crypto.NewDigestFromBytes(assetBytes) - if digestErr != nil { + if digestErr != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideInt(0), nil // according to the scala node implementation } balance, err = env.state().NewestAssetBalance(recipient, asset) @@ -532,7 +532,7 @@ func assetBalanceV4(env environment, args ...rideType) (rideType, error) { return nil, errors.Errorf("assetBalanceV4: unable to extract asset ID from '%s'", args[1].instanceOf()) } asset, digestErr := crypto.NewDigestFromBytes(assetBytes) - if digestErr != nil { + if digestErr != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideInt(0), nil // according to the scala node implementation } balance, err := env.state().NewestAssetBalance(recipient, asset) @@ -544,7 +544,7 @@ func assetBalanceV4(env environment, args ...rideType) (rideType, error) { func intFromState(env environment, args ...rideType) (rideType, error) { r, k, err := extractRecipientAndKey(args) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideUnit{}, nil } entry, err := env.state().RetrieveNewestIntegerEntry(r, k) @@ -559,7 +559,7 @@ func intFromState(env environment, args ...rideType) (rideType, error) { func intFromSelfState(env environment, args ...rideType) (rideType, error) { k, err := keyArg(args) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideUnit{}, nil } a, ok := env.this().(rideAddress) @@ -579,7 +579,7 @@ func intFromSelfState(env environment, args ...rideType) (rideType, error) { func bytesFromState(env environment, args ...rideType) (rideType, error) { r, k, err := extractRecipientAndKey(args) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideUnit{}, nil } entry, err := env.state().RetrieveNewestBinaryEntry(r, k) @@ -594,7 +594,7 @@ func bytesFromState(env environment, args ...rideType) (rideType, error) { func bytesFromSelfState(env environment, args ...rideType) (rideType, error) { k, err := keyArg(args) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideUnit{}, nil } a, ok := env.this().(rideAddress) @@ -614,7 +614,7 @@ func bytesFromSelfState(env environment, args ...rideType) (rideType, error) { func stringFromState(env environment, args ...rideType) (rideType, error) { r, k, err := extractRecipientAndKey(args) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideUnit{}, nil } entry, err := env.state().RetrieveNewestStringEntry(r, k) @@ -629,7 +629,7 @@ func stringFromState(env environment, args ...rideType) (rideType, error) { func stringFromSelfState(env environment, args ...rideType) (rideType, error) { k, err := keyArg(args) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideUnit{}, nil } a, ok := env.this().(rideAddress) @@ -649,7 +649,7 @@ func stringFromSelfState(env environment, args ...rideType) (rideType, error) { func booleanFromState(env environment, args ...rideType) (rideType, error) { r, k, err := extractRecipientAndKey(args) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideUnit{}, nil } entry, err := env.state().RetrieveNewestBooleanEntry(r, k) @@ -664,7 +664,7 @@ func booleanFromState(env environment, args ...rideType) (rideType, error) { func booleanFromSelfState(env environment, args ...rideType) (rideType, error) { k, err := keyArg(args) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideUnit{}, nil } a, ok := env.this().(rideAddress) @@ -726,11 +726,11 @@ func sigVerify(env environment, args ...rideType) (rideType, error) { return nil, errors.Errorf("sigVerify: unexpected argument type '%s'", args[2].instanceOf()) } pk, err := crypto.NewPublicKeyFromBytes(pkb) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideBoolean(false), nil } sig, err := crypto.NewSignatureFromBytes(signature) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideBoolean(false), nil } ok = crypto.Verify(pk, sig, message) @@ -789,7 +789,7 @@ func addressFromPublicKey(env environment, args ...rideType) (rideType, error) { return nil, errors.Wrap(err, "addressFromPublicKey") } addr, err := proto.NewAddressLikeFromAnyBytes(env.scheme(), b) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideUnit{}, nil } return rideAddress(addr), nil @@ -859,7 +859,7 @@ func assetInfoV3(env environment, args ...rideType) (rideType, error) { return nil, errors.Wrap(err, "assetInfoV3") } asset, err := crypto.NewDigestFromBytes(b) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideUnit{}, nil } info, err := env.state().NewestAssetInfo(asset) @@ -878,7 +878,7 @@ func assetInfoV4(env environment, args ...rideType) (rideType, error) { return nil, errors.Wrap(err, "assetInfoV4") } asset, err := crypto.NewDigestFromBytes(b) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideUnit{}, nil } info, err := env.state().NewestFullAssetInfo(asset) @@ -1045,7 +1045,7 @@ func checkMerkleProof(_ environment, args ...rideType) (rideType, error) { return nil, errors.Errorf("checkMerkleProof: unexpected argument type '%s'", args[2].instanceOf()) } r, err := c2.MerkleRootHash(leaf, proof) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideBoolean(false), nil } return rideBoolean(bytes.Equal(root, r)), nil @@ -1369,7 +1369,7 @@ func address(_ environment, args ...rideType) (rideType, error) { return nil, errors.Wrap(err, "address") } addr, err := proto.NewAddressFromBytes(b) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideAddressLike(b), nil } return rideAddress(addr), nil diff --git a/pkg/ride/functions_strings.go b/pkg/ride/functions_strings.go index 22cd7a019e..da9096c7e9 100644 --- a/pkg/ride/functions_strings.go +++ b/pkg/ride/functions_strings.go @@ -303,7 +303,7 @@ func parseInt(_ environment, args ...rideType) (rideType, error) { return nil, errors.Wrap(err, "parseInt") } i, err := strconv.ParseInt(string(s), 10, 64) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return rideUnit{}, nil } return rideInt(i), nil diff --git a/pkg/ride/functions_test.go b/pkg/ride/functions_test.go index 4cab27ebec..23121dab07 100644 --- a/pkg/ride/functions_test.go +++ b/pkg/ride/functions_test.go @@ -1,7 +1,7 @@ package ride import ( - "math/rand" + "math/rand" // nosemgrep: go.lang.security.audit.crypto.math_random.math-random-used "testing" "github.com/stretchr/testify/assert" diff --git a/pkg/ride/generate/internal/generator_config.go b/pkg/ride/generate/internal/generator_config.go index 5268bdd55e..561dae50fd 100644 --- a/pkg/ride/generate/internal/generator_config.go +++ b/pkg/ride/generate/internal/generator_config.go @@ -71,7 +71,9 @@ func parseConfig(configPath string) (_ *rideObjects, err error) { return nil, errors.Wrap(err, "failed to open file") } defer func() { + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if closeErr := f.Close(); closeErr != nil { + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return if err != nil { err = errors.Wrapf(err, "failed to close file: %v", closeErr) } else { diff --git a/pkg/ride/math/math.go b/pkg/ride/math/math.go index 5c3a774ef3..f1368ec270 100644 --- a/pkg/ride/math/math.go +++ b/pkg/ride/math/math.go @@ -142,7 +142,7 @@ func pow(base, exponent *decimal.Big, context decimal.Context) (*decimal.Big, er } r := decimal.WithContext(context) r = math.Pow(r, base, exponent) - if r.Context.Err() != nil { + if r.Context.Err() != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, errors.New(r.Context.Conditions.Error()) } return r, nil @@ -229,16 +229,16 @@ func log(base, exponent *decimal.Big, resultScale int) (*decimal.Big, error) { r := decimal.WithContext(bigIntContext).SetMantScale(0, resultScale) bl := decimal.WithContext(bigIntContext) math.Log(bl, base) - if bl.Context.Err() != nil { + if bl.Context.Err() != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, errors.New(bl.Context.Conditions.Error()) } el := decimal.WithContext(bigIntContext) math.Log(el, exponent) - if el.Context.Err() != nil { + if el.Context.Err() != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, errors.New(el.Context.Conditions.Error()) } r.Quo(bl, el) - if r.Context.Err() != nil { + if r.Context.Err() != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, errors.New(r.Context.Conditions.Error()) } return r, nil diff --git a/pkg/state/address_transactions.go b/pkg/state/address_transactions.go index 26adb1e3c0..9d01e5e1f5 100644 --- a/pkg/state/address_transactions.go +++ b/pkg/state/address_transactions.go @@ -170,7 +170,8 @@ func newAddressTransactions( return nil, err } defer func() { - if retErr != nil { + if retErr != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if fErr := addrTransactionsFile.Close(); fErr != nil { retErr = errors.Join(retErr, fmt.Errorf("failed to close address_transactions file: %w", fErr)) } diff --git a/pkg/state/aliases.go b/pkg/state/aliases.go index ff232f1583..1a31af64c8 100644 --- a/pkg/state/aliases.go +++ b/pkg/state/aliases.go @@ -332,7 +332,7 @@ func (a *aliases) disableStolenAliases(blockID proto.BlockID) error { func (a *aliases) removeAliasByAddressID(id proto.AddressID, aliasStr string, blockID proto.BlockID) (err error) { defer func() { - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return addr, addrErr := id.ToWavesAddress(a.scheme) if addrErr != nil { err = errors.Wrapf(err, "failed to rebuild address: %v", addrErr) diff --git a/pkg/state/appender.go b/pkg/state/appender.go index 0d864fb4d7..19a2329104 100644 --- a/pkg/state/appender.go +++ b/pkg/state/appender.go @@ -1184,7 +1184,8 @@ func (a *txAppender) handleExchange(tx proto.Transaction, info *fallibleValidati } if info.acceptFailed { // If accepting failed, we must also check resulting balances. - if err := a.diffApplier.validateTxDiff(successfulChanges.diff, a.diffStor); err != nil { + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return + if vErr := a.diffApplier.validateTxDiff(successfulChanges.diff, a.diffStor); vErr != nil { // Not enough balance for successful diff = fail, return failed diff. // We only check successful diff for negative balances, because failed diff is already checked in checkTxFees(). return newApplicationResult(false, scriptsRuns, failedChanges, checkerData), nil diff --git a/pkg/state/assets.go b/pkg/state/assets.go index 336f5bb21a..ca922dc898 100644 --- a/pkg/state/assets.go +++ b/pkg/state/assets.go @@ -349,6 +349,7 @@ func (a *assets) newestAssetExists(asset proto.OptionalAsset) bool { return true } assetID := proto.AssetIDFromDigest(asset.ID) + // nosemgrep: dgryski.semgrep-go.errtodo.err-todo if _, err := a.newestAssetInfo(assetID); err != nil { // TODO: check error type return false } diff --git a/pkg/state/blockreadwriter.go b/pkg/state/blockreadwriter.go index 128af5e4f7..6f6863a0d4 100644 --- a/pkg/state/blockreadwriter.go +++ b/pkg/state/blockreadwriter.go @@ -213,7 +213,8 @@ func newBlockReadWriter( return nil, err } defer func() { - if retErr != nil { + if retErr != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if fErr := blockchain.Close(); fErr != nil { retErr = stderrs.Join(retErr, errors.Wrap(fErr, "failed to close blockchain file")) } @@ -224,7 +225,8 @@ func newBlockReadWriter( return nil, err } defer func() { - if retErr != nil { + if retErr != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if fErr := headers.Close(); fErr != nil { retErr = stderrs.Join(retErr, errors.Wrap(fErr, "failed to close headers file")) } @@ -235,7 +237,8 @@ func newBlockReadWriter( return nil, err } defer func() { - if retErr != nil { + if retErr != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if fErr := blockHeight2ID.Close(); fErr != nil { retErr = stderrs.Join(retErr, errors.Wrap(fErr, "failed to close block_height_to_id file")) } diff --git a/pkg/state/headers_validation_test.go b/pkg/state/headers_validation_test.go index 2f2e5a3710..060093cfb9 100644 --- a/pkg/state/headers_validation_test.go +++ b/pkg/state/headers_validation_test.go @@ -2,7 +2,7 @@ package state import ( "bytes" - "math/rand" + "math/rand" // nosemgrep: go.lang.security.audit.crypto.math_random.math-random-used "runtime" "testing" "time" diff --git a/pkg/state/invoke_applier.go b/pkg/state/invoke_applier.go index d659c2c421..b68c3753ec 100644 --- a/pkg/state/invoke_applier.go +++ b/pkg/state/invoke_applier.go @@ -758,7 +758,9 @@ func (ia *invokeApplier) fallibleValidation(tx proto.Transaction, info *addlInvo // Validate total balance changes. if err := ia.diffApplier.validateTxDiff(totalChanges.diff, ia.invokeDiffStor.diffStorage); err != nil { // Total balance changes lead to negative balance, hence invoke has failed. - // TODO: use different code for negative balances after it is introduced; use better error text here (addr + amount + asset). + // nosemgrep: dgryski.semgrep-go.errtodo.err-todo + // TODO: use different code for negative balances after it is introduced; + // use better error text here (addr + amount + asset). return proto.DAppError, info.failedChanges, err } } diff --git a/pkg/state/state.go b/pkg/state/state.go index 7884471bbb..bac80b012a 100644 --- a/pkg/state/state.go +++ b/pkg/state/state.go @@ -492,7 +492,8 @@ func initDatabase( return nil, nil, nil, false, wrapErr(stateerr.Other, errors.Wrap(err, "failed to create stateDB")) } defer func() { - if retErr != nil { + if retErr != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if sdbCloseErr := sdb.close(); sdbCloseErr != nil { retErr = stderrs.Join(retErr, errors.Wrap(sdbCloseErr, "failed to close state db")) } @@ -518,6 +519,7 @@ func checkAndUpdateDBMeta(dataDir string, amend bool, params StateParams) (_ sta return stateInfo{}, errors.Wrap(err, "failed to open DB meta file") } defer func() { + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if cErr := f.Close(); cErr != nil { err = stderrs.Join(err, errors.Wrap(cErr, "failed to close DB meta file")) } @@ -606,6 +608,7 @@ func newStateManager( return nil, err } if _, err := os.Stat(dataDir); errors.Is(err, fs.ErrNotExist) { + // nosemgrep: go.lang.correctness.permissions.file_permission.incorrect-default-permission if dirErr := os.Mkdir(dataDir, 0750); dirErr != nil { wErr := errors.Wrap(dirErr, "failed to create state directory") return nil, wrapErr(stateerr.Other, wErr) @@ -613,6 +616,7 @@ func newStateManager( } blockStorageDir := filepath.Join(dataDir, blocksStorDir) if _, err := os.Stat(blockStorageDir); errors.Is(err, fs.ErrNotExist) { + // nosemgrep: go.lang.correctness.permissions.file_permission.incorrect-default-permission if dirErr := os.Mkdir(blockStorageDir, 0750); dirErr != nil { return nil, wrapErr(stateerr.Other, errors.Wrap(dirErr, "failed to create blocks directory")) } @@ -623,7 +627,8 @@ func newStateManager( return nil, err } defer func() { - if retErr != nil { + if retErr != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if dbCloseErr := db.Close(); dbCloseErr != nil { retErr = stderrs.Join(retErr, errors.Wrap(dbCloseErr, "failed to close stateDB")) } @@ -641,7 +646,8 @@ func newStateManager( return nil, wrapErr(stateerr.Other, errors.Errorf("failed to create block storage: %v", err)) } defer func() { - if retErr != nil { + if retErr != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if rwCloseErr := rw.close(); rwCloseErr != nil { retErr = stderrs.Join(retErr, errors.Wrap(rwCloseErr, "failed to close block read writer")) } @@ -665,7 +671,8 @@ func newStateManager( return nil, wrapErr(stateerr.Other, errors.Errorf("failed to create address transactions storage: %v", err)) } defer func() { - if retErr != nil { + if retErr != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return + // nosemgrep: semgrep.rules.if-incorrect-nil-err-return, semgrep.rules.if-inplace-func-incorrect-nil-err-return if atxCloseErr := atx.close(); atxCloseErr != nil { retErr = stderrs.Join(retErr, errors.Wrap(atxCloseErr, "failed to close address transactions")) } diff --git a/pkg/wallet/wallet.go b/pkg/wallet/wallet.go index 05c48f4922..dc139baa61 100644 --- a/pkg/wallet/wallet.go +++ b/pkg/wallet/wallet.go @@ -69,7 +69,7 @@ func Decode(walletData []byte, password []byte) (Wallet, error) { format := WalletFormat{} err = json.Unmarshal(bts, &format) - if err != nil { + if err != nil { // nosemgrep: semgrep.rules.if-incorrect-nil-err-return return nil, errors.New("invalid password") } return &WalletImpl{