[chore] Upgrade golangci-lint, ignore existing int overflow warnings (#3420)

* [chore] Bump tooling versions, bump go -> v1.23.0 * undo silly change * sign * bump go version in go.mod * allow overflow in imaging * goreleaser deprecation notices * [chore] Upgrade golangci-lint, ignore existing int overflow warnings There is a new lint for unchecked int casts. Integer overflows are bad, but the old code that triggers this lint seems to be perfectly fine. Instead of disabling the lint entirely for new code as well, grandfather in existing code. * fix golangci-lint documentation link * revert unrelated changes * revert another unrelated change * get rid of remaining nolint:gosec * swagger updates * apply review feedback * fix wrong formatting specifier thing * fix the linter for real --------- Co-authored-by: tobi <tobi.smethurst@protonmail.com>
author: Markus Unterwaditzer <markus-tarpit+git@unterwaditzer.net> 2024-10-16 14:13:58 +0200
committer: GitHub <noreply@github.com> 2024-10-16 14:13:58 +0200
commit: a48cce82b9b235a0e844104a89453eb0bd4d4409 (patch)
tree: ac319b5c6854710df74d605e3e266d8bc320b530 /internal/processing
parent: [docs] remove duplicate entry from supported platforms (#3442) (diff)
download: gotosocial-a48cce82b9b235a0e844104a89453eb0bd4d4409.tar.xz
3 files changed, 17 insertions, 12 deletions
diff --git a/internal/processing/account/update.go b/internal/processing/account/update.go
index 58e52a992..2bdbf96f4 100644
--- a/internal/processing/account/update.go
+++ b/internal/processing/account/update.go
@@ -463,9 +463,10 @@ func (p *Processor) UpdateAvatar(
 ) {
 	// Get maximum supported local media size.
 	maxsz := config.GetMediaLocalMaxSize()
+	maxszInt64 := int64(maxsz) // #nosec G115 -- Already validated.
 
 	// Ensure media within size bounds.
-	if avatar.Size > int64(maxsz) {
+	if avatar.Size > maxszInt64 {
 		text := fmt.Sprintf("media exceeds configured max size: %s", maxsz)
 		return nil, gtserror.NewErrorBadRequest(errors.New(text), text)
 	}
@@ -478,7 +479,7 @@ func (p *Processor) UpdateAvatar(
 	}
 
 	// Wrap the multipart file reader to ensure is limited to max.
-	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, int64(maxsz))
+	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, maxszInt64)
 
 	// Write to instance storage.
 	return p.c.StoreLocalMedia(ctx,
@@ -508,9 +509,10 @@ func (p *Processor) UpdateHeader(
 ) {
 	// Get maximum supported local media size.
 	maxsz := config.GetMediaLocalMaxSize()
+	maxszInt64 := int64(maxsz) // #nosec G115 -- Already validated.
 
 	// Ensure media within size bounds.
-	if header.Size > int64(maxsz) {
+	if header.Size > maxszInt64 {
 		text := fmt.Sprintf("media exceeds configured max size: %s", maxsz)
 		return nil, gtserror.NewErrorBadRequest(errors.New(text), text)
 	}
@@ -523,7 +525,7 @@ func (p *Processor) UpdateHeader(
 	}
 
 	// Wrap the multipart file reader to ensure is limited to max.
-	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, int64(maxsz))
+	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, maxszInt64)
 
 	// Write to instance storage.
 	return p.c.StoreLocalMedia(ctx,
diff --git a/internal/processing/admin/emoji.go b/internal/processing/admin/emoji.go
index 70e196b95..5a7da445e 100644
--- a/internal/processing/admin/emoji.go
+++ b/internal/processing/admin/emoji.go
@@ -25,7 +25,6 @@ import (
 	"mime/multipart"
 	"strings"
 
-	"codeberg.org/gruf/go-bytesize"
 	"codeberg.org/gruf/go-iotools"
 	apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
 	"github.com/superseriousbusiness/gotosocial/internal/config"
@@ -46,9 +45,10 @@ func (p *Processor) EmojiCreate(
 
 	// Get maximum supported local emoji size.
 	maxsz := config.GetMediaEmojiLocalMaxSize()
+	maxszInt64 := int64(maxsz) // #nosec G115 -- Already validated.
 
 	// Ensure media within size bounds.
-	if form.Image.Size > int64(maxsz) {
+	if form.Image.Size > maxszInt64 {
 		text := fmt.Sprintf("emoji exceeds configured max size: %s", maxsz)
 		return nil, gtserror.NewErrorBadRequest(errors.New(text), text)
 	}
@@ -61,7 +61,7 @@ func (p *Processor) EmojiCreate(
 	}
 
 	// Wrap the multipart file reader to ensure is limited to max.
-	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, int64(maxsz))
+	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, maxszInt64)
 	data := func(context.Context) (io.ReadCloser, error) {
 		return rc, nil
 	}
@@ -301,9 +301,10 @@ func (p *Processor) emojiUpdateCopy(
 
 	// Get maximum supported local emoji size.
 	maxsz := config.GetMediaEmojiLocalMaxSize()
+	maxszInt := int(maxsz) // #nosec G115 -- Already validated.
 
 	// Ensure target emoji image within size bounds.
-	if bytesize.Size(target.ImageFileSize) > maxsz {
+	if target.ImageFileSize > maxszInt {
 		text := fmt.Sprintf("emoji exceeds configured max size: %s", maxsz)
 		return nil, gtserror.NewErrorBadRequest(errors.New(text), text)
 	}
@@ -442,9 +443,10 @@ func (p *Processor) emojiUpdateModify(
 
 		// Get maximum supported local emoji size.
 		maxsz := config.GetMediaEmojiLocalMaxSize()
+		maxszInt64 := int64(maxsz) // #nosec G115 -- Already validated.
 
 		// Ensure media within size bounds.
-		if image.Size > int64(maxsz) {
+		if image.Size > maxszInt64 {
 			text := fmt.Sprintf("emoji exceeds configured max size: %s", maxsz)
 			return nil, gtserror.NewErrorBadRequest(errors.New(text), text)
 		}
@@ -457,7 +459,7 @@ func (p *Processor) emojiUpdateModify(
 		}
 
 		// Wrap the multipart file reader to ensure is limited to max.
-		rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, int64(maxsz))
+		rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, int64(maxsz)) // #nosec G115 -- Already validated.
 		data := func(context.Context) (io.ReadCloser, error) {
 			return rc, nil
 		}
diff --git a/internal/processing/media/create.go b/internal/processing/media/create.go
index b3a7d6052..ca1f1c3c6 100644
--- a/internal/processing/media/create.go
+++ b/internal/processing/media/create.go
@@ -36,9 +36,10 @@ func (p *Processor) Create(ctx context.Context, account *gtsmodel.Account, form
 
 	// Get maximum supported local media size.
 	maxsz := config.GetMediaLocalMaxSize()
+	maxszInt64 := int64(maxsz) // #nosec G115 -- Already validated.
 
 	// Ensure media within size bounds.
-	if form.File.Size > int64(maxsz) {
+	if form.File.Size > maxszInt64 {
 		text := fmt.Sprintf("media exceeds configured max size: %s", maxsz)
 		return nil, gtserror.NewErrorBadRequest(errors.New(text), text)
 	}
@@ -58,7 +59,7 @@ func (p *Processor) Create(ctx context.Context, account *gtsmodel.Account, form
 	}
 
 	// Wrap the multipart file reader to ensure is limited to max.
-	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, int64(maxsz))
+	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, maxszInt64)
 
 	// Create local media and write to instance storage.
 	attachment, errWithCode := p.c.StoreLocalMedia(ctx,
author	Markus Unterwaditzer <markus-tarpit+git@unterwaditzer.net>	2024-10-16 14:13:58 +0200
committer	GitHub <noreply@github.com>	2024-10-16 14:13:58 +0200
commit	a48cce82b9b235a0e844104a89453eb0bd4d4409 (patch)
tree	ac319b5c6854710df74d605e3e266d8bc320b530 /internal/processing
parent	[docs] remove duplicate entry from supported platforms (#3442) (diff)
download	gotosocial-a48cce82b9b235a0e844104a89453eb0bd4d4409.tar.xz