A safe MkdirAll implementation

.github/workflows/ci.yml

@@ -11,16 +11,52 @@ on:
  - cron: "30 10 * * 0"
 
 jobs:
- test:
+ test-windows:
+ strategy:
+ fail-fast: false
+ matrix:
+ go-version:
+ - "1.21"
+ - "1.22"
+ - "^1"
+ runs-on: windows-latest
+ steps:
+ - uses: actions/checkout@v3
+ - uses: actions/setup-go@v4
+ with:
+ go-version: ${{ matrix.go-version }}
+ - name: mkdir gocoverdir
+ run: |
+ # mktemp --tmpdir -d gocoverdir.XXXXXXXX
+ function New-TemporaryDirectory {
+ param (
+ [string] $Prefix
+ )
+ $parent = [System.IO.Path]::GetTempPath()
+ do {
+ [string] $guid = [System.Guid]::NewGuid()
+ $item = New-Item -Path "$parent" -Name "$Prefix.$guid" -ItemType "directory" -ErrorAction SilentlyContinue
+ } while (-not "$item")
+ return $item.FullName
+ }
+ $GOCOVERDIR = (New-TemporaryDirectory -Prefix "gocoverdir")
+ echo "GOCOVERDIR=$GOCOVERDIR" >>"$env:GITHUB_ENV"
+ - name: unit tests
+ run: go test -v -cover '-test.gocoverdir' "$env:GOCOVERDIR" ./...
+ - name: upload coverage
+ uses: actions/upload-artifact@v4
+ with:
+ name: coverage-${{ runner.os }}-${{ github.job }}-${{ strategy.job-index }}
+ path: ${{ env.GOCOVERDIR }}
+
+ test-unix-short:
  strategy:
  fail-fast: false
  matrix:
  os:
  - ubuntu-latest
  - macos-latest
- - windows-latest
  go-version:
- - "1.14"
  - "1.21"
  - "1.22"
  - "^1"
@@ -34,5 +70,67 @@ jobs:
  - uses: actions/setup-go@v4
  with:
  go-version: ${{ matrix.go-version }}
+ - name: mkdir gocoverdir
+ run: |
+ GOCOVERDIR="$(mktemp --tmpdir -d gocoverdir.XXXXXXXX)"
+ echo "GOCOVERDIR=$GOCOVERDIR" >>"$GITHUB_ENV"
  - name: unit tests
- run: go test -v -cover ./...
+ run: |
+ go test -short -v -cover -test.gocoverdir="$GOCOVERDIR" ./...
+ sudo go test -short -v -cover -test.gocoverdir="$GOCOVERDIR" ./...
+ - name: upload coverage
+ uses: actions/upload-artifact@v4
+ with:
+ name: coverage-${{ runner.os }}-${{ github.job }}-${{ strategy.job-index }}
+ path: ${{ env.GOCOVERDIR }}
+
+ test-linux-stress:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v3
+ - uses: actions/setup-go@v4
+ with:
+ go-version: "^1"
+ - name: stress test race protections
+ run: |
+ sudo go test -timeout 1h -v -cover -run 'Test.*Racing' ./...
+
+ coverage:
+ runs-on: ubuntu-latest
+ needs:
+ - test-windows
+ - test-unix-short
+ steps:
+ - uses: actions/checkout@v3
+ - uses: actions/setup-go@v4
+ with:
+ go-version: "^1"
+ - name: download all coverage
+ uses: actions/download-artifact@v4
+ with:
+ path: coverage
+ - name: generate coverage list
+ run: |
+ find coverage/
+ GOCOVERDIRS="$(printf '%s,' coverage/* | sed 's|,$||')"
+ echo "GOCOVERDIRS=$GOCOVERDIRS" >>"$GITHUB_ENV"
+ FULLCOVERAGE_FILE="$(mktemp --tmpdir fullcoverage.XXXXXXXX)"
+ echo "FULLCOVERAGE_FILE=$FULLCOVERAGE_FILE" >>"$GITHUB_ENV"
+ - name: compute coverage
+ run: go tool covdata percent -i "$GOCOVERDIRS"
+ - name: compute func coverage
+ run: go tool covdata func -i "$GOCOVERDIRS" | sort -k 3gr
+ - name: merge coverage
+ run: |
+ go tool covdata textfmt -i "$GOCOVERDIRS" -o "$FULLCOVERAGE_FILE"
+ go tool cover -html="$FULLCOVERAGE_FILE" -o "$FULLCOVERAGE_FILE.html"
+ - name: upload merged coverage
+ uses: actions/upload-artifact@v4
+ with:
+ name: fullcoverage-${{ github.job }}
+ path: ${{ env.FULLCOVERAGE_FILE }}
+ - name: upload coverage html
+ uses: actions/upload-artifact@v4
+ with:
+ name: fullcoverage-${{ github.job }}.html
+ path: ${{ env.FULLCOVERAGE_FILE }}.html

go.mod

@@ -1,3 +1,14 @@
 module github.com/cyphar/filepath-securejoin
 
-go 1.13
+go 1.20
+
+require (
+ github.com/stretchr/testify v1.9.0
+ golang.org/x/sys v0.21.0
+)
+
+require (
+ github.com/davecgh/go-spew v1.1.1 // indirect
+ github.com/pmezard/go-difflib v1.0.0 // indirect
+ gopkg.in/yaml.v3 v3.0.1 // indirect
+)

go.sum

@@ -0,0 +1,12 @@
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
+github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws=
+golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=