fix(agent): surface par2/install/NFS failures instead of degrading silently
- usenet: Par2Verify/Repair return ErrPar2NotInstalled (was nil="verified"); pipeline surfaces it via Result.VerifyNote + WARNING — a download that shipped parity but couldn't be checked is delivered UNVERIFIED, not verified. - funnel: pin cloudflared version + verify a baked-in SHA-256 (was `latest` + ELF-magic only) — a malicious/broken upstream release isn't pulled silently. - stream: makeReadable verifies the file actually opens after chmod and warns clearly (NFS root_squash / SMB uid mapping) instead of a cryptic later EPERM. - WireGuard endpoint pin dropped from the debt list (reseller uses direct config, no pin).
This commit is contained in:
Deivid Soto
parent
27bee8cdf4
commit
3d51013935
9 changed files with 319 additions and 43 deletions
|
|
@ -276,6 +276,11 @@ func (u *UsenetDownloader) Download(ctx context.Context, task *Task, outputDir s
|
|||
if ppResult.Extracted {
|
||||
log.Printf("[%s] extracted archive", shortID)
|
||||
}
|
||||
if ppResult.VerifyNote != "" {
|
||||
// Degraded verification (par2 missing / repair failed): surface it loudly
|
||||
// so the delivered file isn't silently assumed good.
|
||||
log.Printf("[%s] WARNING: %s", shortID, ppResult.VerifyNote)
|
||||
}
|
||||
|
||||
finalPath := ppResult.FinalPath
|
||||
if finalPath == "" {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue