mirror of
https://github.com/umputun/reproxy.git
synced 2026-06-03 18:45:19 +02:00
Umputun
d311e7aef2
* docs: add plan for critical and major audit findings * fix: dedup consul services with multiple reproxy tags * fix: release plugin lock before blocking RPC call * fix: guard mappersCache against concurrent map write * fix: close health-ping response body * docs: document only-from header trust assumption * fix: bound discovery shutdown and stop signal goroutine leak on run() return cancel the discovery context on every run() return path and await a bounded discoveryDone before exit so provider watcher goroutines don't outlive run. register signal.Stop and a catch-all defer cancel so the signal goroutine can't leak across run() calls. * fix: make docker and consul event sends cancellation-aware the provider watcher goroutines did a bare send on the events channel, so on shutdown a producer blocked mid-send (once the consumer stopped on ctx cancel) could leak. guard both sends with a select on ctx.Done so the discovery shutdown wait can't be left hanging on a stuck producer. * test: cover plugin lock-release and discovery shutdown; fix Middleware godoc - add TestConductor_MiddlewareReleasesLockDuringCall: a blocking plugin RPC, asserting a write-lock op succeeds while the call is in flight (proves the read lock is released before the RPC, not held across it) - assert run() returns well under the 5s shutdown bound on the error path, proving discovery's ctx is cancelled before the wait - correct Conductor.Middleware godoc: a call error returns HTTP 500 and stops the chain, a reply status >= 400 stops with that status * docs: move audit-findings plan to completed