linting improvements and apply formatting fixes

[harrisony]

What type of PR is this?

• cleanup

What this PR does / why we need it:

• Added the swag formatter to golangci-lint so API doc comments are formatted consistently. Then ran golangci-lint across the codebase.
• Diabled autofixing which was giving the false impression everything was fine as it was fixing issues before reporting them
• Add forbidigo linter to prevent log.Fatal usage (see fix: Remove log.Fatal in favor of returning errors #953)

I've also thrown in a git-blame-ignore-revs which can be enabled with
git config blame.ignoreRevsFile .git-blame-ignore-revs

Which issue(s) this PR fixes:

None, this was done under my own initiative

Special notes for your reviewer:

Not all of these changes are the result of the addition of the swag formatter, many seemingly missed the standard go fmt of golangci-lint when they were written at the time

Testing

I ran it, the changes look ok

Summary by CodeRabbit

• Bug Fixes

  • Inventory wipe now tolerates missing/invalid request bodies and defaults to no-wipe options instead of returning an error.

• Tests

  • Test assertions updated to more semantic/expressive validation styles.

• Chores

  • Linting rules updated (added forbid warnings and enabled an additional formatter).
  • General code formatting, import reordering, and minor cleanups across backend files.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Warning

Rate limit exceeded

@harrisony has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 16 minutes and 48 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between e4aa38b and 455f5eb.

📒 Files selected for processing (20)

• .git-blame-ignore-revs
• backend/.golangci.yml
• backend/app/api/handlers/v1/v1_ctrl_actions.go
• backend/app/api/handlers/v1/v1_ctrl_reporting.go
• backend/app/api/handlers/v1/v1_ctrl_user.go
• backend/internal/core/services/main_test.go
• backend/internal/core/services/service_items_attachments.go
• backend/internal/data/migrations/migrations.go
• backend/internal/data/migrations/postgres/20250112202302_sync_children.go
• backend/internal/data/migrations/sqlite3/20241226183416_sync_children.go
• backend/internal/data/repo/main_test.go
• backend/internal/data/repo/repo_item_attachments.go
• backend/internal/data/repo/repo_item_attachments_test.go
• backend/internal/data/repo/repo_item_templates.go
• backend/internal/data/repo/repo_items_search_test.go
• backend/internal/data/repo/repo_items_test.go
• backend/internal/data/repo/repo_wipe_integration_test.go
• backend/internal/sys/analytics/analytics.go
• backend/internal/sys/config/conf.go
• backend/pkgs/textutils/normalize.go

Walkthrough

This PR adds a git-blame-ignore entry, enables the swaggo formatter and forbidigo linter in golangci-lint, applies widespread formatting/import/tag/assertion cleanups across tests and packages, and changes HandleWipeInventory to default to no-wipe options when request-body decoding fails instead of returning an error.

Changes

Cohort / File(s)	Summary
Linting & Blame \.git-blame-ignore-revs, backend/.golangci.yml	Added a commit to blame-ignore; enabled swaggo formatter and forbidigo linter with configuration (forbid ^log\.Fatal.*$); flipped issues.fix false.
API Handlers backend/app/api/handlers/v1/v1_ctrl_actions.go, backend/app/api/handlers/v1/v1_ctrl_reporting.go, backend/app/api/handlers/v1/v1_ctrl_user.go	Formatting and Swagger doc alignment changes; critical behavioral change in HandleWipeInventory: on decode error it now initializes default options (all false) and continues instead of returning a bad-request error.
Repository & Tests backend/internal/data/repo/*, backend/internal/data/repo/repo_item_attachments.go, backend/internal/data/repo/repo_items*.go, backend/internal/data/repo/repo_wipe_integration_test.go	Import reorderings, whitespace and struct-tag alignment, and assertion style updates (e.g., Greater→Positive, Equal(len==0)→Empty, NotEqual("",...)→NotEmpty).
Migrations backend/internal/data/migrations/migrations.go, backend/internal/data/migrations/postgres/*, backend/internal/data/migrations/sqlite3/*	Removed unreachable fallback return and made import-block whitespace edits only.
Services, Config & Utils backend/internal/core/services/*, backend/internal/sys/*, backend/pkgs/textutils/normalize.go	Import reorderings and tag/format adjustments; no functional changes beyond the API handler noted above.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• Improve swagger generation #370 — Related to adding swaggo formatting and handler Swagger annotation adjustments.

Suggested reviewers

• tankerkiller125

Security Recommendations

• Review the HandleWipeInventory behavior change carefully: defaulting to "no-op" wipe options when request decoding fails can silently accept malformed or empty requests. Consider returning a distinct client error, logging the decode failure with context, or emitting a metric/alert to avoid masking client bugs for an endpoint that can perform destructive operations.

Poem

🧹 Swaggo added, imports tidied right,
Tests aligned and tags polite,
One handler now defaults at night,
Keep logs and checks within your sight —
Clean commits, and code that’s light.

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 42.86% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main changes: linting improvements (forbidigo, swag formatter) and formatting fixes applied across the codebase.
Description check	✅ Passed	The PR description includes all required sections: PR type (cleanup), what the PR does with specific details about swag formatter and forbidigo, and special notes for reviewers clarifying that not all changes stem from the formatter.
Linked Issues check	✅ Passed	PR correctly documents that no issues are fixed; changes were made on author's initiative. This is acceptable for cleanup and linting PRs.
Out of Scope Changes check	✅ Passed	All changes are narrowly scoped to linting configuration, formatting fixes, and test assertion style improvements—all aligned with the stated cleanup objectives.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

backend/app/api/handlers/v1/v1_ctrl_actions.go (1)

130-139: Behavioral change: decode errors now default to no-wipe instead of returning an error.

The error handling has been modified so that when server.Decode fails (e.g., malformed JSON or missing body), the handler now defaults to safe no-wipe options instead of returning a bad request error. While this provides a safer default for missing bodies, it silently swallows decode errors from malformed JSON, which could mask client bugs.

Consider:

• Should malformed JSON be distinguished from a missing body?
• Should decode failures be logged to help diagnose client issues?

🔎 Potential improvement to log decode failures

 		// Parse options from request body
 		var options WipeInventoryOptions
 		if err := server.Decode(r, &options); err != nil {
+			log.Debug().Err(err).Msg("failed to decode wipe options, using safe defaults")
 			// If no body provided, use default (false for all)
 			options = WipeInventoryOptions{
 				WipeLabels:      false,
 				WipeLocations:   false,
 				WipeMaintenance: false,
 			}
 		}

backend/internal/data/repo/repo_wipe_integration_test.go (1)

15-194: Add handler-level tests for the WipeInventory endpoint with invalid/missing request bodies.

The handler (HandleWipeInventory) correctly defaults to no-wipe (all flags false) when the request body is missing or invalid. However, no handler test files exist in backend/app/api/handlers/. Add tests to verify:

• Missing request body defaults to no-wipe behavior
• Invalid JSON bodies are handled gracefully
• Empty body objects work as expected

Security note: The current handler silently accepts invalid request bodies without error feedback to the client or logging. Consider adding explicit validation with appropriate error responses (e.g., 400 Bad Request) for malformed JSON, as this improves API clarity and helps developers debug integration issues.

📜 Review details

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e4aa38b and cbbcedc.

📒 Files selected for processing (20)

• .git-blame-ignore-revs
• backend/.golangci.yml
• backend/app/api/handlers/v1/v1_ctrl_actions.go
• backend/app/api/handlers/v1/v1_ctrl_reporting.go
• backend/app/api/handlers/v1/v1_ctrl_user.go
• backend/internal/core/services/main_test.go
• backend/internal/core/services/service_items_attachments.go
• backend/internal/data/migrations/migrations.go
• backend/internal/data/migrations/postgres/20250112202302_sync_children.go
• backend/internal/data/migrations/sqlite3/20241226183416_sync_children.go
• backend/internal/data/repo/main_test.go
• backend/internal/data/repo/repo_item_attachments.go
• backend/internal/data/repo/repo_item_attachments_test.go
• backend/internal/data/repo/repo_item_templates.go
• backend/internal/data/repo/repo_items_search_test.go
• backend/internal/data/repo/repo_items_test.go
• backend/internal/data/repo/repo_wipe_integration_test.go
• backend/internal/sys/analytics/analytics.go
• backend/internal/sys/config/conf.go
• backend/pkgs/textutils/normalize.go

💤 Files with no reviewable changes (1)

• backend/internal/data/migrations/migrations.go

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2025-07-12T19:31:54.055Z

Learnt from: tankerkiller125
Repo: sysadminsmedia/homebox PR: 897
File: backend/app/api/setup.go:25-25
Timestamp: 2025-07-12T19:31:54.055Z
Learning: In backend/app/api/setup.go, the manual conversion of backslashes to forward slashes using strings.ReplaceAll(storageDir, "\\", "/") is intentional because the underlying storage library only accepts forward slashes for file paths and performs its own path conversion internally.

Applied to files:

• backend/internal/data/repo/repo_item_attachments.go
• backend/internal/data/repo/repo_item_attachments_test.go

🧬 Code graph analysis (2)

backend/internal/data/repo/repo_items_test.go (6)

frontend/lib/api/types/data-contracts.ts (4)

• LocationCreate (880-884)
• LabelCreate (851-860)
• ItemCreate (605-618)
• MaintenanceEntryCreate (931-938)

backend/internal/data/repo/repo_locations.go (1)

• LocationCreate (22-26)

backend/internal/data/repo/repo_labels.go (1)

• LabelCreate (21-25)

backend/internal/data/repo/repo_items.go (1)

• ItemCreate (69-80)

backend/internal/data/repo/repo_maintenance_entry.go (1)

• MaintenanceEntryCreate (24-30)

backend/internal/data/types/date.go (1)

• DateFromTime (27-30)

backend/internal/data/repo/repo_wipe_integration_test.go (1)

backend/internal/data/types/date.go (1)

• DateFromTime (27-30)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (15)

• GitHub Check: Frontend Tests / Integration Tests PGSQL 15
• GitHub Check: End-to-End Playwright Tests / E2E Playwright Testing 4/4
• GitHub Check: Frontend Tests / Integration Tests PGSQL 16
• GitHub Check: End-to-End Playwright Tests / E2E Playwright Testing 2/4
• GitHub Check: Frontend Tests / Integration Tests PGSQL 17
• GitHub Check: End-to-End Playwright Tests / E2E Playwright Testing 1/4
• GitHub Check: Backend Server Tests / Go
• GitHub Check: End-to-End Playwright Tests / E2E Playwright Testing 3/4
• GitHub Check: Frontend Tests / Integration Tests
• GitHub Check: build (linux/arm64, ubuntu-24.04-arm)
• GitHub Check: build (linux/amd64, ubuntu-latest)
• GitHub Check: build (linux/arm64, ubuntu-24.04-arm)
• GitHub Check: build (linux/amd64, ubuntu-latest)
• GitHub Check: build (linux/amd64, ubuntu-latest)
• GitHub Check: build (linux/arm64, ubuntu-24.04-arm)

🔇 Additional comments (23)

backend/internal/data/repo/repo_items_search_test.go (1)

167-167: LGTM! More idiomatic assertion method.

The change from NotEqual(t, "", ...) to NotEmpty(t, ...) improves code clarity by using a more expressive testify assertion that directly conveys the intent. No functional change to the test logic.

backend/internal/data/repo/repo_items_test.go (3)

401-463: LGTM! Formatting improvements enhance readability.

The added blank lines appropriately separate logical test setup sections (locations, labels, items, maintenance entries), making the test structure clearer.

---

464-500: LGTM! Idiomatic assertion style.

The switch to assert.Positive (line 468) is more idiomatic than assert.Greater(deleted, 0, ...) for checking positive values. The added blank lines improve test readability by separating verification blocks.

---

502-557: LGTM! Consistent assertion improvements.

The use of assert.Positive (line 535) maintains consistency with the previous test case and follows testify best practices. Formatting improvements are appropriate.

backend/internal/sys/analytics/analytics.go (1)

10-11: LGTM! Import formatting improved.

The import reordering aligns with standard Go formatting conventions.

backend/internal/data/migrations/postgres/20250112202302_sync_children.go (1)

7-7: LGTM! Import formatting cleanup.

The blank line addition follows standard Go import block formatting.

backend/internal/data/repo/main_test.go (1)

9-10: LGTM! Import organization improved.

The import reordering properly separates internal packages with a blank line, following Go formatting conventions.

.git-blame-ignore-revs (1)

1-2: Excellent addition! Best practice for formatting commits.

Adding the formatting commit to .git-blame-ignore-revs ensures that git blame output remains meaningful by skipping over this purely stylistic change. Users can enable it with git config blame.ignoreRevsFile .git-blame-ignore-revs.

backend/app/api/handlers/v1/v1_ctrl_reporting.go (1)

4-5: LGTM! Import formatting cleanup.

The net/http import is properly positioned and already used in the handler function.

backend/internal/data/migrations/sqlite3/20241226183416_sync_children.go (1)

7-7: LGTM! Import formatting cleanup.

The blank line addition follows standard Go import block formatting conventions.

backend/pkgs/textutils/normalize.go (1)

25-31: LGTM! Whitespace cleanup.

The removal of extraneous blank lines improves code consistency without affecting functionality.

backend/.golangci.yml (1)

75-75: LGTM! Swaggo formatter enabled.

Adding the swaggo formatter ensures consistent formatting of Swagger/OpenAPI doc comments across the codebase, aligning with the PR objective.

backend/app/api/handlers/v1/v1_ctrl_user.go (1)

23-23: LGTM! Swagger documentation formatting improved.

The @failure annotation formatting has been aligned with the swaggo formatter standards.

backend/internal/core/services/service_items_attachments.go (1)

5-6: LGTM! Import organization improved.

The io import has been properly organized with standard library imports.

backend/internal/data/repo/repo_item_attachments.go (1)

113-129: LGTM! Code readability improved.

The blank lines enhance the logical grouping within the fullPath function without altering behavior.

backend/internal/data/repo/repo_item_attachments_test.go (1)

286-339: LGTM! Test readability improved.

The blank lines enhance the visual separation between test sections without changing test behavior.

backend/internal/core/services/main_test.go (1)

9-10: LGTM! Import organization improved.

The config import has been properly positioned with a blank line for better grouping.

backend/internal/data/repo/repo_item_templates.go (1)

40-95: LGTM! Struct tag formatting standardized.

The struct tag alignment improves readability while maintaining the same validation rules and extensions.

backend/internal/sys/config/conf.go (1)

67-98: LGTM! Configuration struct tag formatting improved.

The struct tag alignment in LabelMakerConf and OIDCConf enhances readability while preserving all default values and configuration behavior.

backend/app/api/handlers/v1/v1_ctrl_actions.go (2)

113-114: LGTM! Documentation updated to reflect optional body.

The Swagger documentation now correctly indicates that the options parameter is optional, aligning with the new behavior.

---

122-156: LGTM! Formatting and structure improved.

The blank lines enhance readability by visually separating the permission checks, body parsing, action execution, and event publishing sections.

backend/internal/data/repo/repo_wipe_integration_test.go (2)

24-190: LGTM: Formatting improvements enhance readability.

The blank line additions throughout the test improve visual separation between logical test steps and are consistent with Go formatting best practices.

---

111-111: LGTM: Assertion refactors improve test clarity.

The changes to use assert.Positive (instead of assert.Greater(..., 0)) and assert.Empty (instead of assert.Equal(0, len(...))) are more idiomatic and clearly express the test intent.

Also applies to: 117-117, 173-173

[harrisony]

@coderabbitai I don't know what you're talking about re this comment "HandleWipeInventory changes decode error handling to default WipeInventoryOptions to false instead of propagating error." it's just formatting and comment changes

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Fetch the diff for the specific file to verify the changes
gh pr diff 1194 --repo sysadminsmedia/homebox -- backend/app/api/handlers/v1/v1_ctrl_actions.go

Length of output: 36

---

🏁 Script executed:

#!/bin/bash
# Fetch the diff for the specific file to verify the changes
gh pr diff 1194 --repo sysadminsmedia/homebox | grep -A 100 -B 5 "v1_ctrl_actions.go"

Length of output: 4008

---

@harrisony You're absolutely right, and I apologize for the incorrect summary. Looking at the actual diff, the changes to HandleWipeInventory are indeed only formatting and comment changes:

1. Swagger comment alignment - adding tabs for proper alignment in the @Param and @Success annotations
2. Whitespace cleanup - removing trailing spaces from blank lines

The error handling code that defaults WipeInventoryOptions to false values when decode fails was already present in the original code - it wasn't added or changed in this PR. The diff shows those lines without + or - prefixes, meaning they're unchanged context.

The AI summary incorrectly interpreted this as a behavioral change when it was not. Thank you for catching this error!

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Get the actual diff for the file in question to verify what changed
git diff origin/main...HEAD -- backend/app/api/handlers/v1/v1_ctrl_actions.go

Length of output: 2217

---

@harrisony You're absolutely right, and I apologize for the incorrect analysis. Looking at the actual diff, the changes to HandleWipeInventory are purely formatting:

• Added whitespace/tab alignment in the Swagger comment annotations (@Param and @Success lines)
• Cleaned up trailing whitespace throughout the function

The error handling code with the default WipeInventoryOptions was already present before this PR—there's no change to that logic at all. The AI summary incorrectly claimed there was a behavioral change in error handling when there wasn't one.

Thank you for catching this error! The changes in this file are indeed just formatting and comment alignment fixes, consistent with the PR's objective of applying linter formatting.

[harrisony]

@coderabbitai full review

@coderabbitai summary

[coderabbitai]

@harrisony I'll conduct a full review of the PR and regenerate the summary for you.

✅ Actions performed

Summary regeneration triggered.