From 8d62eca9ab84e480d67b4354c1c91d7cf7418ae3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 30 May 2026 07:52:09 +0000 Subject: [PATCH 1/4] chore(deps): update module golang.org/x/net to v0.55.0 [security] --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index a975215..b646d54 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/gin-gonic/gin v1.12.0 github.com/google/uuid v1.6.0 github.com/oapi-codegen/runtime v1.4.0 - golang.org/x/net v0.54.0 + golang.org/x/net v0.55.0 gorm.io/driver/postgres v1.6.0 gorm.io/driver/sqlite v1.6.0 gorm.io/gorm v1.31.1 From 7953dfc3ed862aad38269fe3f0dee53d661a85cc Mon Sep 17 00:00:00 2001 From: Pierre-Olivier Mercier Date: Wed, 3 Jun 2026 23:06:10 +0900 Subject: [PATCH 2/4] analyzer: strip resolver address from DNS lookup error messages Wrap user-facing lookup errors through a new formatDNSError helper that clears net.DNSError.Server so the " on " suffix no longer leaks the upstream resolver (e.g. "on 127.0.0.11:53") to end users. Closes: https://framagit.org/happyDomain/happydeliver/-/work_items/2 --- pkg/analyzer/dns_bimi.go | 2 +- pkg/analyzer/dns_dkim.go | 2 +- pkg/analyzer/dns_dmarc.go | 2 +- pkg/analyzer/dns_mx.go | 2 +- pkg/analyzer/dns_resolver.go | 13 +++++++++++++ pkg/analyzer/dns_spf.go | 2 +- 6 files changed, 18 insertions(+), 5 deletions(-) diff --git a/pkg/analyzer/dns_bimi.go b/pkg/analyzer/dns_bimi.go index 223bfdc..b037978 100644 --- a/pkg/analyzer/dns_bimi.go +++ b/pkg/analyzer/dns_bimi.go @@ -45,7 +45,7 @@ func (d *DNSAnalyzer) checkBIMIRecord(domain, selector string) *model.BIMIRecord Selector: selector, Domain: domain, Valid: false, - Error: utils.PtrTo(fmt.Sprintf("Failed to lookup BIMI record: %v", err)), + Error: utils.PtrTo(fmt.Sprintf("Failed to lookup BIMI record: %s", formatDNSError(err))), } } diff --git a/pkg/analyzer/dns_dkim.go b/pkg/analyzer/dns_dkim.go index 115e347..5708d1c 100644 --- a/pkg/analyzer/dns_dkim.go +++ b/pkg/analyzer/dns_dkim.go @@ -122,7 +122,7 @@ func (d *DNSAnalyzer) checkDKIMRecord(h DKIMHeader) *model.DKIMRecord { Domain: h.Domain, SigningAlgorithm: signingAlgorithmPtr(h.Algorithm), Valid: false, - Error: utils.PtrTo(fmt.Sprintf("Failed to lookup DKIM record: %v", err)), + Error: utils.PtrTo(fmt.Sprintf("Failed to lookup DKIM record: %s", formatDNSError(err))), } } diff --git a/pkg/analyzer/dns_dmarc.go b/pkg/analyzer/dns_dmarc.go index b89500b..20058b2 100644 --- a/pkg/analyzer/dns_dmarc.go +++ b/pkg/analyzer/dns_dmarc.go @@ -193,7 +193,7 @@ func (d *DNSAnalyzer) checkDMARCRecord(domain string) *model.DMARCRecord { if err != nil { return &model.DMARCRecord{ Valid: false, - Error: utils.PtrTo(fmt.Sprintf("Failed to lookup DMARC record: %v", err)), + Error: utils.PtrTo(fmt.Sprintf("Failed to lookup DMARC record: %s", formatDNSError(err))), } } if foundDomain == "" { diff --git a/pkg/analyzer/dns_mx.go b/pkg/analyzer/dns_mx.go index c48c9a4..51c9eca 100644 --- a/pkg/analyzer/dns_mx.go +++ b/pkg/analyzer/dns_mx.go @@ -39,7 +39,7 @@ func (d *DNSAnalyzer) checkMXRecords(domain string) *[]model.MXRecord { return &[]model.MXRecord{ { Valid: false, - Error: utils.PtrTo(fmt.Sprintf("Failed to lookup MX records: %v", err)), + Error: utils.PtrTo(fmt.Sprintf("Failed to lookup MX records: %s", formatDNSError(err))), }, } } diff --git a/pkg/analyzer/dns_resolver.go b/pkg/analyzer/dns_resolver.go index f60484f..266078e 100644 --- a/pkg/analyzer/dns_resolver.go +++ b/pkg/analyzer/dns_resolver.go @@ -23,9 +23,22 @@ package analyzer import ( "context" + "errors" "net" ) +// formatDNSError renders a resolution error without exposing the upstream +// resolver address that net.DNSError.Error() normally appends as " on ". +func formatDNSError(err error) string { + var dnsErr *net.DNSError + if errors.As(err, &dnsErr) { + sanitized := *dnsErr + sanitized.Server = "" + return sanitized.Error() + } + return err.Error() +} + // DNSResolver defines the interface for DNS resolution operations. // This interface abstracts DNS lookups to allow for custom implementations, // such as mock resolvers for testing or caching resolvers for performance. diff --git a/pkg/analyzer/dns_spf.go b/pkg/analyzer/dns_spf.go index ccb1674..5628986 100644 --- a/pkg/analyzer/dns_spf.go +++ b/pkg/analyzer/dns_spf.go @@ -67,7 +67,7 @@ func (d *DNSAnalyzer) resolveSPFRecords(domain string, visited map[string]bool, { Domain: &domain, Valid: false, - Error: utils.PtrTo(fmt.Sprintf("Failed to lookup TXT records: %v", err)), + Error: utils.PtrTo(fmt.Sprintf("Failed to lookup TXT records: %s", formatDNSError(err))), }, } } From 96c3a6ea0da0bba0f67605c840848f050779246f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 30 May 2026 07:51:46 +0000 Subject: [PATCH 3/4] chore(deps): update module github.com/jackc/pgx/v5 to v5.9.2 [security] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index a975215..85e6e04 100644 --- a/go.mod +++ b/go.mod @@ -36,7 +36,7 @@ require ( github.com/goccy/go-yaml v1.19.2 // indirect github.com/jackc/pgpassfile v1.0.0 // indirect github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect - github.com/jackc/pgx/v5 v5.8.0 // indirect + github.com/jackc/pgx/v5 v5.9.2 // indirect github.com/jackc/puddle/v2 v2.2.2 // indirect github.com/jinzhu/inflection v1.0.0 // indirect github.com/jinzhu/now v1.1.5 // indirect diff --git a/go.sum b/go.sum index f4c8d28..f7a56d3 100644 --- a/go.sum +++ b/go.sum @@ -93,8 +93,8 @@ github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsI github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg= github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 h1:iCEnooe7UlwOQYpKFhBabPMi4aNAfoODPEFNiAnClxo= github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM= -github.com/jackc/pgx/v5 v5.8.0 h1:TYPDoleBBme0xGSAX3/+NujXXtpZn9HBONkQC7IEZSo= -github.com/jackc/pgx/v5 v5.8.0/go.mod h1:QVeDInX2m9VyzvNeiCJVjCkNFqzsNb43204HshNSZKw= +github.com/jackc/pgx/v5 v5.9.2 h1:3ZhOzMWnR4yJ+RW1XImIPsD1aNSz4T4fyP7zlQb56hw= +github.com/jackc/pgx/v5 v5.9.2/go.mod h1:mal1tBGAFfLHvZzaYh77YS/eC6IX9OWbRV1QIIM0Jn4= github.com/jackc/puddle/v2 v2.2.2 h1:PR8nw+E/1w0GLuRFSmiioY6UooMp6KJv0/61nB7icHo= github.com/jackc/puddle/v2 v2.2.2/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4= github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E= From 9aa3718abd16aaef5dd5b5c3ca3b7ce9486dcfb1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 3 Jun 2026 15:06:48 +0000 Subject: [PATCH 4/4] chore(deps): update module golang.org/x/net to v0.55.0 [security] --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 85e6e04..c7b19bf 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/gin-gonic/gin v1.12.0 github.com/google/uuid v1.6.0 github.com/oapi-codegen/runtime v1.4.0 - golang.org/x/net v0.54.0 + golang.org/x/net v0.55.0 gorm.io/driver/postgres v1.6.0 gorm.io/driver/sqlite v1.6.0 gorm.io/gorm v1.31.1