alexei.dolgolyov/tiny-forge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: address volume scopes review findings

Browse Source 
- CRITICAL: validate volume Name against path traversal (safe regex)
- HIGH: log data migration errors instead of silently ignoring
- HIGH: reject empty source when switching from ephemeral scope
This commit is contained in:
Admin
2026-03-31 23:31:27 +03:00
parent 8fb959f81f
commit bb2729ad12
2 changed files with 24 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/store/store.go
+11 -4
View File
@@ -116,10 +116,17 @@ func (s *Store) runMigrations() error {
}
// Data migration: copy mode→scope for volumes that have scope still empty.
// shared→project, isolated→instance.
_, _ = s.db.Exec(`UPDATE volumes SET scope = 'project' WHERE scope = '' AND mode = 'shared'`)
_, _ = s.db.Exec(`UPDATE volumes SET scope = 'instance' WHERE scope = '' AND mode = 'isolated'`)
_, _ = s.db.Exec(`UPDATE volumes SET scope = 'project' WHERE scope = '' AND mode = ''`)
// shared→project, isolated→instance. Log errors but don't fail startup.
dataMigrations := []struct{ query, desc string }{
{`UPDATE volumes SET scope = 'project' WHERE scope = '' AND mode = 'shared'`, "migrate shared→project"},
{`UPDATE volumes SET scope = 'instance' WHERE scope = '' AND mode = 'isolated'`, "migrate isolated→instance"},
{`UPDATE volumes SET scope = 'project' WHERE scope = '' AND mode = ''`, "migrate empty→project"},
}
for _, dm := range dataMigrations {
if _, err := s.db.Exec(dm.query); err != nil {
fmt.Printf("volume scope migration warning (%s): %v\n", dm.desc, err)
}
}
return nil
}