diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 902d4d4eb..2d544d4f0 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -23,10 +23,13 @@ jobs: uses: golangci/golangci-lint-action@v9 with: version: v2.10.1 + args: --build-tags=goolm,stdjson vuln_check: name: Security Check runs-on: ubuntu-latest + env: + GOFLAGS: -tags=goolm,stdjson steps: - name: Checkout uses: actions/checkout@v6 @@ -59,4 +62,4 @@ jobs: run: go generate ./... - name: Run go test - run: go test ./... + run: go test -tags goolm,stdjson ./... diff --git a/.goreleaser.yaml b/.goreleaser.yaml index a73f87f30..ea93d0377 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -15,6 +15,7 @@ builds: env: - CGO_ENABLED=0 tags: + - goolm - stdjson ldflags: - -s -w @@ -57,6 +58,7 @@ builds: env: - CGO_ENABLED=0 tags: + - goolm - stdjson ldflags: - -s -w @@ -95,6 +97,7 @@ builds: env: - CGO_ENABLED=0 tags: + - goolm - stdjson ldflags: - -s -w diff --git a/Makefile b/Makefile index 41aa9f51c..2a82e587b 100644 --- a/Makefile +++ b/Makefile @@ -17,7 +17,8 @@ LDFLAGS=-X $(CONFIG_PKG).Version=$(VERSION) -X $(CONFIG_PKG).GitCommit=$(GIT_COM # Go variables GO?=CGO_ENABLED=0 go WEB_GO?=$(GO) -GOFLAGS?=-v -tags goolm,stdjson +GO_BUILD_TAGS?=goolm,stdjson +GOFLAGS?=-v -tags $(GO_BUILD_TAGS) # Patch MIPS LE ELF e_flags (offset 36) for NaN2008-only kernels (e.g. Ingenic X2600). # @@ -221,13 +222,13 @@ clean: ## vet: Run go vet for static analysis vet: generate - @packages="$$(go list ./...)" && \ - $(GO) vet $$(printf '%s\n' "$$packages" | grep -v '^github.com/sipeed/picoclaw/web/') + @packages="$$($(GO) list $(GOFLAGS) ./...)" && \ + $(GO) vet $(GOFLAGS) $$(printf '%s\n' "$$packages" | grep -v '^github.com/sipeed/picoclaw/web/') @cd web/backend && $(WEB_GO) vet ./... ## test: Test Go code test: generate - @$(GO) test $$(go list ./... | grep -v github.com/sipeed/picoclaw/web/) + @$(GO) test $(GOFLAGS) $$($(GO) list $(GOFLAGS) ./... | grep -v github.com/sipeed/picoclaw/web/) @cd web && make test ## fmt: Format Go code @@ -236,11 +237,11 @@ fmt: ## lint: Run linters lint: - @$(GOLANGCI_LINT) run + @CGO_ENABLED=0 $(GOLANGCI_LINT) run --build-tags $(GO_BUILD_TAGS) ## fix: Fix linting issues fix: - @$(GOLANGCI_LINT) run --fix + @CGO_ENABLED=0 $(GOLANGCI_LINT) run --fix --build-tags $(GO_BUILD_TAGS) ## deps: Download dependencies deps: diff --git a/pkg/channels/matrix/matrix.go b/pkg/channels/matrix/matrix.go index 07f9c80fa..50b86158d 100644 --- a/pkg/channels/matrix/matrix.go +++ b/pkg/channels/matrix/matrix.go @@ -193,7 +193,11 @@ type MatrixChannel struct { cryptoDbPath string } -func NewMatrixChannel(cfg config.MatrixConfig, messageBus *bus.MessageBus, cryptoDatabasePath string) (*MatrixChannel, error) { +func NewMatrixChannel( + cfg config.MatrixConfig, + messageBus *bus.MessageBus, + cryptoDatabasePath string, +) (*MatrixChannel, error) { homeserver := strings.TrimSpace(cfg.Homeserver) userID := strings.TrimSpace(cfg.UserID) accessToken := strings.TrimSpace(cfg.AccessToken()) @@ -253,9 +257,13 @@ func (c *MatrixChannel) Start(ctx context.Context) error { // Initialize crypto helper if database and passphrase are configured if c.cryptoDbPath != "" && c.config.CryptoPassphrase != "" { if err := c.initCrypto(ctx); err != nil { - logger.WarnCF("matrix", "Failed to initialize crypto, continuing without encryption support", map[string]any{ - "error": err.Error(), - }) + logger.WarnCF( + "matrix", + "Failed to initialize crypto, continuing without encryption support", + map[string]any{ + "error": err.Error(), + }, + ) } } @@ -345,10 +353,10 @@ func (c *MatrixChannel) initCrypto(ctx context.Context) error { } if c.client.DeviceID == "" { - resp, err := c.client.Whoami(ctx) - if err != nil { + resp, whoamiErr := c.client.Whoami(ctx) + if whoamiErr != nil { _ = db.Close() - return fmt.Errorf("get device ID via whoami: %w", err) + return fmt.Errorf("get device ID via whoami: %w", whoamiErr) } c.client.DeviceID = resp.DeviceID } diff --git a/pkg/config/config.go b/pkg/config/config.go index 52fe2400a..b46432c2c 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -591,20 +591,20 @@ func (c *SlackConfig) SetAppToken(token string) { } type MatrixConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_MATRIX_ENABLED"` - Homeserver string `json:"homeserver" env:"PICOCLAW_CHANNELS_MATRIX_HOMESERVER"` - UserID string `json:"user_id" env:"PICOCLAW_CHANNELS_MATRIX_USER_ID"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_MATRIX_ENABLED"` + Homeserver string `json:"homeserver" env:"PICOCLAW_CHANNELS_MATRIX_HOMESERVER"` + UserID string `json:"user_id" env:"PICOCLAW_CHANNELS_MATRIX_USER_ID"` accessToken string - DeviceID string `json:"device_id,omitempty" env:"PICOCLAW_CHANNELS_MATRIX_DEVICE_ID"` - JoinOnInvite bool `json:"join_on_invite" env:"PICOCLAW_CHANNELS_MATRIX_JOIN_ON_INVITE"` - MessageFormat string `json:"message_format,omitempty" env:"PICOCLAW_CHANNELS_MATRIX_MESSAGE_FORMAT"` - AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_MATRIX_ALLOW_FROM"` + DeviceID string `json:"device_id,omitempty" env:"PICOCLAW_CHANNELS_MATRIX_DEVICE_ID"` + JoinOnInvite bool `json:"join_on_invite" env:"PICOCLAW_CHANNELS_MATRIX_JOIN_ON_INVITE"` + MessageFormat string `json:"message_format,omitempty" env:"PICOCLAW_CHANNELS_MATRIX_MESSAGE_FORMAT"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_MATRIX_ALLOW_FROM"` GroupTrigger GroupTriggerConfig `json:"group_trigger,omitempty"` Placeholder PlaceholderConfig `json:"placeholder,omitempty"` - ReasoningChannelID string `json:"reasoning_channel_id" env:"PICOCLAW_CHANNELS_MATRIX_REASONING_CHANNEL_ID"` + ReasoningChannelID string `json:"reasoning_channel_id" env:"PICOCLAW_CHANNELS_MATRIX_REASONING_CHANNEL_ID"` secDirty bool CryptoDatabasePath string `json:"crypto_database_path,omitempty" env:"PICOCLAW_CHANNELS_MATRIX_CRYPTO_DATABASE_PATH"` - CryptoPassphrase string `json:"crypto_passphrase,omitempty" env:"PICOCLAW_CHANNELS_MATRIX_CRYPTO_PASSPHRASE"` + CryptoPassphrase string `json:"crypto_passphrase,omitempty" env:"PICOCLAW_CHANNELS_MATRIX_CRYPTO_PASSPHRASE"` } // AccessToken returns the Matrix access token