[PR #1379] [MERGED] Fix type assertion panics in avatar providers with graceful recovery and recursion guards #7510

New Issue

GiteaMirror · 2026-04-20T17:44:28-05:00

GiteaMirror commented

2026-04-20 17:44:28 -05:00

📋 Pull Request Information

Original PR: https://github.com/go-vikunja/vikunja/pull/1379
Author: @Copilot
Created: 9/2/2025
Status: ✅ Merged
Merged: 9/2/2025
Merged by: @kolaente

Base: main ← Head: copilot/fix-1378

📝 Commits (6)

fb6f0b7 Initial plan
71900a4 Fix type assertion error in avatar upload provider with logging and graceful recovery
daeacdb Fix type assertion panics in initials avatar provider with safe type assertions
6b706b3 Add recursion guards and refactor tests to use t.Run subtests
f5392f1 fix: use require.NoError and assert.Positive in initials tests
4b83b6b fix: resolve testifylint issues in avatar tests

📊 Changes

4 files changed (+349 additions, -3 deletions)

View changed files

📝 pkg/modules/avatar/initials/initials.go (+48 -2)
➕ pkg/modules/avatar/initials/initials_test.go (+179 -0)
📝 pkg/modules/avatar/upload/upload.go (+29 -1)
➕ pkg/modules/avatar/upload/upload_test.go (+93 -0)

📄 Description

This PR fixes critical runtime panics that occur when the keyvalue cache contains corrupted or legacy data for avatar providers. The issues manifested as runtime.TypeAssertionError crashes in both upload and initials avatar providers:

runtime.TypeAssertionError: interface conversion: interface {} is string, not upload.CachedAvatar

runtime.TypeAssertionError: interface conversion: interface {} is string, not initials.CachedAvatar

runtime.TypeAssertionError: interface conversion: interface {} is string, not image.RGBA64

Problem

Multiple avatar providers were performing unsafe type assertions on cached data:

Upload Provider (pkg/modules/avatar/upload/upload.go):

Line 101: cachedAvatar := result.(CachedAvatar)

Initials Provider (pkg/modules/avatar/initials/initials.go):

Line 200: cachedAvatar := result.(CachedAvatar)
Line 158: aa := result.(image.RGBA64)

When the cache contained legacy string data or became corrupted, these would cause the application to crash instead of gracefully handling the situation.

Solution

Safe Type Assertions: Replaced all unsafe type assertions with safe ones using the comma ok idiom
Detailed Logging: Added comprehensive logging that shows the actual type and value stored in cache when type mismatches occur
Graceful Recovery: When invalid cache data is detected, the system now:
- Logs the issue with full details for debugging
- Clears the corrupted cache entry
- Recursively regenerates the avatar
Recursion Guards: Added depth limits (max 3 attempts) to prevent infinite recursion loops when cache corruption persists or regeneration fails
Enhanced Validation: Added proper input validation to prevent edge cases during regeneration
Test Improvements: Refactored tests to use t.Run subtests for better organization and maintainability

Changes

Upload Provider:

Modified GetAvatar() to use safe type assertion with proper error handling
Added recursion guard with getAvatarWithDepth() helper method to prevent infinite loops
Added input validation for AvatarFileID to prevent nil pointer dereference
Refactored tests to use t.Run subtests for better test organization

Initials Provider:

Modified GetAvatar() to use safe type assertion for CachedAvatar
Modified getAvatarForUser() to use safe type assertion for image.RGBA64
Added recursion guards with depth-tracking helper methods (getAvatarWithDepth, getAvatarForUserWithDepth)
Refactored tests to use t.Run subtests with separate test groups for better organization

Both providers now automatically detect, log, clear, and regenerate corrupted cache entries without crashing the application. The recursion guards prevent infinite loops if cache corruption persists or regeneration continuously fails.

Fixed Sentry Issues:

API-OSS-25: interface conversion: interface {} is string, not initials.CachedAvatar
API-OSS-27: interface conversion: interface {} is string, not image.RGBA64

Fixes #1378.

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/go-vikunja/vikunja/pull/1379 **Author:** [@Copilot](https://github.com/apps/copilot-swe-agent) **Created:** 9/2/2025 **Status:** ✅ Merged **Merged:** 9/2/2025 **Merged by:** [@kolaente](https://github.com/kolaente) **Base:** `main` ← **Head:** `copilot/fix-1378` --- ### 📝 Commits (6) - [`fb6f0b7`](https://github.com/go-vikunja/vikunja/commit/fb6f0b7648cbd75e8a867ab9baff5a2a3a19d330) Initial plan - [`71900a4`](https://github.com/go-vikunja/vikunja/commit/71900a4a6bb1c8f9b02ea46c738e1a481529e300) Fix type assertion error in avatar upload provider with logging and graceful recovery - [`daeacdb`](https://github.com/go-vikunja/vikunja/commit/daeacdbe4918be40e1a754c551014916c394bb43) Fix type assertion panics in initials avatar provider with safe type assertions - [`6b706b3`](https://github.com/go-vikunja/vikunja/commit/6b706b314d1f144ce881f7ca53d5b19d8ae43564) Add recursion guards and refactor tests to use t.Run subtests - [`f5392f1`](https://github.com/go-vikunja/vikunja/commit/f5392f19b8b6d21c8338c7baa59ec0b32aada4fc) fix: use require.NoError and assert.Positive in initials tests - [`4b83b6b`](https://github.com/go-vikunja/vikunja/commit/4b83b6bd19c718982113fc7c95a9824b9b224375) fix: resolve testifylint issues in avatar tests ### 📊 Changes **4 files changed** (+349 additions, -3 deletions) <details> <summary>View changed files</summary> 📝 `pkg/modules/avatar/initials/initials.go` (+48 -2) ➕ `pkg/modules/avatar/initials/initials_test.go` (+179 -0) 📝 `pkg/modules/avatar/upload/upload.go` (+29 -1) ➕ `pkg/modules/avatar/upload/upload_test.go` (+93 -0) </details> ### 📄 Description This PR fixes critical runtime panics that occur when the keyvalue cache contains corrupted or legacy data for avatar providers. The issues manifested as `runtime.TypeAssertionError` crashes in both upload and initials avatar providers: ``` runtime.TypeAssertionError: interface conversion: interface {} is string, not upload.CachedAvatar ``` ``` runtime.TypeAssertionError: interface conversion: interface {} is string, not initials.CachedAvatar ``` ``` runtime.TypeAssertionError: interface conversion: interface {} is string, not image.RGBA64 ``` ## Problem Multiple avatar providers were performing unsafe type assertions on cached data: **Upload Provider (`pkg/modules/avatar/upload/upload.go`):** - Line 101: `cachedAvatar := result.(CachedAvatar)` **Initials Provider (`pkg/modules/avatar/initials/initials.go`):** - Line 200: `cachedAvatar := result.(CachedAvatar)` - Line 158: `aa := result.(image.RGBA64)` When the cache contained legacy string data or became corrupted, these would cause the application to crash instead of gracefully handling the situation. ## Solution 1. **Safe Type Assertions**: Replaced all unsafe type assertions with safe ones using the comma ok idiom 2. **Detailed Logging**: Added comprehensive logging that shows the actual type and value stored in cache when type mismatches occur 3. **Graceful Recovery**: When invalid cache data is detected, the system now: - Logs the issue with full details for debugging - Clears the corrupted cache entry - Recursively regenerates the avatar 4. **Recursion Guards**: Added depth limits (max 3 attempts) to prevent infinite recursion loops when cache corruption persists or regeneration fails 5. **Enhanced Validation**: Added proper input validation to prevent edge cases during regeneration 6. **Test Improvements**: Refactored tests to use `t.Run` subtests for better organization and maintainability ## Changes **Upload Provider:** - Modified `GetAvatar()` to use safe type assertion with proper error handling - Added recursion guard with `getAvatarWithDepth()` helper method to prevent infinite loops - Added input validation for `AvatarFileID` to prevent nil pointer dereference - Refactored tests to use `t.Run` subtests for better test organization **Initials Provider:** - Modified `GetAvatar()` to use safe type assertion for `CachedAvatar` - Modified `getAvatarForUser()` to use safe type assertion for `image.RGBA64` - Added recursion guards with depth-tracking helper methods (`getAvatarWithDepth`, `getAvatarForUserWithDepth`) - Refactored tests to use `t.Run` subtests with separate test groups for better organization Both providers now automatically detect, log, clear, and regenerate corrupted cache entries without crashing the application. The recursion guards prevent infinite loops if cache corruption persists or regeneration continuously fails. **Fixed Sentry Issues:** - API-OSS-25: `interface conversion: interface {} is string, not initials.CachedAvatar` - API-OSS-27: `interface conversion: interface {} is string, not image.RGBA64` Fixes #1378.  --- 💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click [here](https://survey3.medallia.com/?EAHeSx-AP01bZqG0Ld9QLQ) to start the survey. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

GiteaMirror added the pull-request label 2026-04-20 17:44:28 -05:00

GiteaMirror closed this issue

2026-04-20 17:44:28 -05:00

Sign in to join this conversation.

Branches Tags

main

claude/analyze-beans-project-9VxoS

renovate/dev-dependencies

feat-huma-api-v2-migration

feat-v2-foundation

spike-huma-openapi3

claude/investigate-swagger3-support-nyyUa

feat-list-view-buckets

ci-mysql-8-test

codex/analyze-codebase-for-email-task-feature

feat-project-templates

csv-import-feature

claude/email-reply-comments-wpdcQ

fix-oidc-pkce-support

fix/overview-subtasks-expand

feat/bucket-select-task-detail

feat-soft-delete-projects

claude/review-bot-design-plan-cf5C3

claude/project-scoped-api-tokens-KTqR3

claude/explore-openclaw-integration-KQEzg

claude/project-scoped-api-tokens-yv5KS

fix-duplicate-close-button

feat-list-view-sorting

feat/official-vite-sentry-plugin

feat/highlight-overdue-tasks

feat/add-enter-key-form-submission-handling

feat/TipTap-nits

feat/update-caldavtimetotimestamp-parsing

feat-phosphor-icons

wip-plans

claude/investigate-issue-2173-llKme

fix-description-text-drag

feat-custom-keyboard-shortcuts

pr-1845-ci

codex/fix-drag-and-drop-behavior-inconsistency

copilot/add-clickable-labels-for-filtering

copilot/fix-issue-1786

playwright-migration

fix-kanban-repeating-wip

copilot/fix-1498

feature/replace-axios

codex/upgrade-to-tailwind-4.1.8-using-pnpm

codex/add-cypress-test-for-avatar-types

feature/biome

feature/oxc

codex/update-flexsearch-to-0.8.205

4r6ni9-codex/fix-deprecated-sass-@import-usage

codex/fix-deprecated-sass-@import-usage

codex/add-cypress-test-for-task-list-refresh-fix

codex/fix-quick-add-magic-not-adding-tasks

codex/fix-all-type-errors

codex/fix-mimetype-for-docs.json

feature/caldav-from-scratch

feature/gh-actions-hetzner

fix-ci

feat/new-logger

jyte-better-dev-config

feat/add-team-member-with-enter

fix/button-and-icon-types

fix/notifications-component-name-collision

feature/null-time

renovate/tailwindcss-4.x

feature/unplugin-vue-router

fix/deprecated-import

feature/zod-schema

renovate/golangci-golangci-lint-1.x

fix/tiptap-editor-reactive-destructuring

release/0.24

feat/improve-add-task

fix/saved-filter-search

feat/webp-and-avif-attachment-previews

feature/migrate-back-to-bulma

fix/sass-add-missing-list-import

feature/sticky-demo-bar

fix/gantt-view-switch

feature/typesense-position-join

feature/focus-visible

dependencies/golangci-lint

feature/better-filter-syntax

fix/tiptap-task-list

renovate/github.com-golang-jwt-jwt-v4-5.x

feature/hide-forbidden-related-tasks

renovate/golang-1.x

release/0.20

release/0.17

release/0.16

release/0.15

release/0.14

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/vikunja#7510