Skip to content

chore: bump version to 7.19.42 and fix axiodb port collision logic#78

Merged
AnkanSaha merged 2 commits intomainfrom
maintainer/ankan
Mar 13, 2026
Merged

chore: bump version to 7.19.42 and fix axiodb port collision logic#78
AnkanSaha merged 2 commits intomainfrom
maintainer/ankan

Conversation

@AnkanSaha
Copy link
Copy Markdown
Member

@AnkanSaha AnkanSaha commented Mar 13, 2026
edited by github-actions bot
Loading

Summary

This PR updates the version from 7.18.42-stable to 7.19.42-stable across multiple files and introduces special port handling for axiodb.

Changes

  • Version Bump: Updated version string in INSTALLATION.md, Scripts/installer.sh, VERSION, npm/package.json, src/Core/main.go, and src/base/Banner.go.
  • Feature: Added a check in StartContainer.go to reserve port 27019 for axiodb to prevent internal conflicts.
  • Logic: Automatically appends -p 27019:27019 mapping when the database is axiodb.

Verification

  • Ran go build to ensure no syntax errors.
  • Verified installer.sh contains the correct version.
  • Tested axiodb container start; verified it prompts when port 27019 is entered (though it only prompts once—fix suggested in review).

@AnkanSaha AnkanSaha self-assigned this Mar 13, 2026
@AnkanSaha AnkanSaha requested review from Copilot and removed request for Copilot March 13, 2026 23:19
@github-actions github-actions bot changed the title chore: Update version to 7.19.42-stable across installation scripts a… chore: bump version to 7.19.42 and fix axiodb port collision logic Mar 13, 2026
@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 13, 2026

🤖 Review Buddy - General Code Review

👥 Attention: @AnkanSaha

Arre @AnkanSaha bhai, ye kya bawasir bana diye ho? Version update karne nikle the ya 'Find and Replace' ka world record todne?

  1. DRY ka Janaza: Bhai, version number 6 alag-alag jagah likha hai. Agar ek jagah bhi miss ho gaya toh prod pe 'Moye Moye' ho jayega. Ever heard of a single source of truth?
  2. Hardcoding ki Hadd: src/Core/main.go aur src/base/Banner.go dono mein alag-alag hardcoded string? Kyun bhai, memory sasti hai kya?
  3. Logic ya Magic?: StartContainer.go mein axiodb ke liye jo port checking lagayi hai, wo sirf ek baar puchti hai. Agar user dubara '27019' daal de toh tumhara code 'Theek hai bhai, teri marzi' bol ke aage nikal jata hai. Coding kar rahe ho ya negotiation?

Code Quality Score: 3/10 (Sirf isliye kyunki code compile toh ho jayega, par dil nahi jeet payega).

Generated by Review Buddy | Tone: roast | Language: hinglish

@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 13, 2026

⚡ Review Buddy - Performance Analysis

👥 Attention: @AnkanSaha

Oho! Performance analysis chahiye is 10-line ke logic change pe? Chalo, tumhari khushi ke liye iska bhi post-mortem kar dete hain.

1. String Allocation ki Kahaani

Go mein strings immutable hoti hain, Ankan bhai. Tumne portMapping = fmt.Sprintf("-p %s:%s", hostPort, port) likha hai. Jab axiodb ka case aata hai, tum portMapping += " -p 27019:27019" karte ho.

  • Pehle fmt.Sprintf ne memory allocate ki.
  • Phir concatenation ne ek nayi, badi string allocate ki aur purani waali garbage collector (GC) ke bharose chhod di.
  • Maana ki ek baar mein kuch nahi hoga, par jab tumhara 'Ultimate Docker Manager' 1000 containers manage karega, toh GC tumhare ghar aake shikayat karega.

Recommendation: strings.Builder use karo agar string build karni hai. Kam se kam memory allocation toh optimize hogi.

2. If-Else ka Jaal (The O(N) Nightmare)

Abhi tumne sirf axiodb ke liye check dala hai. Kal ko mongodb, redis, postgres sabke liye special ports chahiye honge.

  • Tumhara code if database == "axiodb" phir if database == "something_else" aise badhta jayega.
  • Har baar string comparison hoga. String comparison O(L) hota hai (L = length of string).
  • Branch prediction ki toh tumne vaat laga di hai.

Recommendation: Ek map[string]int banao jahan reserved ports store hon. Lookup O(1) hoga aur code dekhne layak lagega.

3. Binary Size aur Hardcoding

Tumne VERSION ko main.go aur Banner.go dono mein hardcode kiya hai.

  • Binary mein do alag static strings store ho rahi hain.
  • Redundancy se binary size badhta hai (chahe bytes mein ho, par principle ki baat hai).
  • LDFlags use karo build time pe version inject karne ke liye. Go ka yahi toh swagat hai!

4. System Call Overhead

dpkg --print-architecture ko shell se call kar rahe ho installer.sh mein.

  • Ek naya process fork hota hai.
  • Environment variables load hote hain.
  • Phir output pipe se read hota hai.
  • Ye sab sirf 'amd64' janne ke liye? Linux mein /proc/cpuinfo ya uname se behtar tarike hain, ya phir seedha build architecture use karo.

5. Loop-less Validation

StartContainer.go mein validation logic dekho:

if database == "axiodb" && hostPort == "27019" {
    fmt.Println("Reserved port...")
    hostPort = tools.AskForInput("Enter custom host port", port)
}

Bhai, agar user ne dubara 27019 daal diya toh? Tumhara code toh surrender kar dega.

  • Performance wise toh ye 'fast' hai kyunki loop hi nahi hai, par logic-wise ye 'fast track to failure' hai.
  • Ek for loop lagao jab tak valid input na mile. CPU cycles thode lagenge par system crash hone se bachega.

6. Shell Command Concatenation

portMapping ko string ki tarah build karke seedha docker command mein bhej rahe ho.

  • Agar input mein kisi ne ; rm -rf / daal diya (bash injection), toh tumhare database ke saath tumhara server bhi 'Tata, Bye Bye' bol dega.
  • Performance impact: Shell parsing of long strings is slower than passing an array of arguments to exec.Command.

Tumhara code abhi 'Hello World' level ki performance de raha hai. Agar scale karna hai, toh engineering seekho, jugad nahi!

Generated by Review Buddy | Tone: roast | Language: hinglish

@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 13, 2026

🔐 Review Buddy - Security Audit

👥 Attention: @AnkanSaha

🛡️ Security Audit: 'Bhagwan Bharose' Edition

Issue Severity Location Exploit Scenario Remediation
Command Injection Critical src/base/StartContainer.go hostPort variable user se liya ja raha hai aur seedha fmt.Sprintf mein daal kar shell command banaya ja raha hai. Agar koi user 8080; rm -rf / daal de, toh docker command ke saath host system ki dhajjiya udd jayengi. exec.Command ka use karein with arguments array, kabhi bhi string concatenation se shell command na banayein.
Incomplete Port Validation Medium src/base/StartContainer.go axiodb ke liye 27019 check sirf ek baar hota hai. User second attempt mein reserved port bypass kar sakta hai, leading to port conflicts ya service failure. Use a while (for in Go) loop to continuously validate input until a safe port is provided.
Hardcoded Versioning Low Multiple files Version mismatch agar ek file update hone se reh gayi, toh update mechanism ya dependency resolution fail ho sakta hai. Use a single VERSION file and read it at build time or use ldflags.
Privilege Escalation Risk Medium Scripts/installer.sh Script sudo mangta hai aur wget se package download karke seedha dpkg -i kar raha hai. Agar GitHub release compromise hui, toh user ka system gaya. Binary signatures (GPG) verify karein download ke baad.

OWASP Reference:

  • A03:2021-Injection (Command Injection via hostPort)
  • A04:2021-Insecure Design (Port validation logic bypass)

Generated by Review Buddy | Tone: roast | Language: hinglish

@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 13, 2026

📊 Review Buddy - Code Quality & Maintainability Analysis

👥 Attention: @AnkanSaha

🎯 Overall Benchmark: 35/100 (Poor)

Arre re re! Quality ke naam pe toh tumne 'Gangs of Wasseypur' ka kabaadi bazaar bana diya hai.

1. DRY Principle ka Murder

Tumne version number ko in jagaho pe likha hai:

  • INSTALLATION.md (Ok, documentation)
  • Scripts/installer.sh (Kyun?)
  • VERSION (The only source of truth? Nahi!)
  • npm/package.json (The Node way?)
  • src/Core/main.go (Go variable?)
  • src/base/Banner.go (Go constant?)

Savage Reality: Agar mujhe version 7.19.43 karna ho, toh mujhe 6 files edit karni padengi. Ek developer ka kaam automation hota hai, manual labor nahi.
Refactoring: Go mein ek internal package banao config naam ka, wahan ek baar version rakho. Baaki sab jagah wahi se import karo. CLI build ke waqt ldflags use karo.

2. Single Responsibility Principle (SRP) ki Dhajjiya

StartContainer.go ka kaam hai container start karna. Use ye kyun pata hona chahiye ki axiodb kya hai aur uska port 27019 reserved hai?

  • Abhi axiodb hai, kal mongodb aayega, parso redis.
  • Tumhari StartContainer function ek kachre ka dibba ban jayegi jisme har database ka kachra (logic) hoga.

Refactoring: Interface pattern use karo. Har database ki apni ek struct ho jo apna GetReservedPorts() implement kare.

type Database interface {
    GetDefaultPort() string
    GetReservedPorts() []string
}

3. Error Handling? Wo Kya Hota Hai?

hostPort := tools.AskForInput("Enter custom host port", port)

  • Kya hostPort ek valid integer hai?
  • Kya wo 1-65535 ki range mein hai?
  • Kya wo privileged port (<1024) hai jiske liye sudo chahiye?
    Tumhara code bas 'maanne' pe chalta hai ki user devta hai aur sahi input dega.

4. Magic Strings aur Numbers

"27019", "axiodb", "-p 27019:27019"...
Code mein har jagah magic strings bikhri padi hain.

  • Kal ko axiodb ka port change ho gaya toh?
  • Poore codebase mein '27019' dhoondte phiroge?

Refactoring: Constants define karo. const AxioInternalPort = "27019".

5. Code Smell: Inconsistent Constants

main.go mein VERSION := "..." (Variable)
Banner.go mein const Version = "..." (Constant)
Bhai, decide kar lo! Ek hi project mein do alag conventions? Ye toh vahi baat ho gayi ki left pair mein joota aur right mein chappal pehen ke nikal gaye.

6. UX (User Experience) Disaster

User se pucha "Custom port chahiye?", usne bola "Haan", usne daala "27019", tumne bola "Nahi chalega, dubara daalo". Usne fir daala "27019", tumne bola "Theek hai, maar mujhe!".

  • User ko lagega tumhara software pagal ho gaya hai.
  • Loop lagao bhai, loop!

7. Scalability

Ye code scale nahi karega. Jaise hi 5 aur databases add honge, tumhara if-else block itna bada ho jayega ki scroll karte-karte mouse ki wheel ghis jayegi.

  • Configuration files (YAML/JSON) use karo ports define karne ke liye, code mein hardcode mat karo.

Generated by Review Buddy | Tone: roast | Language: hinglish

@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 13, 2026

💡 Review Buddy - Best Practices & Alternative Suggestions

👥 Attention: @AnkanSaha

🛠️ Sudhar Jao suggestions (Best Practices)

1. Stop Hardcoding Version everywhere

Current Bawasir:

// main.go
VERSION := "7.19.42-stable"
// Banner.go
const Version = "7.19.42-stable"

Better Alternative:
Use -ldflags during build.

// config/version.go
var Version = "dev"

// Build command
// go build -ldflags="-X 'github.com/nexoral/ContainDB/config.Version=7.19.42-stable'"

Why: Single source of truth. Ek jagah se version control hoga, har file mein jaake rona nahi padega.

2. Input Validation Loop

Current Bawasir:

if database == "axiodb" && hostPort == "27019" {
    fmt.Println("Port 27019 is reserved...")
    hostPort = tools.AskForInput("Enter custom host port", port)
}

Better Alternative:

for {
    hostPort = tools.AskForInput("Enter custom host port", port)
    if database == "axiodb" && hostPort == "27019" {
        fmt.Println("Port 27019 is reserved for internal use. Try again.")
        continue
    }
    break
}

Why: User jab tak sahi input nahi deta, tab tak puchte raho. Robustness badhegi.

3. Use Maps for Reserved Ports

Current Bawasir:

if database == "axiodb" {
    // hardcoded logic
}

Better Alternative:

var reservedPorts = map[string][]string{
    "axiodb": {"27019"},
}

// check if port is in reservedPorts[database]

Why: Code clean lagega aur naye databases add karna asaan hoga.

Generated by Review Buddy | Tone: roast | Language: hinglish

@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 13, 2026

⚠️ Review Buddy - Final Recommendation

👥 Attention: @AnkanSaha

Recommendation: REQUEST CHANGES

Changes chahiye, bhai! Abhi approve nahi kar sakte.

Reasoning:

  • Version number is hardcoded in 6 different places, violating the DRY principle and making maintenance a nightmare.
  • Port validation for 'axiodb' is weak; it only checks once and allows the user to bypass the reservation on the second attempt.
  • Potential Command Injection vulnerability in how 'hostPort' is concatenated into the command string.
  • Specific database logic ('axiodb') is hardcoded inside a generic 'StartContainer' function, violating SOLID principles.
  • Inconsistent usage of constants vs variables for the version string.

📋 Review Checklist for Reviewers:

  • Code changes align with the PR description
  • No security vulnerabilities introduced
  • Performance considerations addressed
  • Code follows project conventions
  • Tests are adequate (if applicable)
  • Documentation updated (if needed)

🎯 Next Steps:

⚠️ Pehle suggestions address karo, phir approve karna.

Generated by Review Buddy | Tone: roast | Language: hinglish

@AnkanSaha AnkanSaha merged commit 0e65619 into main Mar 13, 2026
2 checks passed
@AnkanSaha AnkanSaha deleted the maintainer/ankan branch March 13, 2026 23:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@AnkanSaha AnkanSaha

Labels

maintenance needs work performance security

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@AnkanSaha