taiars/nora
1
0
Fork 0
mirror of https://github.com/getnora-io/nora.git synced 2026-04-12 23:10:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: proxy dedup, multi-registry GC, TOCTOU and credential hygiene (#83)

Browse Source 
- Deduplicate proxy_fetch/proxy_fetch_text into generic proxy_fetch_core
  with response extractor closure (removes ~50 lines of copy-paste)
- GC now scans all registry prefixes, not just docker/
- Add tracing::warn to fire-and-forget cache writes in docker proxy
- Mark S3 credentials as skip_serializing to prevent accidental leaks
- Remove TOCTOU race in LocalStorage get/delete (redundant exists check)
This commit is contained in:
DevITWay | Pavel Volkov
2026-04-02 15:56:54 +03:00
committed by GitHub
parent 7d8116034a
commit 35a9e34a3e
5 changed files with 57 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
nora-registry/src/registry/docker.rs
View File

@@ -284,7 +284,9 @@ async fn download_blob(
let key_clone = key.clone();
let data_clone = data.clone();
tokio::spawn(async move {
let _ = storage.put(&key_clone, &data_clone).await;
if let Err(e) = storage.put(&key_clone, &data_clone).await {
tracing::warn!(key = %key_clone, error = %e, "Failed to cache blob in storage");
}
});
return (
@@ -687,7 +689,9 @@ async fn get_manifest(
let key_clone = key.clone();
let data_clone = data.clone();
tokio::spawn(async move {
let _ = storage.put(&key_clone, &data_clone).await;
if let Err(e) = storage.put(&key_clone, &data_clone).await {
tracing::warn!(key = %key_clone, error = %e, "Failed to cache blob in storage");
}
});
state.repo_index.invalidate("docker");