Skip to content

V6.0#342

Merged
Noah231515 merged 124 commits into
mainfrom
v6.0
Feb 2, 2025
Merged

V6.0#342
Noah231515 merged 124 commits into
mainfrom
v6.0

Conversation

@Noah231515
Copy link
Copy Markdown
Member

@Noah231515 Noah231515 commented Feb 2, 2025

Merge v6.0 into main

root and others added 30 commits December 12, 2024 04:34
add asynq
b7cd491
add tasks, connect
e9c7827
setup redis config
cb4fb48
fix format
65dabae
add worker
238f055
update gitignore
66e2721
update
9b19bc7
run http server and asynq worker in separate goroutines
87d9ed0
get a task running
f90f1aa
@Noah231515
Merge pull request #324 from Receipt-Wrangler/task/add-asynq-shell
cfcc8ad 
Task/add asynq shell
move quick scan to use asynq queue
b046991
update swagger
76760b9
add air
9c486c7
add logging
9104bd4
refactor quick scan to pick up file from tmp directory, and delete it…
2829df5 
… upon success
switch to crypto rand
d450853
@Noah231515
Merge pull request #326 from Receipt-Wrangler/feature/quick-scan-async
d33f460 
Feature/quick scan async
start up and shutdown scheduler
8af3af9
move router construction to separate package
a95fab4
move things around and get email poll set up
7044a26
clean up circular dependencies
dd88637
clean up left over broken imports
58ffff6
set up process handler
f919566
enqueue tasks instead of do tasks
e918481
fix errors, and start
b4a0b88
implement file cleanup
45a7a9b
call cleanup
f8f86e5
remove asynq task idon system settings
1081829
fix delete
ffa2944
update log to add in where it was called from
a374b0f
Noah231515 and others added 27 commits January 24, 2025 16:37
fix error response not being added
d39fc8d
add groupId to system task
fa79b66
populate group id in system tasks
c2d204f
populate group id in system tasks pt. 2
09d61e0
add receipt id
5ad7ade
remove meta combine quick scan
2af6075
remove meta associate to receipt
912794f
refactor query
008e027
associate top level system task back to receipt if successful and fil…
bc16043 
…ter out receipt uploaded by email
update swagger
2bd57e1
update poll task to take a payload and refactor poll single group to …
2ec5fdb 
…take a payload
make err message more generic
a75bdcb
update system task receipt and group on create
c90dc9e
make rerun more generic
13a50d7
fixes email processor to generate system tasks when failing
132a074
email upload rerun
6743914
@Noah231515
Merge pull request #337 from Receipt-Wrangler/enhancements/rc2-fixes
dbac53d 
Enhancements/rc2 fixes
mk temp dir before test
85593d1
tidy
6036b18
bump package versions
a9fef70
tidy again
4fe0957
remove repo add
971a82b
comment...
18a934d
removing error
f2464c1
create system task on duplicate
b27903c
move duplicate to service
17ab402
@Noah231515
Merge pull request #341 from Receipt-Wrangler/bugfix/misc-fixes
244cf92 
Bugfix/misc fixes
github-advanced-security[bot]
github-advanced-security AI found potential problems Feb 2, 2025
View reviewed changes
Comment thread internal/handlers/receipts.go
if err != nil {
results <- models.Receipt{}
}
fileBytes := make([]byte, quickScanCommand.FileHeaders[i].Size)

Check failure

Code scanning / CodeQL

Slice memory allocation with excessive size value

This memory allocation depends on a [user-provided value](1).

Copilot Autofix

AI over 1 year ago

To fix the problem, we need to implement a maximum allowed value for the size allocations with the make function to prevent excessively large allocations. This can be done by adding a check to ensure that the size does not exceed a predefined maximum value before allocating memory.

  1. Define a constant for the maximum allowed file size.
  2. Add a check before the make function to ensure that the file size does not exceed this maximum value.
  3. Return an appropriate error response if the file size exceeds the maximum allowed value.
Suggested changeset 1
internal/handlers/receipts.go

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/internal/handlers/receipts.go b/internal/handlers/receipts.go
--- a/internal/handlers/receipts.go
+++ b/internal/handlers/receipts.go
@@ -214,3 +214,7 @@
 			token := structs.GetJWT(r)
+			const MaxFileSize = 10 * 1024 * 1024 // 10 MB
 			for i := 0; i < len(quickScanCommand.Files); i++ {
+				if quickScanCommand.FileHeaders[i].Size > MaxFileSize {
+					return http.StatusBadRequest, fmt.Errorf("file size exceeds the maximum allowed limit of %d bytes", MaxFileSize)
+				}
 				fileBytes := make([]byte, quickScanCommand.FileHeaders[i].Size)
EOF
@@ -214,3 +214,7 @@
token := structs.GetJWT(r)
const MaxFileSize = 10 * 1024 * 1024 // 10 MB
for i := 0; i < len(quickScanCommand.Files); i++ {
if quickScanCommand.FileHeaders[i].Size > MaxFileSize {
return http.StatusBadRequest, fmt.Errorf("file size exceeds the maximum allowed limit of %d bytes", MaxFileSize)
}
fileBytes := make([]byte, quickScanCommand.FileHeaders[i].Size)
Copilot is powered by AI and may make mistakes. Always verify output.
@Noah231515 Noah231515 merged commit 2a18b7e into main Feb 2, 2025
@Noah231515 Noah231515 deleted the v6.0 branch February 2, 2025 19:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Noah231515 @github-advanced-security