tenseleyflow/shithub / fa6f995

Browse files

gofumpt sweep — formatter now runs in CI

Authored by espadonne
SHA
fa6f9955b97d49b87f516b4667b7c97a70f75843
Parents
09760ad
Tree
f32bc5c

70 changed files

StatusFile+-
M cmd/shithubd/hook.go 14 15
M cmd/shithubd/ssh.go 4 2
M internal/auth/audit/audit.go 42 42
M internal/auth/policy/adapters.go 0 1
M internal/auth/policy/policy_test.go 3 4
M internal/auth/reserved.go 2 2
M internal/checks/checks.go 9 9
M internal/checks/checks_test.go 4 4
M internal/checks/create.go 3 3
M internal/checks/required_eval.go 4 4
M internal/checks/suite_rollup_test.go 4 4
M internal/git/protocol/ssh_dispatch_test.go 2 1
M internal/issues/notif_emit.go 2 1
M internal/issues/references.go 4 4
M internal/issues/references_test.go 0 1
M internal/markdown/extensions/emoji.go 90 90
M internal/markdown/extensions/extensions.go 23 23
M internal/markdown/markdown_test.go 2 2
M internal/notif/email.go 2 1
M internal/notif/emit.go 2 2
M internal/notif/fanout_test.go 5 4
M internal/notif/notif.go 7 7
M internal/notif/routing.go 4 4
M internal/orgs/create.go 9 9
M internal/orgs/hard_delete.go 2 1
M internal/orgs/invitations.go 7 7
M internal/pulls/merge.go 0 1
M internal/pulls/pulls.go 7 7
M internal/pulls/review/request.go 2 1
M internal/pulls/review/review_test.go 9 9
M internal/pulls/review/submit.go 3 3
M internal/repos/diff/parse/parse.go 4 4
M internal/repos/diff/render/render.go 4 2
M internal/repos/diff/source/source.go 6 3
M internal/repos/fork/fork.go 13 13
M internal/repos/git/branchops.go 2 1
M internal/repos/git/logops.go 10 9
M internal/repos/git/mergeops.go 10 5
M internal/repos/git/plumbing.go 2 1
M internal/repos/lifecycle/hard_delete.go 0 1
M internal/repos/lifecycle/transfer.go 14 14
M internal/repos/protection/protection.go 4 5
M internal/search/query_parse.go 2 2
M internal/search/search_test.go 4 2
M internal/social/social.go 2 2
M internal/web/handlers/api/checks.go 4 4
M internal/web/handlers/api/stars.go 0 1
M internal/web/handlers/auth/auth_test.go 2 1
M internal/web/handlers/auth/avatar.go 2 1
M internal/web/handlers/auth/danger_test.go 2 1
M internal/web/handlers/auth/tokens_test.go 2 1
M internal/web/handlers/orgs/orgs.go 9 9
M internal/web/handlers/orgs/teams.go 7 4
M internal/web/handlers/repo/branches.go 19 19
M internal/web/handlers/repo/code.go 8 8
M internal/web/handlers/repo/fork.go 2 2
M internal/web/handlers/repo/issues.go 2 1
M internal/web/handlers/repo/lifecycle.go 3 3
M internal/web/handlers/repo/pulls.go 9 8
M internal/web/handlers/repo/repo.go 3 3
M internal/web/handlers/repo/settings_branches.go 21 21
M internal/web/handlers/repo/webhooks.go 1 1
M internal/webhook/deliver.go 0 1
M internal/webhook/fanout.go 13 13
M internal/webhook/jobs.go 3 3
M internal/webhook/manage.go 4 4
M internal/webhook/ssrf_test.go 4 4
M internal/worker/jobs/push_process.go 1 2
M internal/worker/jobs/repo_index_reconcile.go 2 1
M internal/worker/pool.go 2 1
cmd/shithubd/hook.gomodified
@@ -146,13 +146,13 @@ type hookCtx struct {
146
 	pool   *pgxpool.Pool
146
 	pool   *pgxpool.Pool
147
 	logger *slog.Logger
147
 	logger *slog.Logger
148
148
149
-	userID     int64
149
+	userID    int64
150
-	username   string
150
+	username  string
151
-	repoID     int64
151
+	repoID    int64
152
-	repoFull   string
152
+	repoFull  string
153
-	protocol   string
153
+	protocol  string
154
-	remoteIP   string
154
+	remoteIP  string
155
-	requestID  string
155
+	requestID string
156
 }
156
 }
157
157
158
 func loadHookCtx(ctx context.Context) (*hookCtx, error) {
158
 func loadHookCtx(ctx context.Context) (*hookCtx, error) {
@@ -297,13 +297,13 @@ func postReceiveEnqueue(ctx context.Context, h *hookCtx, refs []refUpdate) error
297
 	}
297
 	}
298
 	for _, r := range refs {
298
 	for _, r := range refs {
299
 		event, err := wq.InsertPushEvent(ctx, tx, workerdb.InsertPushEventParams{
299
 		event, err := wq.InsertPushEvent(ctx, tx, workerdb.InsertPushEventParams{
300
-			RepoID:        h.repoID,
300
+			RepoID:       h.repoID,
301
-			BeforeSha:     r.before,
301
+			BeforeSha:    r.before,
302
-			AfterSha:      r.after,
302
+			AfterSha:     r.after,
303
-			Ref:           r.ref,
303
+			Ref:          r.ref,
304
-			Protocol:      protocol,
304
+			Protocol:     protocol,
305
-			PusherUserID:  pgtype.Int8{Int64: h.userID, Valid: h.userID != 0},
305
+			PusherUserID: pgtype.Int8{Int64: h.userID, Valid: h.userID != 0},
306
-			RequestID:     pgtype.Text{String: h.requestID, Valid: h.requestID != ""},
306
+			RequestID:    pgtype.Text{String: h.requestID, Valid: h.requestID != ""},
307
 		})
307
 		})
308
 		if err != nil {
308
 		if err != nil {
309
 			return fmt.Errorf("insert push_event: %w", err)
309
 			return fmt.Errorf("insert push_event: %w", err)
@@ -381,4 +381,3 @@ func init() {
381
 	rootCmd.AddCommand(hookCmd)
381
 	rootCmd.AddCommand(hookCmd)
382
 	rootCmd.AddCommand(hooksParentCmd)
382
 	rootCmd.AddCommand(hooksParentCmd)
383
 }
383
 }
384
-
cmd/shithubd/ssh.gomodified
@@ -156,7 +156,8 @@ var sshShellCmd = &cobra.Command{
156
 		if dispatchErr != nil {
156
 		if dispatchErr != nil {
157
 			pool.Close()
157
 			pool.Close()
158
 			_, _ = fmt.Fprintln(cmd.ErrOrStderr(), protocol.FriendlyMessageFor(dispatchErr, ""))
158
 			_, _ = fmt.Fprintln(cmd.ErrOrStderr(), protocol.FriendlyMessageFor(dispatchErr, ""))
159
-			logger.WarnContext(ctx, "ssh-shell: denied",
159
+			logger.WarnContext(
160
+				ctx, "ssh-shell: denied",
160
 				"user_id", userID,
161
 				"user_id", userID,
161
 				"original", original,
162
 				"original", original,
162
 				"remote_ip", remoteIP,
163
 				"remote_ip", remoteIP,
@@ -164,7 +165,8 @@ var sshShellCmd = &cobra.Command{
164
 			)
165
 			)
165
 			return dispatchErr
166
 			return dispatchErr
166
 		}
167
 		}
167
-		logger.InfoContext(ctx, "ssh-shell: dispatch",
168
+		logger.InfoContext(
169
+			ctx, "ssh-shell: dispatch",
168
 			"user_id", userID,
170
 			"user_id", userID,
169
 			"op", string(parsed.Service),
171
 			"op", string(parsed.Service),
170
 			"owner", parsed.Owner,
172
 			"owner", parsed.Owner,
internal/auth/audit/audit.gomodified
@@ -29,48 +29,48 @@ type DBTX = usersdb.DBTX
29
 type Action string
29
 type Action string
30
 
30
 
31
 const (
31
 const (
32
-	Action2FAEnabled           Action = "2fa_enabled"
32
+	Action2FAEnabled            Action = "2fa_enabled"
33
-	Action2FADisabled          Action = "2fa_disabled"
33
+	Action2FADisabled           Action = "2fa_disabled"
34
-	ActionRecoveryCodesIssued  Action = "recovery_codes_issued"
34
+	ActionRecoveryCodesIssued   Action = "recovery_codes_issued"
35
-	ActionRecoveryCodeUsed     Action = "recovery_code_used"
35
+	ActionRecoveryCodeUsed      Action = "recovery_code_used"
36
-	ActionRecoveryRegenerated  Action = "recovery_codes_regenerated"
36
+	ActionRecoveryRegenerated   Action = "recovery_codes_regenerated"
37
-	ActionAdminCleared2FA      Action = "admin_cleared_2fa"
37
+	ActionAdminCleared2FA       Action = "admin_cleared_2fa"
38
-	ActionPasswordChanged      Action = "password_changed"
38
+	ActionPasswordChanged       Action = "password_changed"
39
-	ActionPasswordReset        Action = "password_reset_consumed"
39
+	ActionPasswordReset         Action = "password_reset_consumed"
40
-	ActionLoginSucceeded       Action = "login_succeeded"
40
+	ActionLoginSucceeded        Action = "login_succeeded"
41
-	ActionLoginFailedThrottled Action = "login_failed_throttled"
41
+	ActionLoginFailedThrottled  Action = "login_failed_throttled"
42
-	ActionAccountSuspended     Action = "account_suspended"
42
+	ActionAccountSuspended      Action = "account_suspended"
43
-	ActionSSHKeyAdded          Action = "ssh_key_added"
43
+	ActionSSHKeyAdded           Action = "ssh_key_added"
44
-	ActionSSHKeyDeleted        Action = "ssh_key_deleted"
44
+	ActionSSHKeyDeleted         Action = "ssh_key_deleted"
45
-	ActionPATCreated           Action = "pat_created"
45
+	ActionPATCreated            Action = "pat_created"
46
-	ActionPATRevoked           Action = "pat_revoked"
46
+	ActionPATRevoked            Action = "pat_revoked"
47
-	ActionUsernameChanged      Action = "username_changed"
47
+	ActionUsernameChanged       Action = "username_changed"
48
-	ActionAccountDeleted       Action = "account_deleted"
48
+	ActionAccountDeleted        Action = "account_deleted"
49
-	ActionAccountRestored      Action = "account_restored"
49
+	ActionAccountRestored       Action = "account_restored"
50
-	ActionRepoCreated            Action = "repo_created"
50
+	ActionRepoCreated           Action = "repo_created"
51
-	ActionRepoRenamed            Action = "repo_renamed"
51
+	ActionRepoRenamed           Action = "repo_renamed"
52
-	ActionRepoArchived           Action = "repo_archived"
52
+	ActionRepoArchived          Action = "repo_archived"
53
-	ActionRepoUnarchived         Action = "repo_unarchived"
53
+	ActionRepoUnarchived        Action = "repo_unarchived"
54
-	ActionRepoVisibilityChanged  Action = "repo_visibility_changed"
54
+	ActionRepoVisibilityChanged Action = "repo_visibility_changed"
55
-	ActionRepoSoftDeleted        Action = "repo_soft_deleted"
55
+	ActionRepoSoftDeleted       Action = "repo_soft_deleted"
56
-	ActionRepoRestored           Action = "repo_restored"
56
+	ActionRepoRestored          Action = "repo_restored"
57
-	ActionRepoHardDeleted        Action = "repo_hard_deleted"
57
+	ActionRepoHardDeleted       Action = "repo_hard_deleted"
58
-	ActionRepoTransferRequested  Action = "repo_transfer_requested"
58
+	ActionRepoTransferRequested Action = "repo_transfer_requested"
59
-	ActionRepoTransferAccepted   Action = "repo_transfer_accepted"
59
+	ActionRepoTransferAccepted  Action = "repo_transfer_accepted"
60
-	ActionRepoTransferDeclined   Action = "repo_transfer_declined"
60
+	ActionRepoTransferDeclined  Action = "repo_transfer_declined"
61
-	ActionRepoTransferCanceled   Action = "repo_transfer_canceled"
61
+	ActionRepoTransferCanceled  Action = "repo_transfer_canceled"
62
-	ActionRepoTransferExpired    Action = "repo_transfer_expired"
62
+	ActionRepoTransferExpired   Action = "repo_transfer_expired"
63
-	ActionIssueStateChanged      Action = "issue_state_changed"
63
+	ActionIssueStateChanged     Action = "issue_state_changed"
64
-	ActionIssueLockChanged       Action = "issue_lock_changed"
64
+	ActionIssueLockChanged      Action = "issue_lock_changed"
65
-	ActionIssueCommentCreated    Action = "issue_comment_created"
65
+	ActionIssueCommentCreated   Action = "issue_comment_created"
66
-	ActionPullStateChanged       Action = "pull_state_changed"
66
+	ActionPullStateChanged      Action = "pull_state_changed"
67
-	ActionPullMerged             Action = "pull_merged"
67
+	ActionPullMerged            Action = "pull_merged"
68
-	ActionStarCreated            Action = "star_created"
68
+	ActionStarCreated           Action = "star_created"
69
-	ActionStarDeleted            Action = "star_deleted"
69
+	ActionStarDeleted           Action = "star_deleted"
70
-	ActionWatchSet               Action = "watch_set"
70
+	ActionWatchSet              Action = "watch_set"
71
-	ActionWatchUnset             Action = "watch_unset"
71
+	ActionWatchUnset            Action = "watch_unset"
72
-	ActionRepoForked             Action = "repo_forked"
72
+	ActionRepoForked            Action = "repo_forked"
73
-	ActionRepoForkSynced         Action = "repo_fork_synced"
73
+	ActionRepoForkSynced        Action = "repo_fork_synced"
74
 )
74
 )
75
 
75
 
76
 // Target is a typed target-type constant.
76
 // Target is a typed target-type constant.
internal/auth/policy/adapters.gomodified
@@ -25,4 +25,3 @@ func NewRepoRefFromRepo(r reposdb.Repo) RepoRef {
25
 	}
25
 	}
26
 	return ref
26
 	return ref
27
 }
27
 }
28
-
internal/auth/policy/policy_test.gomodified
@@ -56,9 +56,9 @@ func (k repoKind) String() string {
56
 }
56
 }
57
 
57
 
58
 const (
58
 const (
59
-	ownerID  int64 = 100
59
+	ownerID int64 = 100
60
-	otherID  int64 = 200
60
+	otherID int64 = 200
61
-	repoIDV  int64 = 1000
61
+	repoIDV int64 = 1000
62
 )
62
 )
63
 
63
 
64
 func makeActor(k actorKind) policy.Actor {
64
 func makeActor(k actorKind) policy.Actor {
@@ -321,7 +321,6 @@ func TestCacheInvalidate(t *testing.T) {
321
 	}
321
 	}
322
 }
322
 }
323
 
323
 
324
-
325
 // TestPermissionsDoc_CoversEveryAction guards against drift between
324
 // TestPermissionsDoc_CoversEveryAction guards against drift between
326
 // the policy package and docs/internal/permissions.md. The doc's
325
 // the policy package and docs/internal/permissions.md. The doc's
327
 // "Action → minimum role" table must mention every Action constant
326
 // "Action → minimum role" table must mention every Action constant
internal/auth/reserved.gomodified
@@ -83,9 +83,9 @@ var reservedNames = map[string]struct{}{
83
 	"shithubd":      {},
83
 	"shithubd":      {},
84
 	"shithubbot":    {},
84
 	"shithubbot":    {},
85
 	// S29 — notification subscribe/unsubscribe per thread.
85
 	// S29 — notification subscribe/unsubscribe per thread.
86
-	"threads":       {},
86
+	"threads": {},
87
 	// S30 — invitation accept/decline.
87
 	// S30 — invitation accept/decline.
88
-	"invitations":   {},
88
+	"invitations": {},
89
 }
89
 }
90
 
90
 
91
 // IsReserved reports whether name is on the reserved list. The check is
91
 // IsReserved reports whether name is on the reserved list. The check is
internal/checks/checks.gomodified
@@ -42,16 +42,16 @@ const (
42
 
42
 
43
 // Errors surfaced to API + handlers.
43
 // Errors surfaced to API + handlers.
44
 var (
44
 var (
45
-	ErrEmptyName              = errors.New("checks: name is required")
45
+	ErrEmptyName                = errors.New("checks: name is required")
46
-	ErrNameTooLong            = errors.New("checks: name too long (max 200)")
46
+	ErrNameTooLong              = errors.New("checks: name too long (max 200)")
47
-	ErrInvalidStatus          = errors.New("checks: status must be queued, in_progress, completed, or pending")
47
+	ErrInvalidStatus            = errors.New("checks: status must be queued, in_progress, completed, or pending")
48
-	ErrInvalidConclusion      = errors.New("checks: invalid conclusion")
48
+	ErrInvalidConclusion        = errors.New("checks: invalid conclusion")
49
 	ErrCompletedNeedsConclusion = errors.New("checks: completed status requires conclusion")
49
 	ErrCompletedNeedsConclusion = errors.New("checks: completed status requires conclusion")
50
-	ErrOutputTextTooLarge     = errors.New("checks: output.text exceeds 256 KiB cap")
50
+	ErrOutputTextTooLarge       = errors.New("checks: output.text exceeds 256 KiB cap")
51
-	ErrOutputSummaryTooLarge  = errors.New("checks: output.summary exceeds 64 KiB cap")
51
+	ErrOutputSummaryTooLarge    = errors.New("checks: output.summary exceeds 64 KiB cap")
52
-	ErrShortHeadSHA           = errors.New("checks: head_sha must be at least 7 hex chars")
52
+	ErrShortHeadSHA             = errors.New("checks: head_sha must be at least 7 hex chars")
53
-	ErrCheckRunNotFound       = errors.New("checks: run not found")
53
+	ErrCheckRunNotFound         = errors.New("checks: run not found")
54
-	ErrSuiteNotFound          = errors.New("checks: suite not found")
54
+	ErrSuiteNotFound            = errors.New("checks: suite not found")
55
 )
55
 )
56
 
56
 
57
 // validStatus / validConclusion mirror the Postgres enums.
57
 // validStatus / validConclusion mirror the Postgres enums.
internal/checks/checks_test.gomodified
@@ -261,10 +261,10 @@ func TestUpdate_TimestampsRoundTrip(t *testing.T) {
261
 		RepoID: f.repoID, HeadSHA: strings.Repeat("a", 40), Name: "lint",
261
 		RepoID: f.repoID, HeadSHA: strings.Repeat("a", 40), Name: "lint",
262
 	})
262
 	})
263
 	if _, err := checks.Update(ctx, f.deps, checks.UpdateParams{
263
 	if _, err := checks.Update(ctx, f.deps, checks.UpdateParams{
264
-		RunID:          run.ID,
264
+		RunID:     run.ID,
265
-		HasStatus:      true, Status: "completed",
265
+		HasStatus: true, Status: "completed",
266
-		HasConclusion:  true, Conclusion: "success",
266
+		HasConclusion: true, Conclusion: "success",
267
-		HasStartedAt:   true, StartedAt: when,
267
+		HasStartedAt: true, StartedAt: when,
268
 		HasCompletedAt: true, CompletedAt: when.Add(30 * time.Second),
268
 		HasCompletedAt: true, CompletedAt: when.Add(30 * time.Second),
269
 	}); err != nil {
269
 	}); err != nil {
270
 		t.Fatalf("Update: %v", err)
270
 		t.Fatalf("Update: %v", err)
internal/checks/create.gomodified
@@ -75,9 +75,9 @@ func Create(ctx context.Context, deps Deps, p CreateParams) (checksdb.CheckRun,
75
 	}()
75
 	}()
76
 
76
 
77
 	suite, err := q.GetOrCreateCheckSuite(ctx, tx, checksdb.GetOrCreateCheckSuiteParams{
77
 	suite, err := q.GetOrCreateCheckSuite(ctx, tx, checksdb.GetOrCreateCheckSuiteParams{
78
-		RepoID:   p.RepoID,
78
+		RepoID:  p.RepoID,
79
-		HeadSha:  p.HeadSHA,
79
+		HeadSha: p.HeadSHA,
80
-		AppSlug:  p.AppSlug,
80
+		AppSlug: p.AppSlug,
81
 	})
81
 	})
82
 	if err != nil {
82
 	if err != nil {
83
 		return checksdb.CheckRun{}, fmt.Errorf("suite: %w", err)
83
 		return checksdb.CheckRun{}, fmt.Errorf("suite: %w", err)
internal/checks/required_eval.gomodified
@@ -15,15 +15,15 @@ import (
15
 
15
 
16
 // GateInputs is the small struct the merge gate cares about.
16
 // GateInputs is the small struct the merge gate cares about.
17
 type GateInputs struct {
17
 type GateInputs struct {
18
-	RepoID         int64
18
+	RepoID        int64
19
-	HeadSHA        string
19
+	HeadSHA       string
20
-	RequiredNames  []string // from branch_protection_rules.status_checks_required
20
+	RequiredNames []string // from branch_protection_rules.status_checks_required
21
 }
21
 }
22
 
22
 
23
 // GateResult mirrors the spec's blocked-with-reason vocabulary.
23
 // GateResult mirrors the spec's blocked-with-reason vocabulary.
24
 type GateResult struct {
24
 type GateResult struct {
25
 	Satisfied bool
25
 	Satisfied bool
26
-	Reason    string  // "" when Satisfied; otherwise human-readable cause
26
+	Reason    string // "" when Satisfied; otherwise human-readable cause
27
 	// Missing is the subset of RequiredNames that haven't yet succeeded
27
 	// Missing is the subset of RequiredNames that haven't yet succeeded
28
 	// or returned neutral on HeadSHA. Populated for UI tooltips.
28
 	// or returned neutral on HeadSHA. Populated for UI tooltips.
29
 	Missing []string
29
 	Missing []string
internal/checks/suite_rollup_test.gomodified
@@ -23,10 +23,10 @@ func run(status string, conclusion string) checksdb.CheckRun {
23
 func TestDeriveSuiteRollup(t *testing.T) {
23
 func TestDeriveSuiteRollup(t *testing.T) {
24
 	t.Parallel()
24
 	t.Parallel()
25
 	cases := []struct {
25
 	cases := []struct {
26
-		name        string
26
+		name       string
27
-		runs        []checksdb.CheckRun
27
+		runs       []checksdb.CheckRun
28
-		wantStatus  string
28
+		wantStatus string
29
-		wantConcl   string
29
+		wantConcl  string
30
 	}{
30
 	}{
31
 		{
31
 		{
32
 			"empty → queued",
32
 			"empty → queued",
internal/git/protocol/ssh_dispatch_test.gomodified
@@ -174,7 +174,8 @@ func TestDispatch_PushToArchivedIsArchived(t *testing.T) {
174
 func TestDispatch_SuspendedUserSuspended(t *testing.T) {
174
 func TestDispatch_SuspendedUserSuspended(t *testing.T) {
175
 	t.Parallel()
175
 	t.Parallel()
176
 	env := setupDispatch(t)
176
 	env := setupDispatch(t)
177
-	if _, err := env.pool.Exec(context.Background(),
177
+	if _, err := env.pool.Exec(
178
+		context.Background(),
178
 		"UPDATE users SET suspended_at = now(), suspended_reason = 'test' WHERE id = $1",
179
 		"UPDATE users SET suspended_at = now(), suspended_reason = 'test' WHERE id = $1",
179
 		env.alice,
180
 		env.alice,
180
 	); err != nil {
181
 	); err != nil {
internal/issues/notif_emit.gomodified
@@ -105,7 +105,8 @@ func emitAssignmentEventTx(
105
 // which is the safe default for the public-feed flag on the event row.
105
 // which is the safe default for the public-feed flag on the event row.
106
 func repoVisibilityPublic(ctx context.Context, db pgxRow, repoID int64) (bool, error) {
106
 func repoVisibilityPublic(ctx context.Context, db pgxRow, repoID int64) (bool, error) {
107
 	var vis string
107
 	var vis string
108
-	err := db.QueryRow(ctx,
108
+	err := db.QueryRow(
109
+		ctx,
109
 		`SELECT visibility::text FROM repos WHERE id = $1`,
110
 		`SELECT visibility::text FROM repos WHERE id = $1`,
110
 		repoID,
111
 		repoID,
111
 	).Scan(&vis)
112
 	).Scan(&vis)
internal/issues/references.gomodified
@@ -19,8 +19,8 @@ import (
19
 
19
 
20
 // Two patterns:
20
 // Two patterns:
21
 //
21
 //
22
-//   #N            — same-repo reference. Captured digits.
22
+//	#N            — same-repo reference. Captured digits.
23
-//   owner/repo#N  — cross-repo reference. Captured owner, repo, digits.
23
+//	owner/repo#N  — cross-repo reference. Captured owner, repo, digits.
24
 //
24
 //
25
 // Word-boundary on the leading side so we don't grab "abc#1". The N is
25
 // Word-boundary on the leading side so we don't grab "abc#1". The N is
26
 // limited to 1–9 leading digit + arbitrary digits, capped at 9 total to
26
 // limited to 1–9 leading digit + arbitrary digits, capped at 9 total to
@@ -105,7 +105,8 @@ func insertReferencesFromBody(
105
 			pKind string
105
 			pKind string
106
 			pID   int64
106
 			pID   int64
107
 		)
107
 		)
108
-		err = tx.QueryRow(ctx,
108
+		err = tx.QueryRow(
109
+			ctx,
109
 			`SELECT kind::text, id FROM principals WHERE slug = $1`,
110
 			`SELECT kind::text, id FROM principals WHERE slug = $1`,
110
 			strings.ToLower(owner),
111
 			strings.ToLower(owner),
111
 		).Scan(&pKind, &pID)
112
 		).Scan(&pKind, &pID)
@@ -173,4 +174,3 @@ func insertReferencesFromBody(
173
 
174
 
174
 	return nil
175
 	return nil
175
 }
176
 }
176
-
internal/issues/references_test.gomodified
@@ -67,4 +67,3 @@ func TestCrossRepoRefRegex(t *testing.T) {
67
 		t.Errorf("got %v, want %v", got, want)
67
 		t.Errorf("got %v, want %v", got, want)
68
 	}
68
 	}
69
 }
69
 }
70
-
internal/markdown/extensions/emoji.gomodified
@@ -11,95 +11,95 @@ package extensions
11
 // the rendered output.
11
 // the rendered output.
12
 var emojiMap = map[string]string{
12
 var emojiMap = map[string]string{
13
 	// Common reactions
13
 	// Common reactions
14
-	"+1":              "👍",
14
+	"+1":                     "👍",
15
-	"-1":              "👎",
15
+	"-1":                     "👎",
16
-	"thumbsup":        "👍",
16
+	"thumbsup":               "👍",
17
-	"thumbsdown":      "👎",
17
+	"thumbsdown":             "👎",
18
-	"smile":           "😄",
18
+	"smile":                  "😄",
19
-	"laughing":        "😆",
19
+	"laughing":               "😆",
20
-	"joy":             "😂",
20
+	"joy":                    "😂",
21
-	"heart":           "❤️",
21
+	"heart":                  "❤️",
22
-	"heart_eyes":      "😍",
22
+	"heart_eyes":             "😍",
23
-	"tada":            "🎉",
23
+	"tada":                   "🎉",
24
-	"rocket":          "🚀",
24
+	"rocket":                 "🚀",
25
-	"fire":            "🔥",
25
+	"fire":                   "🔥",
26
-	"sparkles":        "✨",
26
+	"sparkles":               "✨",
27
-	"eyes":            "👀",
27
+	"eyes":                   "👀",
28
-	"thinking":        "🤔",
28
+	"thinking":               "🤔",
29
-	"thinking_face":   "🤔",
29
+	"thinking_face":          "🤔",
30
-	"wave":            "👋",
30
+	"wave":                   "👋",
31
-	"clap":            "👏",
31
+	"clap":                   "👏",
32
-	"pray":            "🙏",
32
+	"pray":                   "🙏",
33
-	"100":             "💯",
33
+	"100":                    "💯",
34
-	"check":           "✅",
34
+	"check":                  "✅",
35
-	"x":               "❌",
35
+	"x":                      "❌",
36
-	"warning":         "⚠️",
36
+	"warning":                "⚠️",
37
-	"bug":             "🐛",
37
+	"bug":                    "🐛",
38
-	"sparkle":         "✨",
38
+	"sparkle":                "✨",
39
-	"star":            "⭐",
39
+	"star":                   "⭐",
40
-	"hammer":          "🔨",
40
+	"hammer":                 "🔨",
41
-	"wrench":          "🔧",
41
+	"wrench":                 "🔧",
42
-	"package":         "📦",
42
+	"package":                "📦",
43
-	"books":           "📚",
43
+	"books":                  "📚",
44
-	"book":            "📖",
44
+	"book":                   "📖",
45
-	"memo":            "📝",
45
+	"memo":                   "📝",
46
-	"pencil":          "✏️",
46
+	"pencil":                 "✏️",
47
-	"shipit":          "🚢",
47
+	"shipit":                 "🚢",
48
-	"ship":            "🚢",
48
+	"ship":                   "🚢",
49
-	"lock":            "🔒",
49
+	"lock":                   "🔒",
50
-	"unlock":          "🔓",
50
+	"unlock":                 "🔓",
51
-	"key":             "🔑",
51
+	"key":                    "🔑",
52
-	"link":            "🔗",
52
+	"link":                   "🔗",
53
-	"speech_balloon":  "💬",
53
+	"speech_balloon":         "💬",
54
-	"thought_balloon": "💭",
54
+	"thought_balloon":        "💭",
55
-	"computer":        "💻",
55
+	"computer":               "💻",
56
-	"keyboard":        "⌨️",
56
+	"keyboard":               "⌨️",
57
-	"floppy_disk":     "💾",
57
+	"floppy_disk":            "💾",
58
-	"cd":              "💿",
58
+	"cd":                     "💿",
59
-	"dvd":             "📀",
59
+	"dvd":                    "📀",
60
-	"clipboard":       "📋",
60
+	"clipboard":              "📋",
61
-	"chart":           "📈",
61
+	"chart":                  "📈",
62
-	"bar_chart":       "📊",
62
+	"bar_chart":              "📊",
63
-	"calendar":        "📅",
63
+	"calendar":               "📅",
64
-	"date":            "📆",
64
+	"date":                   "📆",
65
-	"hourglass":       "⌛",
65
+	"hourglass":              "⌛",
66
-	"alarm_clock":     "⏰",
66
+	"alarm_clock":            "⏰",
67
-	"clock1":          "🕐",
67
+	"clock1":                 "🕐",
68
-	"bell":            "🔔",
68
+	"bell":                   "🔔",
69
-	"no_bell":         "🔕",
69
+	"no_bell":                "🔕",
70
-	"loudspeaker":     "📢",
70
+	"loudspeaker":            "📢",
71
-	"mega":            "📣",
71
+	"mega":                   "📣",
72
-	"mailbox":         "📫",
72
+	"mailbox":                "📫",
73
-	"envelope":        "✉️",
73
+	"envelope":               "✉️",
74
-	"postbox":         "📮",
74
+	"postbox":                "📮",
75
-	"package_2":       "📮",
75
+	"package_2":              "📮",
76
-	"mag":             "🔍",
76
+	"mag":                    "🔍",
77
-	"telescope":       "🔭",
77
+	"telescope":              "🔭",
78
-	"microscope":      "🔬",
78
+	"microscope":             "🔬",
79
-	"hammer_and_wrench": "🛠️",
79
+	"hammer_and_wrench":      "🛠️",
80
-	"gear":              "⚙️",
80
+	"gear":                   "⚙️",
81
-	"toolbox":           "🧰",
81
+	"toolbox":                "🧰",
82
-	"nut_and_bolt":      "🔩",
82
+	"nut_and_bolt":           "🔩",
83
-	"satellite":         "📡",
83
+	"satellite":              "📡",
84
-	"globe":             "🌍",
84
+	"globe":                  "🌍",
85
-	"earth_americas":    "🌎",
85
+	"earth_americas":         "🌎",
86
-	"earth_asia":        "🌏",
86
+	"earth_asia":             "🌏",
87
-	"new":               "🆕",
87
+	"new":                    "🆕",
88
-	"free":              "🆓",
88
+	"free":                   "🆓",
89
-	"abc":               "🔤",
89
+	"abc":                    "🔤",
90
-	"abcd":              "🔡",
90
+	"abcd":                   "🔡",
91
-	"capital_abcd":      "🔠",
91
+	"capital_abcd":           "🔠",
92
-	"information_source": "ℹ️",
92
+	"information_source":     "ℹ️",
93
-	"interrobang":        "⁉️",
93
+	"interrobang":            "⁉️",
94
-	"question":           "❓",
94
+	"question":               "❓",
95
-	"grey_question":      "❔",
95
+	"grey_question":          "❔",
96
-	"exclamation":        "❗",
96
+	"exclamation":            "❗",
97
-	"grey_exclamation":   "❕",
97
+	"grey_exclamation":       "❕",
98
-	"o":                  "⭕",
98
+	"o":                      "⭕",
99
-	"x_circle":           "❌",
99
+	"x_circle":               "❌",
100
-	"white_check_mark":   "✅",
100
+	"white_check_mark":       "✅",
101
-	"ballot_box_with_check": "☑️",
101
+	"ballot_box_with_check":  "☑️",
102
-	"heavy_check_mark":      "✔️",
102
+	"heavy_check_mark":       "✔️",
103
 	"heavy_multiplication_x": "✖️",
103
 	"heavy_multiplication_x": "✖️",
104
 	"heavy_plus_sign":        "➕",
104
 	"heavy_plus_sign":        "➕",
105
 	"heavy_minus_sign":       "➖",
105
 	"heavy_minus_sign":       "➖",
@@ -115,7 +115,7 @@ var emojiMap = map[string]string{
115
 	"gem":                    "💎",
115
 	"gem":                    "💎",
116
 	"art":                    "🎨",
116
 	"art":                    "🎨",
117
 	"musical_note":           "🎵",
117
 	"musical_note":           "🎵",
118
-	"musical_score":           "🎼",
118
+	"musical_score":          "🎼",
119
 	"sound":                  "🔊",
119
 	"sound":                  "🔊",
120
 	"mute":                   "🔇",
120
 	"mute":                   "🔇",
121
 	"video_camera":           "📹",
121
 	"video_camera":           "📹",
internal/markdown/extensions/extensions.gomodified
@@ -101,22 +101,23 @@ type Mention struct {
101
 //	#14               user mention: username
101
 //	#14               user mention: username
102
 //	#16               commit prefix
102
 //	#16               commit prefix
103
 //	#18               emoji name
103
 //	#18               emoji name
104
-var reCombined = regexp.MustCompile(`` +
104
+var reCombined = regexp.MustCompile(
105
-	// cross-repo: alice/proj#3 — left boundary required so we don't
105
+	`` +
106
-	// chew into a preceding word.
106
+		// cross-repo: alice/proj#3 — left boundary required so we don't
107
-	`(?:^|[^\w/])([A-Za-z0-9][A-Za-z0-9._-]*)/([A-Za-z0-9][A-Za-z0-9._-]*)#([0-9]{1,9})\b` +
107
+		// chew into a preceding word.
108
-	// or same-repo: #3
108
+		`(?:^|[^\w/])([A-Za-z0-9][A-Za-z0-9._-]*)/([A-Za-z0-9][A-Za-z0-9._-]*)#([0-9]{1,9})\b` +
109
-	`|(?:^|[^\w/])#([0-9]{1,9})\b` +
109
+		// or same-repo: #3
110
-	// or team mention: @org/team — comes BEFORE @user so the
110
+		`|(?:^|[^\w/])#([0-9]{1,9})\b` +
111
-	// trailing `/team` doesn't get split off as text. Slug shape
111
+		// or team mention: @org/team — comes BEFORE @user so the
112
-	// matches users.username + teams.slug.
112
+		// trailing `/team` doesn't get split off as text. Slug shape
113
-	`|(?:^|[^\w])@([a-z0-9](?:[a-z0-9-]{0,37}[a-z0-9])?)/([a-z0-9](?:[a-z0-9._-]{0,48}[a-z0-9])?)\b` +
113
+		// matches users.username + teams.slug.
114
-	// or user mention: @alice
114
+		`|(?:^|[^\w])@([a-z0-9](?:[a-z0-9-]{0,37}[a-z0-9])?)/([a-z0-9](?:[a-z0-9._-]{0,48}[a-z0-9])?)\b` +
115
-	`|(?:^|[^\w])@([A-Za-z0-9][A-Za-z0-9_-]{0,38})\b` +
115
+		// or user mention: @alice
116
-	// or commit SHA: 7–40 lowercase hex
116
+		`|(?:^|[^\w])@([A-Za-z0-9][A-Za-z0-9_-]{0,38})\b` +
117
-	`|(?:^|[^\w/])([0-9a-f]{7,40})\b` +
117
+		// or commit SHA: 7–40 lowercase hex
118
-	// or emoji shortcode: :smile:
118
+		`|(?:^|[^\w/])([0-9a-f]{7,40})\b` +
119
-	`|:([a-z0-9_+\-]+):`,
119
+		// or emoji shortcode: :smile:
120
+		`|:([a-z0-9_+\-]+):`,
120
 )
121
 )
121
 
122
 
122
 // Extension is a goldmark.Extender that registers the AST transformer.
123
 // Extension is a goldmark.Extender that registers the AST transformer.
@@ -181,12 +182,12 @@ func (t *transformer) replaceText(txt *ast.Text, source []byte) {
181
 		// content starts (excluding the regex-consumed boundary
182
 		// content starts (excluding the regex-consumed boundary
182
 		// char, if any).
183
 		// char, if any).
183
 		var (
184
 		var (
184
-			isCrossRepo  = m[2] >= 0
185
+			isCrossRepo = m[2] >= 0
185
-			isSameRepo   = m[8] >= 0
186
+			isSameRepo  = m[8] >= 0
186
-			isTeamMen    = m[10] >= 0
187
+			isTeamMen   = m[10] >= 0
187
-			isMention    = m[14] >= 0
188
+			isMention   = m[14] >= 0
188
-			isCommit     = m[16] >= 0
189
+			isCommit    = m[16] >= 0
189
-			isEmoji      = m[18] >= 0
190
+			isEmoji     = m[18] >= 0
190
 		)
191
 		)
191
 		var contentStart int
192
 		var contentStart int
192
 		switch {
193
 		switch {
@@ -379,4 +380,3 @@ func (t *transformer) appendCommitLink(parent, before ast.Node, shaPrefix string
379
 	}
380
 	}
380
 	return true
381
 	return true
381
 }
382
 }
382
-
internal/markdown/markdown_test.gomodified
@@ -123,8 +123,8 @@ func TestRender_HostileInputs(t *testing.T) {
123
 func TestRender_AllowsSafeHTML(t *testing.T) {
123
 func TestRender_AllowsSafeHTML(t *testing.T) {
124
 	t.Parallel()
124
 	t.Parallel()
125
 	cases := []struct {
125
 	cases := []struct {
126
-		name      string
126
+		name        string
127
-		src       string
127
+		src         string
128
 		mustContain []string
128
 		mustContain []string
129
 	}{
129
 	}{
130
 		{
130
 		{
internal/notif/email.gomodified
@@ -106,7 +106,8 @@ func sendNotificationEmail(
106
 // participating threads master toggle, default on").
106
 // participating threads master toggle, default on").
107
 func emailPrefOn(ctx context.Context, pool *pgxpool.Pool, userID int64, key string) (bool, error) {
107
 func emailPrefOn(ctx context.Context, pool *pgxpool.Pool, userID int64, key string) (bool, error) {
108
 	var raw json.RawMessage
108
 	var raw json.RawMessage
109
-	err := pool.QueryRow(ctx,
109
+	err := pool.QueryRow(
110
+		ctx,
110
 		`SELECT value FROM user_notification_prefs WHERE user_id = $1 AND key = $2`,
111
 		`SELECT value FROM user_notification_prefs WHERE user_id = $1 AND key = $2`,
111
 		userID, key,
112
 		userID, key,
112
 	).Scan(&raw)
113
 	).Scan(&raw)
internal/notif/emit.gomodified
@@ -28,8 +28,8 @@ type Event struct {
28
 	RepoID      int64  // 0 → user-scoped event (NULL).
28
 	RepoID      int64  // 0 → user-scoped event (NULL).
29
 	SourceKind  string // "issue", "pull", "repo", "user", …
29
 	SourceKind  string // "issue", "pull", "repo", "user", …
30
 	SourceID    int64
30
 	SourceID    int64
31
-	Public      bool     // matches repo visibility (caller decides).
31
+	Public      bool    // matches repo visibility (caller decides).
32
-	Mentions    []int64  // resolved user-ids to fan out @-mentions to.
32
+	Mentions    []int64 // resolved user-ids to fan out @-mentions to.
33
 	Extra       map[string]any
33
 	Extra       map[string]any
34
 }
34
 }
35
 
35
 
internal/notif/fanout_test.gomodified
@@ -39,6 +39,7 @@ func (c *captureSender) Send(_ context.Context, m email.Message) error {
39
 	c.messages = append(c.messages, m)
39
 	c.messages = append(c.messages, m)
40
 	return nil
40
 	return nil
41
 }
41
 }
42
+
42
 func (c *captureSender) count() int {
43
 func (c *captureSender) count() int {
43
 	c.mu.Lock()
44
 	c.mu.Lock()
44
 	defer c.mu.Unlock()
45
 	defer c.mu.Unlock()
@@ -312,10 +313,10 @@ func TestFanout_VisibilityRecheck_PrivateRepo(t *testing.T) {
312
 func TestUnsubscribe_HMACRoundtrip(t *testing.T) {
313
 func TestUnsubscribe_HMACRoundtrip(t *testing.T) {
313
 	key := []byte("test-key-32-bytes-aaaaaaaaaaaaaa")
314
 	key := []byte("test-key-32-bytes-aaaaaaaaaaaaaa")
314
 	const (
315
 	const (
315
-		uid  = int64(123)
316
+		uid   = int64(123)
316
-		tk   = "issue"
317
+		tk    = "issue"
317
-		tid  = int64(45)
318
+		tid   = int64(45)
318
-		bad  = "issues"
319
+		bad   = "issues"
319
 		other = int64(46)
320
 		other = int64(46)
320
 	)
321
 	)
321
 	// Build by parsing the URL the same path the email-side uses.
322
 	// Build by parsing the URL the same path the email-side uses.
internal/notif/notif.gomodified
@@ -55,9 +55,9 @@ type Deps struct {
55
 
55
 
56
 // Errors surfaced by the orchestrator.
56
 // Errors surfaced by the orchestrator.
57
 var (
57
 var (
58
-	ErrNotFound        = errors.New("notif: notification not found")
58
+	ErrNotFound       = errors.New("notif: notification not found")
59
-	ErrUnauthorized    = errors.New("notif: not your notification")
59
+	ErrUnauthorized   = errors.New("notif: not your notification")
60
-	ErrUnsubscribeBad  = errors.New("notif: invalid unsubscribe token")
60
+	ErrUnsubscribeBad = errors.New("notif: invalid unsubscribe token")
61
 )
61
 )
62
 
62
 
63
 // FanoutBatch is the per-tick cap on how many domain_events the
63
 // FanoutBatch is the per-tick cap on how many domain_events the
@@ -70,8 +70,8 @@ const FanoutBatch = 200
70
 // 10 minutes (the spec's day-1 lean). Per-recipient absolute cap
70
 // 10 minutes (the spec's day-1 lean). Per-recipient absolute cap
71
 // is 100 emails per hour.
71
 // is 100 emails per hour.
72
 const (
72
 const (
73
-	StormPerThreadCap   = 1
73
+	StormPerThreadCap  = 1
74
-	StormPerThreadMins  = 10
74
+	StormPerThreadMins = 10
75
-	StormAbsoluteCap    = 100
75
+	StormAbsoluteCap   = 100
76
-	StormAbsoluteMins   = 60
76
+	StormAbsoluteMins  = 60
77
 )
77
 )
internal/notif/routing.gomodified
@@ -13,10 +13,10 @@ const (
13
 	ReasonMention         Reason = "mention"
13
 	ReasonMention         Reason = "mention"
14
 	ReasonAssignment      Reason = "assignment"
14
 	ReasonAssignment      Reason = "assignment"
15
 	ReasonReviewRequested Reason = "review_requested"
15
 	ReasonReviewRequested Reason = "review_requested"
16
-	ReasonAuthor          Reason = "author"          // you opened the thread
16
+	ReasonAuthor          Reason = "author"     // you opened the thread
17
-	ReasonCommenter       Reason = "commenter"       // you commented earlier
17
+	ReasonCommenter       Reason = "commenter"  // you commented earlier
18
-	ReasonSubscribed      Reason = "subscribed"      // explicit thread sub
18
+	ReasonSubscribed      Reason = "subscribed" // explicit thread sub
19
-	ReasonWatching        Reason = "watching"        // repo-level watch
19
+	ReasonWatching        Reason = "watching"   // repo-level watch
20
 	ReasonRepoAdminAction Reason = "repo_admin_action"
20
 	ReasonRepoAdminAction Reason = "repo_admin_action"
21
 )
21
 )
22
 
22
 
internal/orgs/create.gomodified
@@ -17,11 +17,11 @@ import (
17
 
17
 
18
 // CreateParams describes a create-org request.
18
 // CreateParams describes a create-org request.
19
 type CreateParams struct {
19
 type CreateParams struct {
20
-	Slug             string
20
+	Slug            string
21
-	DisplayName      string
21
+	DisplayName     string
22
-	Description      string
22
+	Description     string
23
-	BillingEmail     string
23
+	BillingEmail    string
24
-	CreatedByUserID  int64
24
+	CreatedByUserID int64
25
 }
25
 }
26
 
26
 
27
 // slugRE mirrors the username pattern (lowercase letters, digits,
27
 // slugRE mirrors the username pattern (lowercase letters, digits,
@@ -86,10 +86,10 @@ func Create(ctx context.Context, deps Deps, p CreateParams) (orgsdb.Org, error)
86
 	}
86
 	}
87
 
87
 
88
 	if err := q.AddOrgMember(ctx, tx, orgsdb.AddOrgMemberParams{
88
 	if err := q.AddOrgMember(ctx, tx, orgsdb.AddOrgMemberParams{
89
-		OrgID:            row.ID,
89
+		OrgID:           row.ID,
90
-		UserID:           p.CreatedByUserID,
90
+		UserID:          p.CreatedByUserID,
91
-		Role:             orgsdb.OrgRoleOwner,
91
+		Role:            orgsdb.OrgRoleOwner,
92
-		InvitedByUserID:  pgtype.Int8{Valid: false},
92
+		InvitedByUserID: pgtype.Int8{Valid: false},
93
 	}); err != nil {
93
 	}); err != nil {
94
 		return orgsdb.Org{}, fmt.Errorf("seed owner: %w", err)
94
 		return orgsdb.Org{}, fmt.Errorf("seed owner: %w", err)
95
 	}
95
 	}
internal/orgs/hard_delete.gomodified
@@ -84,7 +84,8 @@ func Restore(ctx context.Context, deps Deps, orgID, actorUserID int64) error {
84
 	// soft-delete). Refuse to restore if so — the operator can rename
84
 	// soft-delete). Refuse to restore if so — the operator can rename
85
 	// the conflicting principal and retry.
85
 	// the conflicting principal and retry.
86
 	var taken bool
86
 	var taken bool
87
-	if err := deps.Pool.QueryRow(ctx,
87
+	if err := deps.Pool.QueryRow(
88
+		ctx,
88
 		`SELECT EXISTS(SELECT 1 FROM principals WHERE slug = $1)`,
89
 		`SELECT EXISTS(SELECT 1 FROM principals WHERE slug = $1)`,
89
 		row.Slug,
90
 		row.Slug,
90
 	).Scan(&taken); err != nil {
91
 	).Scan(&taken); err != nil {
internal/orgs/invitations.gomodified
@@ -102,13 +102,13 @@ func Invite(ctx context.Context, deps Deps, p InviteParams) (InviteResult, error
102
 		return InviteResult{}, fmt.Errorf("invite token: %w", err)
102
 		return InviteResult{}, fmt.Errorf("invite token: %w", err)
103
 	}
103
 	}
104
 	row, err := q.CreateOrgInvitation(ctx, deps.Pool, orgsdb.CreateOrgInvitationParams{
104
 	row, err := q.CreateOrgInvitation(ctx, deps.Pool, orgsdb.CreateOrgInvitationParams{
105
-		OrgID:            p.OrgID,
105
+		OrgID:           p.OrgID,
106
-		InvitedByUserID:  pgtype.Int8{Int64: p.InvitedByUserID, Valid: true},
106
+		InvitedByUserID: pgtype.Int8{Int64: p.InvitedByUserID, Valid: true},
107
-		TargetUserID:     targetUserID,
107
+		TargetUserID:    targetUserID,
108
-		TargetEmail:      emailToCitext(targetEmail),
108
+		TargetEmail:     emailToCitext(targetEmail),
109
-		Role:             role,
109
+		Role:            role,
110
-		TokenHash:        tokHash,
110
+		TokenHash:       tokHash,
111
-		ExpiresAt:        pgtype.Timestamptz{Time: time.Now().Add(7 * 24 * time.Hour), Valid: true},
111
+		ExpiresAt:       pgtype.Timestamptz{Time: time.Now().Add(7 * 24 * time.Hour), Valid: true},
112
 	})
112
 	})
113
 	if err != nil {
113
 	if err != nil {
114
 		return InviteResult{}, fmt.Errorf("create invitation: %w", err)
114
 		return InviteResult{}, fmt.Errorf("create invitation: %w", err)
internal/pulls/merge.gomodified
@@ -296,4 +296,3 @@ func fetchCommitsForLinkScan(ctx context.Context, db pullsdb.DBTX, prID int64) [
296
 	}
296
 	}
297
 	return out
297
 	return out
298
 }
298
 }
299
-
internal/pulls/pulls.gomodified
@@ -124,13 +124,13 @@ func Create(ctx context.Context, deps Deps, p CreateParams) (CreateResult, error
124
 	}
124
 	}
125
 
125
 
126
 	prRow, err := pullsdb.New().CreatePullRequest(ctx, deps.Pool, pullsdb.CreatePullRequestParams{
126
 	prRow, err := pullsdb.New().CreatePullRequest(ctx, deps.Pool, pullsdb.CreatePullRequestParams{
127
-		IssueID:     issueRow.ID,
127
+		IssueID:    issueRow.ID,
128
-		BaseRef:     base,
128
+		BaseRef:    base,
129
-		HeadRef:     head,
129
+		HeadRef:    head,
130
-		HeadRepoID:  p.RepoID,
130
+		HeadRepoID: p.RepoID,
131
-		BaseOid:     baseOID,
131
+		BaseOid:    baseOID,
132
-		HeadOid:     headOID,
132
+		HeadOid:    headOID,
133
-		Draft:       p.Draft,
133
+		Draft:      p.Draft,
134
 	})
134
 	})
135
 	if err != nil {
135
 	if err != nil {
136
 		return CreateResult{}, fmt.Errorf("create pull_request: %w", err)
136
 		return CreateResult{}, fmt.Errorf("create pull_request: %w", err)
internal/pulls/review/request.gomodified
@@ -61,7 +61,8 @@ func Request(ctx context.Context, deps Deps, p RequestParams) (pullsdb.PrReviewR
61
 	issue, ierr := issuesdb.New().GetIssueByID(ctx, deps.Pool, p.PRIssueID)
61
 	issue, ierr := issuesdb.New().GetIssueByID(ctx, deps.Pool, p.PRIssueID)
62
 	if ierr == nil {
62
 	if ierr == nil {
63
 		var public bool
63
 		var public bool
64
-		_ = deps.Pool.QueryRow(ctx,
64
+		_ = deps.Pool.QueryRow(
65
+			ctx,
65
 			`SELECT visibility = 'public' FROM repos WHERE id = $1`,
66
 			`SELECT visibility = 'public' FROM repos WHERE id = $1`,
66
 			issue.RepoID,
67
 			issue.RepoID,
67
 		).Scan(&public)
68
 		).Scan(&public)
internal/pulls/review/review_test.gomodified
@@ -34,14 +34,14 @@ func gitCmd(args ...string) *exec.Cmd {
34
 }
34
 }
35
 
35
 
36
 type fx struct {
36
 type fx struct {
37
-	pool        *pgxpool.Pool
37
+	pool       *pgxpool.Pool
38
-	pullsDeps   pulls.Deps
38
+	pullsDeps  pulls.Deps
39
-	reviewDeps  review.Deps
39
+	reviewDeps review.Deps
40
-	authorID    int64
40
+	authorID   int64
41
-	reviewerID  int64
41
+	reviewerID int64
42
-	otherID     int64
42
+	otherID    int64
43
-	repoID      int64
43
+	repoID     int64
44
-	gitDir      string
44
+	gitDir     string
45
 }
45
 }
46
 
46
 
47
 func setup(t *testing.T) fx {
47
 func setup(t *testing.T) fx {
@@ -96,7 +96,7 @@ func setup(t *testing.T) fx {
96
 
96
 
97
 	logger := slog.New(slog.NewTextHandler(io.Discard, nil))
97
 	logger := slog.New(slog.NewTextHandler(io.Discard, nil))
98
 	return fx{
98
 	return fx{
99
-		pool: pool,
99
+		pool:       pool,
100
 		pullsDeps:  pulls.Deps{Pool: pool, Logger: logger},
100
 		pullsDeps:  pulls.Deps{Pool: pool, Logger: logger},
101
 		reviewDeps: review.Deps{Pool: pool, Logger: logger},
101
 		reviewDeps: review.Deps{Pool: pool, Logger: logger},
102
 		authorID:   author.ID,
102
 		authorID:   author.ID,
internal/pulls/review/submit.gomodified
@@ -119,8 +119,8 @@ func Dismiss(ctx context.Context, deps Deps, actorUserID, reviewID int64, reason
119
 		return err
119
 		return err
120
 	}
120
 	}
121
 	return q.DismissPRReview(ctx, deps.Pool, pullsdb.DismissPRReviewParams{
121
 	return q.DismissPRReview(ctx, deps.Pool, pullsdb.DismissPRReviewParams{
122
-		ID:                 reviewID,
122
+		ID:                reviewID,
123
-		DismissedByUserID:  pgtype.Int8{Int64: actorUserID, Valid: actorUserID != 0},
123
+		DismissedByUserID: pgtype.Int8{Int64: actorUserID, Valid: actorUserID != 0},
124
-		DismissalReason:    strings.TrimSpace(reason),
124
+		DismissalReason:   strings.TrimSpace(reason),
125
 	})
125
 	})
126
 }
126
 }
internal/repos/diff/parse/parse.gomodified
@@ -68,10 +68,10 @@ const (
68
 
68
 
69
 // Line is one rendered row in a hunk.
69
 // Line is one rendered row in a hunk.
70
 type Line struct {
70
 type Line struct {
71
-	Kind        LineKind
71
+	Kind      LineKind
72
-	OldLineNo   int    // 0 when the line is a pure addition
72
+	OldLineNo int    // 0 when the line is a pure addition
73
-	NewLineNo   int    // 0 when the line is a pure deletion
73
+	NewLineNo int    // 0 when the line is a pure deletion
74
-	Content     string // without the leading +/-/space marker, no trailing newline
74
+	Content   string // without the leading +/-/space marker, no trailing newline
75
 }
75
 }
76
 
76
 
77
 // Parse consumes a unified diff stream into the typed shape. The
77
 // Parse consumes a unified diff stream into the typed shape. The
internal/repos/diff/render/render.gomodified
@@ -184,7 +184,8 @@ func renderHunksUnified(f *parse.File, opts Options) string {
184
 		for _, l := range h.Lines {
184
 		for _, l := range h.Lines {
185
 			old, neu := lineNoCells(l)
185
 			old, neu := lineNoCells(l)
186
 			content := highlightOrEscape(f.NewPath, l.Content, opts)
186
 			content := highlightOrEscape(f.NewPath, l.Content, opts)
187
-			fmt.Fprintf(&buf,
187
+			fmt.Fprintf(
188
+				&buf,
188
 				`<tr class="%s"><td class="shithub-diff-lineno">%s</td><td class="shithub-diff-lineno">%s</td><td class="shithub-diff-content"><pre>%s%s</pre></td></tr>`,
189
 				`<tr class="%s"><td class="shithub-diff-lineno">%s</td><td class="shithub-diff-lineno">%s</td><td class="shithub-diff-content"><pre>%s%s</pre></td></tr>`,
189
 				lineClass(l.Kind), old, neu, lineMarker(l.Kind), content,
190
 				lineClass(l.Kind), old, neu, lineMarker(l.Kind), content,
190
 			)
191
 			)
@@ -221,7 +222,8 @@ func renderHunksSplit(f *parse.File, opts Options) string {
221
 				rightNo = numStr(p.right.NewLineNo)
222
 				rightNo = numStr(p.right.NewLineNo)
222
 				rightContent = lineMarker(p.right.Kind) + highlightOrEscape(f.NewPath, p.right.Content, opts)
223
 				rightContent = lineMarker(p.right.Kind) + highlightOrEscape(f.NewPath, p.right.Content, opts)
223
 			}
224
 			}
224
-			fmt.Fprintf(&buf,
225
+			fmt.Fprintf(
226
+				&buf,
225
 				`<tr><td class="shithub-diff-lineno %s">%s</td><td class="shithub-diff-content %s"><pre>%s</pre></td><td class="shithub-diff-lineno %s">%s</td><td class="shithub-diff-content %s"><pre>%s</pre></td></tr>`,
227
 				`<tr><td class="shithub-diff-lineno %s">%s</td><td class="shithub-diff-content %s"><pre>%s</pre></td><td class="shithub-diff-lineno %s">%s</td><td class="shithub-diff-content %s"><pre>%s</pre></td></tr>`,
226
 				leftClass, leftNo, leftClass, leftContent,
228
 				leftClass, leftNo, leftClass, leftContent,
227
 				rightClass, rightNo, rightClass, rightContent,
229
 				rightClass, rightNo, rightClass, rightContent,
internal/repos/diff/source/source.gomodified
@@ -37,7 +37,8 @@ type Options struct {
37
 // root commit (no parent) we diff against the empty tree by using
37
 // root commit (no parent) we diff against the empty tree by using
38
 // `git diff-tree -p -r --root`.
38
 // `git diff-tree -p -r --root`.
39
 func FromCommit(ctx context.Context, gitDir, sha string, opts Options) ([]byte, error) {
39
 func FromCommit(ctx context.Context, gitDir, sha string, opts Options) ([]byte, error) {
40
-	args := []string{"-C", gitDir,
40
+	args := []string{
41
+		"-C", gitDir,
41
 		"diff-tree", "-p", "-r", "--root",
42
 		"diff-tree", "-p", "-r", "--root",
42
 		"--no-color", "--no-ext-diff",
43
 		"--no-color", "--no-ext-diff",
43
 		"--full-index",
44
 		"--full-index",
@@ -54,7 +55,8 @@ func FromCommit(ctx context.Context, gitDir, sha string, opts Options) ([]byte,
54
 // FromRange returns the two-dot diff base..head. Use for "show me
55
 // FromRange returns the two-dot diff base..head. Use for "show me
55
 // every change between these two refs", regardless of merge graph.
56
 // every change between these two refs", regardless of merge graph.
56
 func FromRange(ctx context.Context, gitDir, base, head string, opts Options) ([]byte, error) {
57
 func FromRange(ctx context.Context, gitDir, base, head string, opts Options) ([]byte, error) {
57
-	args := []string{"-C", gitDir,
58
+	args := []string{
59
+		"-C", gitDir,
58
 		"diff", "--patch",
60
 		"diff", "--patch",
59
 		"--no-color", "--no-ext-diff",
61
 		"--no-color", "--no-ext-diff",
60
 		"--full-index",
62
 		"--full-index",
@@ -72,7 +74,8 @@ func FromRange(ctx context.Context, gitDir, base, head string, opts Options) ([]
72
 // `git diff $(git merge-base base head)..head`. Used by PR / compare
74
 // `git diff $(git merge-base base head)..head`. Used by PR / compare
73
 // pages — shows only what `head` adds over the common ancestor.
75
 // pages — shows only what `head` adds over the common ancestor.
74
 func FromMergeBase(ctx context.Context, gitDir, base, head string, opts Options) ([]byte, error) {
76
 func FromMergeBase(ctx context.Context, gitDir, base, head string, opts Options) ([]byte, error) {
75
-	args := []string{"-C", gitDir,
77
+	args := []string{
78
+		"-C", gitDir,
76
 		"diff", "--patch",
79
 		"diff", "--patch",
77
 		"--no-color", "--no-ext-diff",
80
 		"--no-color", "--no-ext-diff",
78
 		"--full-index",
81
 		"--full-index",
internal/repos/fork/fork.gomodified
@@ -30,17 +30,17 @@ type Deps struct {
30
 
30
 
31
 // Errors surfaced to handlers.
31
 // Errors surfaced to handlers.
32
 var (
32
 var (
33
-	ErrNotLoggedIn          = errors.New("fork: login required")
33
+	ErrNotLoggedIn         = errors.New("fork: login required")
34
-	ErrSourceNotFound       = errors.New("fork: source repo not found")
34
+	ErrSourceNotFound      = errors.New("fork: source repo not found")
35
-	ErrSourceNotVisible     = errors.New("fork: source repo not visible to actor")
35
+	ErrSourceNotVisible    = errors.New("fork: source repo not visible to actor")
36
-	ErrTargetNameTaken      = errors.New("fork: target name already exists for owner")
36
+	ErrTargetNameTaken     = errors.New("fork: target name already exists for owner")
37
-	ErrVisibilityFloor      = errors.New("fork: target visibility cannot exceed source visibility")
37
+	ErrVisibilityFloor     = errors.New("fork: target visibility cannot exceed source visibility")
38
-	ErrSelfForkSameName     = errors.New("fork: forking into the same owner requires a different name")
38
+	ErrSelfForkSameName    = errors.New("fork: forking into the same owner requires a different name")
39
-	ErrSourceArchived       = errors.New("fork: source repo is archived")
39
+	ErrSourceArchived      = errors.New("fork: source repo is archived")
40
-	ErrSourceDeleted        = errors.New("fork: source repo is deleted")
40
+	ErrSourceDeleted       = errors.New("fork: source repo is deleted")
41
-	ErrSyncDiverged         = errors.New("fork: fork has diverged from upstream; sync via your client")
41
+	ErrSyncDiverged        = errors.New("fork: fork has diverged from upstream; sync via your client")
42
-	ErrSyncUpToDate         = errors.New("fork: already up to date")
42
+	ErrSyncUpToDate        = errors.New("fork: already up to date")
43
-	ErrSyncDefaultsMissing  = errors.New("fork: source or fork default branch is empty")
43
+	ErrSyncDefaultsMissing = errors.New("fork: source or fork default branch is empty")
44
-	ErrSyncRefRaced         = errors.New("fork: ref changed concurrently; retry")
44
+	ErrSyncRefRaced        = errors.New("fork: ref changed concurrently; retry")
45
-	ErrForkNotInitialized   = errors.New("fork: fork is still being prepared")
45
+	ErrForkNotInitialized  = errors.New("fork: fork is still being prepared")
46
 )
46
 )
internal/repos/git/branchops.gomodified
@@ -50,7 +50,8 @@ func CommitsBetween(ctx context.Context, gitDir, base, head string, max int) ([]
50
 	const sep = "\x1f"
50
 	const sep = "\x1f"
51
 	const recordEnd = "\x1e"
51
 	const recordEnd = "\x1e"
52
 	format := strings.Join([]string{"%H", "%h", "%an", "%ae", "%at", "%s"}, sep) + sep + "%b" + recordEnd
52
 	format := strings.Join([]string{"%H", "%h", "%an", "%ae", "%at", "%s"}, sep) + sep + "%b" + recordEnd
53
-	cmd := exec.CommandContext(ctx, "git", "-C", gitDir,
53
+	cmd := exec.CommandContext(
54
+		ctx, "git", "-C", gitDir,
54
 		"log",
55
 		"log",
55
 		"--max-count="+strconv.Itoa(max),
56
 		"--max-count="+strconv.Itoa(max),
56
 		"--format="+format,
57
 		"--format="+format,
internal/repos/git/logops.gomodified
@@ -17,8 +17,8 @@ import (
17
 // arrive via `git log --format=...`; the per-file stats live on
17
 // arrive via `git log --format=...`; the per-file stats live on
18
 // CommitDetail.
18
 // CommitDetail.
19
 type Commit struct {
19
 type Commit struct {
20
-	OID         string    // full 40-char SHA
20
+	OID         string // full 40-char SHA
21
-	ShortOID    string    // git's --abbrev result, typically 7 chars
21
+	ShortOID    string // git's --abbrev result, typically 7 chars
22
 	AuthorName  string
22
 	AuthorName  string
23
 	AuthorEmail string
23
 	AuthorEmail string
24
 	AuthorWhen  time.Time
24
 	AuthorWhen  time.Time
@@ -57,7 +57,8 @@ func Log(ctx context.Context, gitDir string, o LogOptions) ([]Commit, error) {
57
 	// don't confuse SplitN.
57
 	// don't confuse SplitN.
58
 	format := strings.Join([]string{"%H", "%h", "%an", "%ae", "%at", "%s"}, sep) + sep + "%b" + recordEnd
58
 	format := strings.Join([]string{"%H", "%h", "%an", "%ae", "%at", "%s"}, sep) + sep + "%b" + recordEnd
59
 
59
 
60
-	args := []string{"-C", gitDir, "log",
60
+	args := []string{
61
+		"-C", gitDir, "log",
61
 		"--max-count=" + strconv.Itoa(o.MaxCount),
62
 		"--max-count=" + strconv.Itoa(o.MaxCount),
62
 		"--skip=" + strconv.Itoa(o.Skip),
63
 		"--skip=" + strconv.Itoa(o.Skip),
63
 		"--format=" + format,
64
 		"--format=" + format,
@@ -134,12 +135,12 @@ type CommitDetail struct {
134
 // Status is git's letter code: A added, M modified, D deleted, R renamed,
135
 // Status is git's letter code: A added, M modified, D deleted, R renamed,
135
 // C copied, T type-changed.
136
 // C copied, T type-changed.
136
 type FileChange struct {
137
 type FileChange struct {
137
-	Status   string
138
+	Status  string
138
-	Path     string
139
+	Path    string
139
-	OldPath  string // populated for R/C
140
+	OldPath string // populated for R/C
140
-	Insert   int
141
+	Insert  int
141
-	Delete   int
142
+	Delete  int
142
-	Binary   bool
143
+	Binary  bool
143
 }
144
 }
144
 
145
 
145
 // GetCommit returns the full detail for one SHA. Two commands: one for
146
 // GetCommit returns the full detail for one SHA. Two commands: one for
internal/repos/git/mergeops.gomodified
@@ -90,7 +90,8 @@ func CommitsBetweenDetail(ctx context.Context, gitDir, baseOID, headOID string,
90
 		"%cn", "%ce", "%ct",
90
 		"%cn", "%ce", "%ct",
91
 		"%s",
91
 		"%s",
92
 	}, sep) + sep + "%b" + recordEnd
92
 	}, sep) + sep + "%b" + recordEnd
93
-	cmd := exec.CommandContext(ctx, "git", "-C", gitDir,
93
+	cmd := exec.CommandContext(
94
+		ctx, "git", "-C", gitDir,
94
 		"log", "--reverse",
95
 		"log", "--reverse",
95
 		"--max-count="+strconv.Itoa(max),
96
 		"--max-count="+strconv.Itoa(max),
96
 		"--format="+format,
97
 		"--format="+format,
@@ -147,7 +148,8 @@ func parseCommitDetail(out []byte) []CommitDetail {
147
 // changes from merge-base to head). Status is git's letter code,
148
 // changes from merge-base to head). Status is git's letter code,
148
 // renames carry the old path as the second column.
149
 // renames carry the old path as the second column.
149
 func FilesChangedBetween(ctx context.Context, gitDir, baseOID, headOID string) ([]PRFileChange, error) {
150
 func FilesChangedBetween(ctx context.Context, gitDir, baseOID, headOID string) ([]PRFileChange, error) {
150
-	cmd := exec.CommandContext(ctx, "git", "-C", gitDir,
151
+	cmd := exec.CommandContext(
152
+		ctx, "git", "-C", gitDir,
151
 		"diff", "--name-status", "-M", "-C",
153
 		"diff", "--name-status", "-M", "-C",
152
 		baseOID+"..."+headOID,
154
 		baseOID+"..."+headOID,
153
 	)
155
 	)
@@ -159,7 +161,8 @@ func FilesChangedBetween(ctx context.Context, gitDir, baseOID, headOID string) (
159
 		}
161
 		}
160
 		return nil, wrapExecErr(err)
162
 		return nil, wrapExecErr(err)
161
 	}
163
 	}
162
-	cmd = exec.CommandContext(ctx, "git", "-C", gitDir,
164
+	cmd = exec.CommandContext(
165
+		ctx, "git", "-C", gitDir,
163
 		"diff", "--numstat", "-M", "-C",
166
 		"diff", "--numstat", "-M", "-C",
164
 		baseOID+"..."+headOID,
167
 		baseOID+"..."+headOID,
165
 	)
168
 	)
@@ -291,14 +294,16 @@ func PerformMerge(ctx context.Context, opts MergeOptions) (MergeResult, error) {
291
 
294
 
292
 	// Identity for the merge commit. `--no-edit` + a baked subject
295
 	// Identity for the merge commit. `--no-edit` + a baked subject
293
 	// keeps the merge non-interactive.
296
 	// keeps the merge non-interactive.
294
-	envBase := append(os.Environ(),
297
+	envBase := append(
298
+		os.Environ(),
295
 		"GIT_AUTHOR_NAME="+opts.AuthorName,
299
 		"GIT_AUTHOR_NAME="+opts.AuthorName,
296
 		"GIT_AUTHOR_EMAIL="+opts.AuthorEmail,
300
 		"GIT_AUTHOR_EMAIL="+opts.AuthorEmail,
297
 		"GIT_COMMITTER_NAME="+opts.CommitterName,
301
 		"GIT_COMMITTER_NAME="+opts.CommitterName,
298
 		"GIT_COMMITTER_EMAIL="+opts.CommitterEmail,
302
 		"GIT_COMMITTER_EMAIL="+opts.CommitterEmail,
299
 	)
303
 	)
300
 	if !opts.When.IsZero() {
304
 	if !opts.When.IsZero() {
301
-		envBase = append(envBase,
305
+		envBase = append(
306
+			envBase,
302
 			"GIT_AUTHOR_DATE="+opts.When.Format(time.RFC3339),
307
 			"GIT_AUTHOR_DATE="+opts.When.Format(time.RFC3339),
303
 			"GIT_COMMITTER_DATE="+opts.When.Format(time.RFC3339),
308
 			"GIT_COMMITTER_DATE="+opts.When.Format(time.RFC3339),
304
 		)
309
 		)
internal/repos/git/plumbing.gomodified
@@ -150,7 +150,8 @@ func (ic InitialCommit) commitTree(ctx context.Context, tree string) (string, er
150
 	//nolint:gosec // G204: tree is git's stdout (40-char OID); gitDir validated.
150
 	//nolint:gosec // G204: tree is git's stdout (40-char OID); gitDir validated.
151
 	cmd := exec.CommandContext(ctx, "git", "-C", ic.GitDir, "commit-tree", tree, "-m", ic.Message)
151
 	cmd := exec.CommandContext(ctx, "git", "-C", ic.GitDir, "commit-tree", tree, "-m", ic.Message)
152
 	stamp := ic.When.Format(time.RFC3339)
152
 	stamp := ic.When.Format(time.RFC3339)
153
-	cmd.Env = append(os.Environ(),
153
+	cmd.Env = append(
154
+		os.Environ(),
154
 		"GIT_AUTHOR_NAME="+ic.AuthorName,
155
 		"GIT_AUTHOR_NAME="+ic.AuthorName,
155
 		"GIT_AUTHOR_EMAIL="+ic.AuthorEmail,
156
 		"GIT_AUTHOR_EMAIL="+ic.AuthorEmail,
156
 		"GIT_AUTHOR_DATE="+stamp,
157
 		"GIT_AUTHOR_DATE="+stamp,
internal/repos/lifecycle/hard_delete.gomodified
@@ -118,4 +118,3 @@ func HardDelete(ctx context.Context, deps Deps, actorUserID, repoID int64) error
118
 	}
118
 	}
119
 	return nil
119
 	return nil
120
 }
120
 }
121
-
internal/repos/lifecycle/transfer.gomodified
@@ -19,11 +19,11 @@ import (
19
 
19
 
20
 // TransferRequestParams describes a new transfer offer.
20
 // TransferRequestParams describes a new transfer offer.
21
 type TransferRequestParams struct {
21
 type TransferRequestParams struct {
22
-	ActorUserID    int64
22
+	ActorUserID     int64
23
-	RepoID         int64
23
+	RepoID          int64
24
-	FromUserID     int64
24
+	FromUserID      int64
25
 	ToPrincipalKind string // "user" — "org" arrives in S31
25
 	ToPrincipalKind string // "user" — "org" arrives in S31
26
-	ToPrincipalID  int64
26
+	ToPrincipalID   int64
27
 }
27
 }
28
 
28
 
29
 // RequestTransfer creates a pending transfer with a 7-day TTL. Returns
29
 // RequestTransfer creates a pending transfer with a 7-day TTL. Returns
@@ -39,12 +39,12 @@ func RequestTransfer(ctx context.Context, deps Deps, p TransferRequestParams) (i
39
 
39
 
40
 	rq := reposdb.New()
40
 	rq := reposdb.New()
41
 	row, err := rq.InsertTransferRequest(ctx, deps.Pool, reposdb.InsertTransferRequestParams{
41
 	row, err := rq.InsertTransferRequest(ctx, deps.Pool, reposdb.InsertTransferRequestParams{
42
-		RepoID:           p.RepoID,
42
+		RepoID:          p.RepoID,
43
-		FromUserID:       p.FromUserID,
43
+		FromUserID:      p.FromUserID,
44
-		ToPrincipalKind:  reposdb.TransferPrincipalKind(p.ToPrincipalKind),
44
+		ToPrincipalKind: reposdb.TransferPrincipalKind(p.ToPrincipalKind),
45
-		ToPrincipalID:    p.ToPrincipalID,
45
+		ToPrincipalID:   p.ToPrincipalID,
46
-		CreatedBy:        p.ActorUserID,
46
+		CreatedBy:       p.ActorUserID,
47
-		ExpiresAt:        pgtype.Timestamptz{Time: deps.now().Add(transferTTL), Valid: true},
47
+		ExpiresAt:       pgtype.Timestamptz{Time: deps.now().Add(transferTTL), Valid: true},
48
 	})
48
 	})
49
 	if err != nil {
49
 	if err != nil {
50
 		return 0, fmt.Errorf("insert transfer: %w", err)
50
 		return 0, fmt.Errorf("insert transfer: %w", err)
@@ -122,10 +122,10 @@ func AcceptTransfer(ctx context.Context, deps Deps, actorUserID, transferID int6
122
 	// Update owner. We keep the same name; if it collides on the
122
 	// Update owner. We keep the same name; if it collides on the
123
 	// recipient, the unique index trips and the tx rolls back.
123
 	// recipient, the unique index trips and the tx rolls back.
124
 	if err := rq.TransferRepoOwner(ctx, tx, reposdb.TransferRepoOwnerParams{
124
 	if err := rq.TransferRepoOwner(ctx, tx, reposdb.TransferRepoOwnerParams{
125
-		ID:           repo.ID,
125
+		ID:          repo.ID,
126
-		Name:         repo.Name,
126
+		Name:        repo.Name,
127
-		OwnerUserID:  pgtype.Int8{Int64: actorUserID, Valid: true},
127
+		OwnerUserID: pgtype.Int8{Int64: actorUserID, Valid: true},
128
-		OwnerOrgID:   pgtype.Int8{Valid: false},
128
+		OwnerOrgID:  pgtype.Int8{Valid: false},
129
 	}); err != nil {
129
 	}); err != nil {
130
 		var pgErr *pgconn.PgError
130
 		var pgErr *pgconn.PgError
131
 		if errAs(err, &pgErr) && pgErr.Code == "23505" {
131
 		if errAs(err, &pgErr) && pgErr.Code == "23505" {
internal/repos/protection/protection.gomodified
@@ -26,10 +26,10 @@ import (
26
 // the rule set. Allow=true means the push proceeds; Allow=false
26
 // the rule set. Allow=true means the push proceeds; Allow=false
27
 // surfaces the reason+rule pattern back to the user via stderr.
27
 // surfaces the reason+rule pattern back to the user via stderr.
28
 type Decision struct {
28
 type Decision struct {
29
-	Allow      bool
29
+	Allow   bool
30
-	Reason     string
30
+	Reason  string
31
-	RuleID     int64
31
+	RuleID  int64
32
-	Pattern    string
32
+	Pattern string
33
 }
33
 }
34
 
34
 
35
 // Update is one ref update from the pre-receive hook's stdin.
35
 // Update is one ref update from the pre-receive hook's stdin.
@@ -178,4 +178,3 @@ func FriendlyMessage(d Decision) string {
178
 	}
178
 	}
179
 	return fmt.Sprintf("shithub: %s (rule pattern %q).", d.Reason, d.Pattern)
179
 	return fmt.Sprintf("shithub: %s (rule pattern %q).", d.Reason, d.Pattern)
180
 }
180
 }
181
-
internal/search/query_parse.gomodified
@@ -14,8 +14,8 @@ import "strings"
14
 // to take effect (a bare `repo:foo` without slash is treated as
14
 // to take effect (a bare `repo:foo` without slash is treated as
15
 // free text).
15
 // free text).
16
 type ParsedQuery struct {
16
 type ParsedQuery struct {
17
-	Text         string  // free-text query (what tsvector matches against)
17
+	Text         string // free-text query (what tsvector matches against)
18
-	Phrase       string  // when a quoted phrase was supplied; empty when not
18
+	Phrase       string // when a quoted phrase was supplied; empty when not
19
 	RepoFilter   *RepoFilter
19
 	RepoFilter   *RepoFilter
20
 	StateFilter  string // "open" | "closed" | ""
20
 	StateFilter  string // "open" | "closed" | ""
21
 	AuthorFilter string // username or empty
21
 	AuthorFilter string // username or empty
internal/search/search_test.gomodified
@@ -36,8 +36,10 @@ func TestParseQuery(t *testing.T) {
36
 		{"", search.ParsedQuery{}},
36
 		{"", search.ParsedQuery{}},
37
 		{"hello world", search.ParsedQuery{Text: "hello world"}},
37
 		{"hello world", search.ParsedQuery{Text: "hello world"}},
38
 		{`"quoted phrase"`, search.ParsedQuery{Phrase: "quoted phrase"}},
38
 		{`"quoted phrase"`, search.ParsedQuery{Phrase: "quoted phrase"}},
39
-		{"repo:alice/demo bug", search.ParsedQuery{Text: "bug",
39
+		{"repo:alice/demo bug", search.ParsedQuery{
40
-			RepoFilter: &search.RepoFilter{Owner: "alice", Name: "demo"}}},
40
+			Text:       "bug",
41
+			RepoFilter: &search.RepoFilter{Owner: "alice", Name: "demo"},
42
+		}},
41
 		{"repo:noslash bug", search.ParsedQuery{Text: "repo:noslash bug"}},
43
 		{"repo:noslash bug", search.ParsedQuery{Text: "repo:noslash bug"}},
42
 		{"is:open broken", search.ParsedQuery{Text: "broken", StateFilter: "open"}},
44
 		{"is:open broken", search.ParsedQuery{Text: "broken", StateFilter: "open"}},
43
 		{"state:closed bug", search.ParsedQuery{Text: "bug", StateFilter: "closed"}},
45
 		{"state:closed bug", search.ParsedQuery{Text: "bug", StateFilter: "closed"}},
internal/social/social.gomodified
@@ -32,7 +32,7 @@ type Deps struct {
32
 
32
 
33
 // Errors surfaced to handlers.
33
 // Errors surfaced to handlers.
34
 var (
34
 var (
35
-	ErrNotLoggedIn      = errors.New("social: login required")
35
+	ErrNotLoggedIn       = errors.New("social: login required")
36
 	ErrInvalidWatchLevel = errors.New("social: watch level must be all, participating, or ignore")
36
 	ErrInvalidWatchLevel = errors.New("social: watch level must be all, participating, or ignore")
37
-	ErrStarRateLimit    = errors.New("social: star/unstar rate limit exceeded")
37
+	ErrStarRateLimit     = errors.New("social: star/unstar rate limit exceeded")
38
 )
38
 )
internal/web/handlers/api/checks.gomodified
@@ -289,10 +289,10 @@ func presentRun(r checksdb.CheckRun) map[string]any {
289
 
289
 
290
 func presentSuite(s checksdb.CheckSuite) map[string]any {
290
 func presentSuite(s checksdb.CheckSuite) map[string]any {
291
 	out := map[string]any{
291
 	out := map[string]any{
292
-		"id":        s.ID,
292
+		"id":       s.ID,
293
-		"head_sha":  s.HeadSha,
293
+		"head_sha": s.HeadSha,
294
-		"app_slug":  s.AppSlug,
294
+		"app_slug": s.AppSlug,
295
-		"status":    string(s.Status),
295
+		"status":   string(s.Status),
296
 	}
296
 	}
297
 	if s.Conclusion.Valid {
297
 	if s.Conclusion.Valid {
298
 		out["conclusion"] = string(s.Conclusion.CheckConclusion)
298
 		out["conclusion"] = string(s.Conclusion.CheckConclusion)
internal/web/handlers/api/stars.gomodified
@@ -141,4 +141,3 @@ func pgTextString(t pgtype.Text) any {
141
 	}
141
 	}
142
 	return t.String
142
 	return t.String
143
 }
143
 }
144
-
internal/web/handlers/auth/auth_test.gomodified
@@ -149,7 +149,8 @@ func newTestServerWithPool(t *testing.T, requireVerify bool) (*httptest.Server,
149
 			epoch       int32
149
 			epoch       int32
150
 			suspendedAt sql.NullTime
150
 			suspendedAt sql.NullTime
151
 		)
151
 		)
152
-		err = u.QueryRow(ctx,
152
+		err = u.QueryRow(
153
+			ctx,
153
 			"SELECT username, session_epoch, suspended_at FROM users WHERE id = $1", id,
154
 			"SELECT username, session_epoch, suspended_at FROM users WHERE id = $1", id,
154
 		).Scan(&name, &epoch, &suspendedAt)
155
 		).Scan(&name, &epoch, &suspendedAt)
155
 		return middleware.UserLookupResult{
156
 		return middleware.UserLookupResult{
internal/web/handlers/auth/avatar.gomodified
@@ -68,7 +68,8 @@ func (h *Handlers) settingsAvatarUpload(w http.ResponseWriter, r *http.Request)
68
 		if v.Size == variants[0].Size {
68
 		if v.Size == variants[0].Size {
69
 			key = largestKey
69
 			key = largestKey
70
 		}
70
 		}
71
-		if _, err := h.d.ObjectStore.Put(r.Context(), key,
71
+		if _, err := h.d.ObjectStore.Put(
72
+			r.Context(), key,
72
 			bytes.NewReader(v.Data),
73
 			bytes.NewReader(v.Data),
73
 			storage.PutOpts{ContentType: "image/png", ContentLength: int64(len(v.Data))},
74
 			storage.PutOpts{ContentType: "image/png", ContentLength: int64(len(v.Data))},
74
 		); err != nil {
75
 		); err != nil {
internal/web/handlers/auth/danger_test.gomodified
@@ -133,7 +133,8 @@ func TestDanger_PostGracePermanent(t *testing.T) {
133
 	// be treated as nonexistent. Uses the SAME pool the test server is
133
 	// be treated as nonexistent. Uses the SAME pool the test server is
134
 	// reading from — a fresh dbtest.NewTestDB call would clone a brand
134
 	// reading from — a fresh dbtest.NewTestDB call would clone a brand
135
 	// new database.
135
 	// new database.
136
-	if _, err := pool.Exec(context.Background(),
136
+	if _, err := pool.Exec(
137
+		context.Background(),
137
 		"UPDATE users SET deleted_at = $1 WHERE username = 'dangb'",
138
 		"UPDATE users SET deleted_at = $1 WHERE username = 'dangb'",
138
 		time.Now().Add(-30*24*time.Hour),
139
 		time.Now().Add(-30*24*time.Hour),
139
 	); err != nil {
140
 	); err != nil {
internal/web/handlers/auth/tokens_test.gomodified
@@ -84,7 +84,8 @@ func newTokenServer(t *testing.T) (srv *httptest.Server, cli *client, captor *ca
84
 			epoch       int32
84
 			epoch       int32
85
 			suspendedAt sql.NullTime
85
 			suspendedAt sql.NullTime
86
 		)
86
 		)
87
-		err = c.QueryRow(ctx,
87
+		err = c.QueryRow(
88
+			ctx,
88
 			"SELECT username, session_epoch, suspended_at FROM users WHERE id = $1", id,
89
 			"SELECT username, session_epoch, suspended_at FROM users WHERE id = $1", id,
89
 		).Scan(&name, &epoch, &suspendedAt)
90
 		).Scan(&name, &epoch, &suspendedAt)
90
 		return middleware.UserLookupResult{
91
 		return middleware.UserLookupResult{
internal/web/handlers/orgs/orgs.gomodified
@@ -2,15 +2,15 @@ 
2
 
2
 
3
 // Package orgs wires the S30 organization web surface:
3
 // Package orgs wires the S30 organization web surface:
4
 //
4
 //
5
-//   GET  /organizations/new            create form
5
+//	GET  /organizations/new            create form
6
-//   POST /organizations                create submit
6
+//	POST /organizations                create submit
7
-//   GET  /{org}/people                 members + pending invites + invite form
7
+//	GET  /{org}/people                 members + pending invites + invite form
8
-//   POST /{org}/people/invite          invite by username or email
8
+//	POST /{org}/people/invite          invite by username or email
9
-//   POST /{org}/people/{user}/role     change role
9
+//	POST /{org}/people/{user}/role     change role
10
-//   POST /{org}/people/{user}/remove   remove member
10
+//	POST /{org}/people/{user}/remove   remove member
11
-//   GET  /invitations/{token}          accept/decline view
11
+//	GET  /invitations/{token}          accept/decline view
12
-//   POST /invitations/{token}/accept   accept
12
+//	POST /invitations/{token}/accept   accept
13
-//   POST /invitations/{token}/decline  decline
13
+//	POST /invitations/{token}/decline  decline
14
 //
14
 //
15
 // Profile rendering for /{org} is dispatched from the existing
15
 // Profile rendering for /{org} is dispatched from the existing
16
 // /{username} catch-all in internal/web/handlers/profile via the
16
 // /{username} catch-all in internal/web/handlers/profile via the
internal/web/handlers/orgs/teams.gomodified
@@ -222,7 +222,8 @@ func (h *Handlers) requireOrgOwner(w http.ResponseWriter, r *http.Request, orgID
222
 
222
 
223
 func (h *Handlers) userIDByUsername(r *http.Request, username string) (int64, bool) {
223
 func (h *Handlers) userIDByUsername(r *http.Request, username string) (int64, bool) {
224
 	var id int64
224
 	var id int64
225
-	err := h.d.Pool.QueryRow(r.Context(),
225
+	err := h.d.Pool.QueryRow(
226
+		r.Context(),
226
 		`SELECT id FROM users WHERE username = $1 AND deleted_at IS NULL`,
227
 		`SELECT id FROM users WHERE username = $1 AND deleted_at IS NULL`,
227
 		username,
228
 		username,
228
 	).Scan(&id)
229
 	).Scan(&id)
@@ -255,7 +256,8 @@ func (h *Handlers) canSeeTeam(r *http.Request, team orgsdb.Team, viewer middlewa
255
 		return false
256
 		return false
256
 	}
257
 	}
257
 	var member bool
258
 	var member bool
258
-	_ = h.d.Pool.QueryRow(r.Context(),
259
+	_ = h.d.Pool.QueryRow(
260
+		r.Context(),
259
 		`SELECT EXISTS(SELECT 1 FROM team_members WHERE team_id = $1 AND user_id = $2)`,
261
 		`SELECT EXISTS(SELECT 1 FROM team_members WHERE team_id = $1 AND user_id = $2)`,
260
 		team.ID, viewer.ID,
262
 		team.ID, viewer.ID,
261
 	).Scan(&member)
263
 	).Scan(&member)
@@ -282,7 +284,8 @@ func (h *Handlers) filterSecretTeams(r *http.Request, all []orgsdb.Team, orgID i
282
 			continue
284
 			continue
283
 		}
285
 		}
284
 		var member bool
286
 		var member bool
285
-		err := h.d.Pool.QueryRow(r.Context(),
287
+		err := h.d.Pool.QueryRow(
288
+			r.Context(),
286
 			`SELECT EXISTS(SELECT 1 FROM team_members WHERE team_id = $1 AND user_id = $2)`,
289
 			`SELECT EXISTS(SELECT 1 FROM team_members WHERE team_id = $1 AND user_id = $2)`,
287
 			t.ID, viewer.ID,
290
 			t.ID, viewer.ID,
288
 		).Scan(&member)
291
 		).Scan(&member)
@@ -304,4 +307,4 @@ var _ = pgx.ErrNoRows
304
 
307
 
305
 // errTeamNotFound is reserved for the future; surfaced via
308
 // errTeamNotFound is reserved for the future; surfaced via
306
 // orgs.ErrTeamNotFound when needed.
309
 // orgs.ErrTeamNotFound when needed.
307
-var _ = errors.New
310
+var _ = errors.New
internal/web/handlers/repo/branches.gomodified
@@ -146,12 +146,12 @@ func (h *Handlers) tagsList(w http.ResponseWriter, r *http.Request) {
146
 	refs, _ := repogit.ListRefs(r.Context(), gitDir)
146
 	refs, _ := repogit.ListRefs(r.Context(), gitDir)
147
 
147
 
148
 	type tagRow struct {
148
 	type tagRow struct {
149
-		Name        string
149
+		Name       string
150
-		OID         string
150
+		OID        string
151
-		ShortOID    string
151
+		ShortOID   string
152
-		Subject     string
152
+		Subject    string
153
-		AuthorName  string
153
+		AuthorName string
154
-		AuthorWhen  time.Time
154
+		AuthorWhen time.Time
155
 	}
155
 	}
156
 	rows := make([]tagRow, 0, len(refs.Tags))
156
 	rows := make([]tagRow, 0, len(refs.Tags))
157
 	for _, t := range refs.Tags {
157
 	for _, t := range refs.Tags {
@@ -235,20 +235,20 @@ func (h *Handlers) compareView(w http.ResponseWriter, r *http.Request) {
235
 
235
 
236
 	refs, _ := repogit.ListRefs(r.Context(), gitDir)
236
 	refs, _ := repogit.ListRefs(r.Context(), gitDir)
237
 	h.d.Render.RenderPage(w, r, "repo/compare", map[string]any{
237
 	h.d.Render.RenderPage(w, r, "repo/compare", map[string]any{
238
-		"Title":     "Compare · " + row.Name,
238
+		"Title":      "Compare · " + row.Name,
239
-		"CSRFToken": middleware.CSRFTokenForRequest(r),
239
+		"CSRFToken":  middleware.CSRFTokenForRequest(r),
240
-		"Owner":     owner.Username,
240
+		"Owner":      owner.Username,
241
-		"Repo":      row,
241
+		"Repo":       row,
242
-		"Base":      base,
242
+		"Base":       base,
243
-		"Head":      head,
243
+		"Head":       head,
244
-		"Ahead":     ahead,
244
+		"Ahead":      ahead,
245
-		"Behind":    behind,
245
+		"Behind":     behind,
246
-		"Commits":   commits,
246
+		"Commits":    commits,
247
-		"DiffHTML":  diffHTML,
247
+		"DiffHTML":   diffHTML,
248
-		"NotFound":  notFound,
248
+		"NotFound":   notFound,
249
 		"CommitsErr": cerr != nil,
249
 		"CommitsErr": cerr != nil,
250
-		"Branches":  refs.Branches,
250
+		"Branches":   refs.Branches,
251
-		"Tags":      refs.Tags,
251
+		"Tags":       refs.Tags,
252
 	})
252
 	})
253
 }
253
 }
254
 
254
 
internal/web/handlers/repo/code.gomodified
@@ -15,10 +15,10 @@ import (
15
 	"github.com/jackc/pgx/v5/pgtype"
15
 	"github.com/jackc/pgx/v5/pgtype"
16
 
16
 
17
 	"github.com/tenseleyFlow/shithub/internal/auth/policy"
17
 	"github.com/tenseleyFlow/shithub/internal/auth/policy"
18
+	mdrender "github.com/tenseleyFlow/shithub/internal/markdown"
18
 	"github.com/tenseleyFlow/shithub/internal/repos/finder"
19
 	"github.com/tenseleyFlow/shithub/internal/repos/finder"
19
 	repogit "github.com/tenseleyFlow/shithub/internal/repos/git"
20
 	repogit "github.com/tenseleyFlow/shithub/internal/repos/git"
20
 	"github.com/tenseleyFlow/shithub/internal/repos/highlight"
21
 	"github.com/tenseleyFlow/shithub/internal/repos/highlight"
21
-	mdrender "github.com/tenseleyFlow/shithub/internal/markdown"
22
 	reposdb "github.com/tenseleyFlow/shithub/internal/repos/sqlc"
22
 	reposdb "github.com/tenseleyFlow/shithub/internal/repos/sqlc"
23
 	"github.com/tenseleyFlow/shithub/internal/web/middleware"
23
 	"github.com/tenseleyFlow/shithub/internal/web/middleware"
24
 )
24
 )
@@ -44,13 +44,13 @@ func (h *Handlers) MountCode(r chi.Router) {
44
 // derive once at the top. Owner+repo come from chi; ref+path come from
44
 // derive once at the top. Owner+repo come from chi; ref+path come from
45
 // the wildcard, resolved against the repo's ref list.
45
 // the wildcard, resolved against the repo's ref list.
46
 type codeContext struct {
46
 type codeContext struct {
47
-	owner    string
47
+	owner   string
48
-	row      reposdb.Repo
48
+	row     reposdb.Repo
49
-	gitDir   string
49
+	gitDir  string
50
-	refs     repogit.RefListing
50
+	refs    repogit.RefListing
51
-	allRefs  []string
51
+	allRefs []string
52
-	ref      string // matched ref name (or 40-hex sha)
52
+	ref     string // matched ref name (or 40-hex sha)
53
-	subpath  string // path inside the ref, no leading slash
53
+	subpath string // path inside the ref, no leading slash
54
 }
54
 }
55
 
55
 
56
 // loadCodeContext does the resolve dance for tree/blob/raw/find. On
56
 // loadCodeContext does the resolve dance for tree/blob/raw/find. On
internal/web/handlers/repo/fork.gomodified
@@ -86,7 +86,8 @@ func (h *Handlers) repoFork(w http.ResponseWriter, r *http.Request) {
86
 	}
86
 	}
87
 	// Enqueue the on-disk clone. The fork row exists with
87
 	// Enqueue the on-disk clone. The fork row exists with
88
 	// init_status='init_pending' so the URL resolves immediately.
88
 	// init_status='init_pending' so the URL resolves immediately.
89
-	if _, err := worker.Enqueue(r.Context(), h.d.Pool, worker.KindRepoForkClone,
89
+	if _, err := worker.Enqueue(
90
+		r.Context(), h.d.Pool, worker.KindRepoForkClone,
90
 		map[string]any{"source_repo_id": res.Source.ID, "fork_repo_id": res.Fork.ID},
91
 		map[string]any{"source_repo_id": res.Source.ID, "fork_repo_id": res.Fork.ID},
91
 		worker.EnqueueOptions{},
92
 		worker.EnqueueOptions{},
92
 	); err != nil {
93
 	); err != nil {
@@ -250,4 +251,3 @@ func (h *Handlers) handleForkError(w http.ResponseWriter, r *http.Request, err e
250
 		h.d.Render.HTTPError(w, r, http.StatusInternalServerError, "")
251
 		h.d.Render.HTTPError(w, r, http.StatusInternalServerError, "")
251
 	}
252
 	}
252
 }
253
 }
253
-
internal/web/handlers/repo/issues.gomodified
@@ -205,7 +205,8 @@ func (h *Handlers) issueCreate(w http.ResponseWriter, r *http.Request) {
205
 	// thread events to them. Non-destructive — no-op if the user
205
 	// thread events to them. Non-destructive — no-op if the user
206
 	// already has an explicit preference.
206
 	// already has an explicit preference.
207
 	_ = social.AutoWatchOnInvolvement(r.Context(), h.socialDeps(), viewer.ID, row.ID)
207
 	_ = social.AutoWatchOnInvolvement(r.Context(), h.socialDeps(), viewer.ID, row.ID)
208
-	http.Redirect(w, r,
208
+	http.Redirect(
209
+		w, r,
209
 		"/"+owner.Username+"/"+row.Name+"/issues/"+strconv.FormatInt(created.Number, 10),
210
 		"/"+owner.Username+"/"+row.Name+"/issues/"+strconv.FormatInt(created.Number, 10),
210
 		http.StatusSeeOther,
211
 		http.StatusSeeOther,
211
 	)
212
 	)
internal/web/handlers/repo/lifecycle.gomodified
@@ -15,8 +15,8 @@ import (
15
 	"github.com/tenseleyFlow/shithub/internal/orgs"
15
 	"github.com/tenseleyFlow/shithub/internal/orgs"
16
 	"github.com/tenseleyFlow/shithub/internal/repos/lifecycle"
16
 	"github.com/tenseleyFlow/shithub/internal/repos/lifecycle"
17
 	reposdb "github.com/tenseleyFlow/shithub/internal/repos/sqlc"
17
 	reposdb "github.com/tenseleyFlow/shithub/internal/repos/sqlc"
18
-	"github.com/tenseleyFlow/shithub/internal/web/middleware"
19
 	usersdb "github.com/tenseleyFlow/shithub/internal/users/sqlc"
18
 	usersdb "github.com/tenseleyFlow/shithub/internal/users/sqlc"
19
+	"github.com/tenseleyFlow/shithub/internal/web/middleware"
20
 )
20
 )
21
 
21
 
22
 // MountLifecycle registers the repo settings danger-zone routes plus
22
 // MountLifecycle registers the repo settings danger-zone routes plus
@@ -72,8 +72,8 @@ func (h *Handlers) loadRepoAndAuthorize(w http.ResponseWriter, r *http.Request,
72
 		return reposdb.Repo{}, usersdb.User{}, false
72
 		return reposdb.Repo{}, usersdb.User{}, false
73
 	}
73
 	}
74
 	var (
74
 	var (
75
-		row    reposdb.Repo
75
+		row   reposdb.Repo
76
-		owner  usersdb.User
76
+		owner usersdb.User
77
 	)
77
 	)
78
 	switch principal.Kind {
78
 	switch principal.Kind {
79
 	case orgs.PrincipalUser:
79
 	case orgs.PrincipalUser:
internal/web/handlers/repo/pulls.gomodified
@@ -18,10 +18,10 @@ import (
18
 	checksdb "github.com/tenseleyFlow/shithub/internal/checks/sqlc"
18
 	checksdb "github.com/tenseleyFlow/shithub/internal/checks/sqlc"
19
 	"github.com/tenseleyFlow/shithub/internal/issues"
19
 	"github.com/tenseleyFlow/shithub/internal/issues"
20
 	issuesdb "github.com/tenseleyFlow/shithub/internal/issues/sqlc"
20
 	issuesdb "github.com/tenseleyFlow/shithub/internal/issues/sqlc"
21
+	mdrender "github.com/tenseleyFlow/shithub/internal/markdown"
21
 	"github.com/tenseleyFlow/shithub/internal/pulls"
22
 	"github.com/tenseleyFlow/shithub/internal/pulls"
22
 	pullsdb "github.com/tenseleyFlow/shithub/internal/pulls/sqlc"
23
 	pullsdb "github.com/tenseleyFlow/shithub/internal/pulls/sqlc"
23
 	repogit "github.com/tenseleyFlow/shithub/internal/repos/git"
24
 	repogit "github.com/tenseleyFlow/shithub/internal/repos/git"
24
-	mdrender "github.com/tenseleyFlow/shithub/internal/markdown"
25
 	reposdb "github.com/tenseleyFlow/shithub/internal/repos/sqlc"
25
 	reposdb "github.com/tenseleyFlow/shithub/internal/repos/sqlc"
26
 	"github.com/tenseleyFlow/shithub/internal/social"
26
 	"github.com/tenseleyFlow/shithub/internal/social"
27
 	"github.com/tenseleyFlow/shithub/internal/web/middleware"
27
 	"github.com/tenseleyFlow/shithub/internal/web/middleware"
@@ -193,7 +193,8 @@ func (h *Handlers) pullCreate(w http.ResponseWriter, r *http.Request) {
193
 		h.d.Logger.WarnContext(r.Context(), "pulls: enqueue mergeability", "error", err)
193
 		h.d.Logger.WarnContext(r.Context(), "pulls: enqueue mergeability", "error", err)
194
 	}
194
 	}
195
 	_ = worker.Notify(r.Context(), h.d.Pool)
195
 	_ = worker.Notify(r.Context(), h.d.Pool)
196
-	http.Redirect(w, r,
196
+	http.Redirect(
197
+		w, r,
197
 		"/"+owner.Username+"/"+row.Name+"/pulls/"+strconv.FormatInt(res.Issue.Number, 10),
198
 		"/"+owner.Username+"/"+row.Name+"/pulls/"+strconv.FormatInt(res.Issue.Number, 10),
198
 		http.StatusSeeOther,
199
 		http.StatusSeeOther,
199
 	)
200
 	)
@@ -421,9 +422,9 @@ func (h *Handlers) pullFiles(w http.ResponseWriter, r *http.Request) {
421
 		threadsByFile[f.Path] = out
422
 		threadsByFile[f.Path] = out
422
 	}
423
 	}
423
 	h.renderPullPage(w, r, "files", map[string]any{
424
 	h.renderPullPage(w, r, "files", map[string]any{
424
-		"Files":          files,
425
+		"Files":         files,
425
-		"DiffHTML":       diffHTML,
426
+		"DiffHTML":      diffHTML,
426
-		"ThreadsByFile":  threadsByFile,
427
+		"ThreadsByFile": threadsByFile,
427
 	})
428
 	})
428
 }
429
 }
429
 
430
 
@@ -440,9 +441,9 @@ func (h *Handlers) pullChecks(w http.ResponseWriter, r *http.Request) {
440
 		return
441
 		return
441
 	}
442
 	}
442
 	type runRow struct {
443
 	type runRow struct {
443
-		R              checksdb.CheckRun
444
+		R           checksdb.CheckRun
444
-		SummaryHTML    template.HTML
445
+		SummaryHTML template.HTML
445
-		AppSlug        string
446
+		AppSlug     string
446
 	}
447
 	}
447
 	type suiteGroup struct {
448
 	type suiteGroup struct {
448
 		Suite checksdb.CheckSuite
449
 		Suite checksdb.CheckSuite
internal/web/handlers/repo/repo.gomodified
@@ -10,9 +10,8 @@ import (
10
 	"errors"
10
 	"errors"
11
 	"log/slog"
11
 	"log/slog"
12
 	"net/http"
12
 	"net/http"
13
-	"strings"
14
-
15
 	"strconv"
13
 	"strconv"
14
+	"strings"
16
 
15
 
17
 	"github.com/go-chi/chi/v5"
16
 	"github.com/go-chi/chi/v5"
18
 	"github.com/jackc/pgx/v5"
17
 	"github.com/jackc/pgx/v5"
@@ -23,8 +22,8 @@ import (
23
 	"github.com/tenseleyFlow/shithub/internal/auth/policy"
22
 	"github.com/tenseleyFlow/shithub/internal/auth/policy"
24
 	"github.com/tenseleyFlow/shithub/internal/auth/secretbox"
23
 	"github.com/tenseleyFlow/shithub/internal/auth/secretbox"
25
 	"github.com/tenseleyFlow/shithub/internal/auth/throttle"
24
 	"github.com/tenseleyFlow/shithub/internal/auth/throttle"
26
-	"github.com/tenseleyFlow/shithub/internal/infra/storage"
27
 	checksdb "github.com/tenseleyFlow/shithub/internal/checks/sqlc"
25
 	checksdb "github.com/tenseleyFlow/shithub/internal/checks/sqlc"
26
+	"github.com/tenseleyFlow/shithub/internal/infra/storage"
28
 	issuesdb "github.com/tenseleyFlow/shithub/internal/issues/sqlc"
27
 	issuesdb "github.com/tenseleyFlow/shithub/internal/issues/sqlc"
29
 	"github.com/tenseleyFlow/shithub/internal/orgs"
28
 	"github.com/tenseleyFlow/shithub/internal/orgs"
30
 	orgsdb "github.com/tenseleyFlow/shithub/internal/orgs/sqlc"
29
 	orgsdb "github.com/tenseleyFlow/shithub/internal/orgs/sqlc"
@@ -54,6 +53,7 @@ type CloneURLs struct {
54
 func (h *Handlers) cloneHTTPS(owner, name string) string {
53
 func (h *Handlers) cloneHTTPS(owner, name string) string {
55
 	return h.d.CloneURLs.BaseURL + "/" + owner + "/" + name + ".git"
54
 	return h.d.CloneURLs.BaseURL + "/" + owner + "/" + name + ".git"
56
 }
55
 }
56
+
57
 func (h *Handlers) cloneSSH(owner, name string) string {
57
 func (h *Handlers) cloneSSH(owner, name string) string {
58
 	return h.d.CloneURLs.SSHHost + ":" + owner + "/" + name + ".git"
58
 	return h.d.CloneURLs.SSHHost + ":" + owner + "/" + name + ".git"
59
 }
59
 }
internal/web/handlers/repo/settings_branches.gomodified
@@ -100,13 +100,13 @@ func (h *Handlers) settingsBranchesUpsert(w http.ResponseWriter, r *http.Request
100
 	if idStr == "" {
100
 	if idStr == "" {
101
 		// Create.
101
 		// Create.
102
 		newID, err := h.rq.UpsertBranchProtectionRule(r.Context(), h.d.Pool, reposdb.UpsertBranchProtectionRuleParams{
102
 		newID, err := h.rq.UpsertBranchProtectionRule(r.Context(), h.d.Pool, reposdb.UpsertBranchProtectionRuleParams{
103
-			RepoID:                row.ID,
103
+			RepoID:               row.ID,
104
-			Pattern:               pattern,
104
+			Pattern:              pattern,
105
-			PreventForcePush:      preventForcePush,
105
+			PreventForcePush:     preventForcePush,
106
-			PreventDeletion:       preventDeletion,
106
+			PreventDeletion:      preventDeletion,
107
-			RequirePrForPush:      requirePR,
107
+			RequirePrForPush:     requirePR,
108
-			AllowedPusherUserIds:  allowed,
108
+			AllowedPusherUserIds: allowed,
109
-			CreatedByUserID:       pgtype.Int8{Int64: viewer.ID, Valid: viewer.ID != 0},
109
+			CreatedByUserID:      pgtype.Int8{Int64: viewer.ID, Valid: viewer.ID != 0},
110
 		})
110
 		})
111
 		if err != nil {
111
 		if err != nil {
112
 			h.d.Logger.WarnContext(r.Context(), "branch-protection: insert", "error", err)
112
 			h.d.Logger.WarnContext(r.Context(), "branch-protection: insert", "error", err)
@@ -114,17 +114,17 @@ func (h *Handlers) settingsBranchesUpsert(w http.ResponseWriter, r *http.Request
114
 			return
114
 			return
115
 		}
115
 		}
116
 		if err := h.rq.UpdateBranchProtectionReviewSettings(r.Context(), h.d.Pool, reposdb.UpdateBranchProtectionReviewSettingsParams{
116
 		if err := h.rq.UpdateBranchProtectionReviewSettings(r.Context(), h.d.Pool, reposdb.UpdateBranchProtectionReviewSettingsParams{
117
-			ID:                          newID,
117
+			ID:                        newID,
118
-			RequiredReviewCount:         int32(requiredReviews),
118
+			RequiredReviewCount:       int32(requiredReviews),
119
-			DismissStaleReviewsOnPush:   dismissStale,
119
+			DismissStaleReviewsOnPush: dismissStale,
120
-			RequireCodeOwnerReview:      false,
120
+			RequireCodeOwnerReview:    false,
121
 		}); err != nil {
121
 		}); err != nil {
122
 			h.d.Logger.WarnContext(r.Context(), "branch-protection: review settings", "error", err)
122
 			h.d.Logger.WarnContext(r.Context(), "branch-protection: review settings", "error", err)
123
 		}
123
 		}
124
 		if err := h.rq.UpdateBranchProtectionCheckSettings(r.Context(), h.d.Pool, reposdb.UpdateBranchProtectionCheckSettingsParams{
124
 		if err := h.rq.UpdateBranchProtectionCheckSettings(r.Context(), h.d.Pool, reposdb.UpdateBranchProtectionCheckSettingsParams{
125
-			ID:                              newID,
125
+			ID:                             newID,
126
-			StatusChecksRequired:            requiredChecks,
126
+			StatusChecksRequired:           requiredChecks,
127
-			DismissStaleStatusChecksOnPush:  dismissStaleChecks,
127
+			DismissStaleStatusChecksOnPush: dismissStaleChecks,
128
 		}); err != nil {
128
 		}); err != nil {
129
 			h.d.Logger.WarnContext(r.Context(), "branch-protection: check settings", "error", err)
129
 			h.d.Logger.WarnContext(r.Context(), "branch-protection: check settings", "error", err)
130
 		}
130
 		}
@@ -156,17 +156,17 @@ func (h *Handlers) settingsBranchesUpsert(w http.ResponseWriter, r *http.Request
156
 			return
156
 			return
157
 		}
157
 		}
158
 		if err := h.rq.UpdateBranchProtectionReviewSettings(r.Context(), h.d.Pool, reposdb.UpdateBranchProtectionReviewSettingsParams{
158
 		if err := h.rq.UpdateBranchProtectionReviewSettings(r.Context(), h.d.Pool, reposdb.UpdateBranchProtectionReviewSettingsParams{
159
-			ID:                          id,
159
+			ID:                        id,
160
-			RequiredReviewCount:         int32(requiredReviews),
160
+			RequiredReviewCount:       int32(requiredReviews),
161
-			DismissStaleReviewsOnPush:   dismissStale,
161
+			DismissStaleReviewsOnPush: dismissStale,
162
-			RequireCodeOwnerReview:      false,
162
+			RequireCodeOwnerReview:    false,
163
 		}); err != nil {
163
 		}); err != nil {
164
 			h.d.Logger.WarnContext(r.Context(), "branch-protection: review settings", "error", err)
164
 			h.d.Logger.WarnContext(r.Context(), "branch-protection: review settings", "error", err)
165
 		}
165
 		}
166
 		if err := h.rq.UpdateBranchProtectionCheckSettings(r.Context(), h.d.Pool, reposdb.UpdateBranchProtectionCheckSettingsParams{
166
 		if err := h.rq.UpdateBranchProtectionCheckSettings(r.Context(), h.d.Pool, reposdb.UpdateBranchProtectionCheckSettingsParams{
167
-			ID:                              id,
167
+			ID:                             id,
168
-			StatusChecksRequired:            requiredChecks,
168
+			StatusChecksRequired:           requiredChecks,
169
-			DismissStaleStatusChecksOnPush:  dismissStaleChecks,
169
+			DismissStaleStatusChecksOnPush: dismissStaleChecks,
170
 		}); err != nil {
170
 		}); err != nil {
171
 			h.d.Logger.WarnContext(r.Context(), "branch-protection: check settings", "error", err)
171
 			h.d.Logger.WarnContext(r.Context(), "branch-protection: check settings", "error", err)
172
 		}
172
 		}
internal/web/handlers/repo/webhooks.gomodified
@@ -13,9 +13,9 @@ import (
13
 
13
 
14
 	"github.com/tenseleyFlow/shithub/internal/auth/audit"
14
 	"github.com/tenseleyFlow/shithub/internal/auth/audit"
15
 	"github.com/tenseleyFlow/shithub/internal/auth/policy"
15
 	"github.com/tenseleyFlow/shithub/internal/auth/policy"
16
+	"github.com/tenseleyFlow/shithub/internal/web/middleware"
16
 	"github.com/tenseleyFlow/shithub/internal/webhook"
17
 	"github.com/tenseleyFlow/shithub/internal/webhook"
17
 	webhookdb "github.com/tenseleyFlow/shithub/internal/webhook/sqlc"
18
 	webhookdb "github.com/tenseleyFlow/shithub/internal/webhook/sqlc"
18
-	"github.com/tenseleyFlow/shithub/internal/web/middleware"
19
 )
19
 )
20
 
20
 
21
 // MountWebhooks registers the per-repo webhook CRUD + delivery views.
21
 // MountWebhooks registers the per-repo webhook CRUD + delivery views.
internal/webhook/deliver.gomodified
@@ -374,4 +374,3 @@ func Redeliver(ctx context.Context, deps FanoutDeps, originalID int64) (int64, e
374
 	}
374
 	}
375
 	return row.ID, nil
375
 	return row.ID, nil
376
 }
376
 }
377
-
internal/webhook/fanout.gomodified
@@ -17,8 +17,8 @@ import (
17
 	"github.com/jackc/pgx/v5/pgtype"
17
 	"github.com/jackc/pgx/v5/pgtype"
18
 	"github.com/jackc/pgx/v5/pgxpool"
18
 	"github.com/jackc/pgx/v5/pgxpool"
19
 
19
 
20
-	"github.com/tenseleyFlow/shithub/internal/worker"
21
 	webhookdb "github.com/tenseleyFlow/shithub/internal/webhook/sqlc"
20
 	webhookdb "github.com/tenseleyFlow/shithub/internal/webhook/sqlc"
21
+	"github.com/tenseleyFlow/shithub/internal/worker"
22
 )
22
 )
23
 
23
 
24
 // FanoutConsumer is the consumer name in domain_events_processed.
24
 // FanoutConsumer is the consumer name in domain_events_processed.
@@ -130,18 +130,18 @@ func dispatchEvent(ctx context.Context, deps FanoutDeps, q *webhookdb.Queries, e
130
 		}
130
 		}
131
 		idem := idempotencyKey(w.ID, ev.ID, body)
131
 		idem := idempotencyKey(w.ID, ev.ID, body)
132
 		row, err := q.CreateDelivery(ctx, deps.Pool, webhookdb.CreateDeliveryParams{
132
 		row, err := q.CreateDelivery(ctx, deps.Pool, webhookdb.CreateDeliveryParams{
133
-			WebhookID:       w.ID,
133
+			WebhookID:      w.ID,
134
-			EventKind:       ev.Kind,
134
+			EventKind:      ev.Kind,
135
-			EventID:         pgtype.Int8{Int64: ev.ID, Valid: true},
135
+			EventID:        pgtype.Int8{Int64: ev.ID, Valid: true},
136
-			Payload:         body,
136
+			Payload:        body,
137
-			RequestHeaders:  headersJSON,
137
+			RequestHeaders: headersJSON,
138
-			RequestBody:     body,
138
+			RequestBody:    body,
139
-			Attempt:         1,
139
+			Attempt:        1,
140
-			MaxAttempts:     8,
140
+			MaxAttempts:    8,
141
-			NextRetryAt:     pgtype.Timestamptz{Time: time.Now(), Valid: true},
141
+			NextRetryAt:    pgtype.Timestamptz{Time: time.Now(), Valid: true},
142
-			Status:          webhookdb.WebhookDeliveryStatusPending,
142
+			Status:         webhookdb.WebhookDeliveryStatusPending,
143
-			IdempotencyKey:  idem,
143
+			IdempotencyKey: idem,
144
-			RedeliverOf:     pgtype.Int8{Valid: false},
144
+			RedeliverOf:    pgtype.Int8{Valid: false},
145
 		})
145
 		})
146
 		if err != nil {
146
 		if err != nil {
147
 			return fmt.Errorf("create delivery: %w", err)
147
 			return fmt.Errorf("create delivery: %w", err)
internal/webhook/jobs.gomodified
@@ -13,9 +13,9 @@ import (
13
 
13
 
14
 // Job kinds shipped by S33. Registered by cmd/shithubd/worker.go.
14
 // Job kinds shipped by S33. Registered by cmd/shithubd/worker.go.
15
 const (
15
 const (
16
-	KindWebhookFanout    worker.Kind = "webhook:fanout"
16
+	KindWebhookFanout   worker.Kind = "webhook:fanout"
17
-	KindWebhookDeliver   worker.Kind = "webhook:deliver"
17
+	KindWebhookDeliver  worker.Kind = "webhook:deliver"
18
-	KindWebhookPurgeOld  worker.Kind = "webhook:purge_old"
18
+	KindWebhookPurgeOld worker.Kind = "webhook:purge_old"
19
 )
19
 )
20
 
20
 
21
 // deliverPayload is the schema for a `webhook:deliver` job. The
21
 // deliverPayload is the schema for a `webhook:deliver` job. The
internal/webhook/manage.gomodified
@@ -39,10 +39,10 @@ type CreateParams struct {
39
 // CreateErrors surfaces user-friendly validation failures so handlers
39
 // CreateErrors surfaces user-friendly validation failures so handlers
40
 // can render them in-page.
40
 // can render them in-page.
41
 var (
41
 var (
42
-	ErrBadURL          = errors.New("webhook: URL must be http or https with a host")
42
+	ErrBadURL         = errors.New("webhook: URL must be http or https with a host")
43
-	ErrBadContentType  = errors.New("webhook: content_type must be json or form")
43
+	ErrBadContentType = errors.New("webhook: content_type must be json or form")
44
-	ErrBadOwnerKind    = errors.New("webhook: owner_kind must be repo or org")
44
+	ErrBadOwnerKind   = errors.New("webhook: owner_kind must be repo or org")
45
-	ErrBadEvent        = errors.New("webhook: event names must be 1–64 lowercase chars")
45
+	ErrBadEvent       = errors.New("webhook: event names must be 1–64 lowercase chars")
46
 )
46
 )
47
 
47
 
48
 // Create persists a new webhook + emits a synthetic ping delivery so
48
 // Create persists a new webhook + emits a synthetic ping delivery so
internal/webhook/ssrf_test.gomodified
@@ -53,14 +53,14 @@ func TestIsForbiddenIPClassifiesCorrectly(t *testing.T) {
53
 		"10.0.0.1", "10.255.255.255",
53
 		"10.0.0.1", "10.255.255.255",
54
 		"172.16.0.1", "172.31.255.255",
54
 		"172.16.0.1", "172.31.255.255",
55
 		"192.168.0.1",
55
 		"192.168.0.1",
56
-		"100.64.0.1",       // CGNAT
56
+		"100.64.0.1",      // CGNAT
57
 		"169.254.169.254", // AWS metadata service
57
 		"169.254.169.254", // AWS metadata service
58
 		"0.0.0.0",
58
 		"0.0.0.0",
59
 		"255.255.255.255",
59
 		"255.255.255.255",
60
 		"::1",
60
 		"::1",
61
-		"fe80::1",        // link-local
61
+		"fe80::1", // link-local
62
-		"fd00::1",        // ULA
62
+		"fd00::1", // ULA
63
-		"fc00::1",        // ULA
63
+		"fc00::1", // ULA
64
 	}
64
 	}
65
 	for _, addr := range forbidden {
65
 	for _, addr := range forbidden {
66
 		ip := net.ParseIP(addr)
66
 		ip := net.ParseIP(addr)
internal/worker/jobs/push_process.gomodified
@@ -10,6 +10,7 @@ import (
10
 	"errors"
10
 	"errors"
11
 	"fmt"
11
 	"fmt"
12
 	"log/slog"
12
 	"log/slog"
13
+	"path/filepath"
13
 	"strings"
14
 	"strings"
14
 
15
 
15
 	"github.com/jackc/pgx/v5"
16
 	"github.com/jackc/pgx/v5"
@@ -22,8 +23,6 @@ import (
22
 	reposdb "github.com/tenseleyFlow/shithub/internal/repos/sqlc"
23
 	reposdb "github.com/tenseleyFlow/shithub/internal/repos/sqlc"
23
 	"github.com/tenseleyFlow/shithub/internal/worker"
24
 	"github.com/tenseleyFlow/shithub/internal/worker"
24
 	workerdb "github.com/tenseleyFlow/shithub/internal/worker/sqlc"
25
 	workerdb "github.com/tenseleyFlow/shithub/internal/worker/sqlc"
25
-
26
-	"path/filepath"
27
 )
26
 )
28
 
27
 
29
 // PushProcessDeps wires the data this handler needs.
28
 // PushProcessDeps wires the data this handler needs.
internal/worker/jobs/repo_index_reconcile.gomodified
@@ -42,7 +42,8 @@ func RepoIndexReconcile(deps IndexReconcileDeps) worker.Handler {
42
 			return err
42
 			return err
43
 		}
43
 		}
44
 		for _, r := range repos {
44
 		for _, r := range repos {
45
-			if _, err := worker.Enqueue(ctx, deps.Pool, worker.KindRepoIndexCode,
45
+			if _, err := worker.Enqueue(
46
+				ctx, deps.Pool, worker.KindRepoIndexCode,
46
 				map[string]any{"repo_id": r.ID},
47
 				map[string]any{"repo_id": r.ID},
47
 				worker.EnqueueOptions{},
48
 				worker.EnqueueOptions{},
48
 			); err != nil {
49
 			); err != nil {
internal/worker/pool.gomodified
@@ -257,7 +257,8 @@ func (p *Pool) runOne(ctx context.Context, kind Kind, logger *slog.Logger) (bool
257
 	cancel()
257
 	cancel()
258
 	metrics.WorkerJobDurationSeconds.WithLabelValues(job.Kind).Observe(time.Since(start).Seconds())
258
 	metrics.WorkerJobDurationSeconds.WithLabelValues(job.Kind).Observe(time.Since(start).Seconds())
259
 
259
 
260
-	logger.InfoContext(ctx, "worker: dispatched",
260
+	logger.InfoContext(
261
+		ctx, "worker: dispatched",
261
 		"job_id", job.ID,
262
 		"job_id", job.ID,
262
 		"kind", job.Kind,
263
 		"kind", job.Kind,
263
 		"attempt", job.Attempts,
264
 		"attempt", job.Attempts,