From 6323d1d3a621df9332263b438b6cacc7c382f09f Mon Sep 17 00:00:00 2001
From: "https://github.com/alimx07"
 <149194464+alimx07@users.noreply.github.com>
Date: Mon, 20 Apr 2026 20:59:37 +0200
Subject: [PATCH 1/3] feat(Dockerfile): Make Images run with non-root user

---
 services/feed_service/Dockerfile              |  3 ++
 services/feed_service/feedService.go          |  1 +
 services/post_service/Dockerfile              |  3 ++
 .../post_service/postRepo/postgresRepo.go     | 33 ++++++++++---------
 services/post_service/postService.go          |  1 +
 5 files changed, 26 insertions(+), 15 deletions(-)

diff --git a/services/feed_service/Dockerfile b/services/feed_service/Dockerfile
index 77610f8..61f2c4d 100644
--- a/services/feed_service/Dockerfile
+++ b/services/feed_service/Dockerfile
@@ -7,9 +7,12 @@ RUN CGO_ENABLED=1 GOOS=linux go build -o app .
 
 
 FROM alpine:3.22
+RUN addgroup -S appgroup && adduser -S appuser -G appgroup
 RUN apk add --no-cache libc6-compat
 WORKDIR /root/
 COPY --from=builder /app/app .
+RUN chown -R appuser:appgroup /app                                           
+USER appuser 
 
 EXPOSE 50051
 CMD ["./app"]
diff --git a/services/feed_service/feedService.go b/services/feed_service/feedService.go
index dcb36cb..39932ae 100644
--- a/services/feed_service/feedService.go
+++ b/services/feed_service/feedService.go
@@ -102,6 +102,7 @@ func (fs *FeedService) Start() error {
 		log.Printf("Error in Starting listener for FeedService on %v\n", net.JoinHostPort(fs.config.ServerHost, fs.config.ServerPort))
 		return err
 	}
+	//nosemgrep
 	grpcServer := grpc.NewServer()
 	pb.RegisterFeedServiceServer(grpcServer, fs)
 	fs.grpcServer = grpcServer
diff --git a/services/post_service/Dockerfile b/services/post_service/Dockerfile
index d0bd482..2bbfca6 100644
--- a/services/post_service/Dockerfile
+++ b/services/post_service/Dockerfile
@@ -7,8 +7,11 @@ RUN CGO_ENABLED=0 GOOS=linux go build -o app .
 
 
 FROM alpine:3.22
+RUN addgroup -S appgroup && adduser -S appuser -G appgroup 
 WORKDIR /root/
 COPY --from=builder /app/app .
+RUN chown -R appuser:appgroup /app                                           
+USER appuser 
 
 EXPOSE 50051
 CMD ["./app"]
diff --git a/services/post_service/postRepo/postgresRepo.go b/services/post_service/postRepo/postgresRepo.go
index f740122..6128b32 100644
--- a/services/post_service/postRepo/postgresRepo.go
+++ b/services/post_service/postRepo/postgresRepo.go
@@ -2,11 +2,9 @@ package postRepo
 
 import (
 	"context"
+	"crypto/rand"
 	"database/sql"
-	"fmt"
 	"log"
-	"math/rand"
-	"strings"
 	"time"
 
 	"github.com/alimx07/Distributed_Microservices_Backend/services/post_service/models"
@@ -28,7 +26,7 @@ func NewPostgresRepo(primaryDB, replicaDB *sql.DB) *PostgresRepo {
 
 // Write operations use primaryDB
 func (ps *PostgresRepo) CreatePost(ctx context.Context, post models.Post) (string, error) {
-	entropy := ulid.Monotonic(rand.New(rand.NewSource(time.Now().UnixNano())), 0)
+	entropy := ulid.Monotonic(rand.Reader, 0)
 	postID := ulid.MustNew(ulid.Timestamp(time.Now()), entropy).String()
 	_, err := ps.primaryDB.ExecContext(ctx,
 		`INSERT INTO posts (post_id , user_id, content) 
@@ -42,7 +40,7 @@ func (ps *PostgresRepo) CreatePost(ctx context.Context, post models.Post) (strin
 }
 
 func (ps *PostgresRepo) CreateComment(ctx context.Context, comment models.Comment) (string, error) {
-	entropy := ulid.Monotonic(rand.New(rand.NewSource(time.Now().UnixNano())), 0)
+	entropy := ulid.Monotonic(rand.Reader, 0)
 	commentID := ulid.MustNew(ulid.Timestamp(time.Now()), entropy).String()
 	_, err := ps.primaryDB.ExecContext(ctx,
 		`INSERT INTO comments (comment_id , user_id, post_id ,content) 
@@ -206,16 +204,21 @@ func (ps *PostgresRepo) GetCounters(ctx context.Context, ids []string) ([]models
 
 // Write operation - uses primaryDB
 func (ps *PostgresRepo) UpdateCounters(ctx context.Context, counters []models.CachedCounter) error {
-	values := make([]string, 0, len(counters))
-	for _, cnt := range counters {
-		values = append(values, fmt.Sprintf("(%d,%d,%d)", cnt.Id, cnt.Likes, cnt.Comments))
-	}
-	query := fmt.Sprintf(`UPDATE posts p SET 
-                        likes_count = p.likes_count + v.likes, 
-                        comments_count = p.comments_count + v.comments
-                        FROM (VALUES %s) AS v(post_id, likes, comments) 
-                        WHERE v.post_id = p.post_id`, strings.Join(values, ","))
-	_, err := ps.primaryDB.ExecContext(ctx, query)
+	ids := make([]string, len(counters))
+	likes := make([]int64, len(counters))
+	comments := make([]int64, len(counters))
+	for i, cnt := range counters {
+		ids[i] = cnt.Id
+		likes[i] = cnt.Likes
+		comments[i] = cnt.Comments
+	}
+	_, err := ps.primaryDB.ExecContext(ctx, `
+		UPDATE posts p SET
+			likes_count    = p.likes_count    + v.likes,
+			comments_count = p.comments_count + v.comments
+		FROM unnest($1::text[], $2::bigint[], $3::bigint[]) AS v(post_id, likes, comments)
+		WHERE p.post_id = v.post_id`,
+		pq.Array(ids), pq.Array(likes), pq.Array(comments))
 	if err != nil {
 		log.Printf("Error In updating Counters: %v", err.Error())
 		return err
diff --git a/services/post_service/postService.go b/services/post_service/postService.go
index 6a9f063..fda95e0 100644
--- a/services/post_service/postService.go
+++ b/services/post_service/postService.go
@@ -53,6 +53,7 @@ func (ps *postService) start() error {
 	if err != nil {
 		return err
 	}
+	//nosemgrep
 	grpcserver := grpc.NewServer()
 	ps.grpcServer = grpcserver
 	pb.RegisterPostSeriveServer(grpcserver, ps)

From 47682a4a1ac7d4da9b7e4e3b802b8f61a27aafdc Mon Sep 17 00:00:00 2001
From: "https://github.com/alimx07"
 <149194464+alimx07@users.noreply.github.com>
Date: Mon, 20 Apr 2026 21:13:38 +0200
Subject: [PATCH 2/3] update go/grpc (CVE-2026-33186)

---
 services/feed_service/go.mod | 12 +++----
 services/feed_service/go.sum | 68 ++++++++++++++++++------------------
 services/post_service/go.mod | 12 +++----
 services/post_service/go.sum | 48 ++++++++++++-------------
 4 files changed, 70 insertions(+), 70 deletions(-)

diff --git a/services/feed_service/go.mod b/services/feed_service/go.mod
index 680e8e5..237d543 100644
--- a/services/feed_service/go.mod
+++ b/services/feed_service/go.mod
@@ -6,7 +6,7 @@ require (
 	github.com/alimx07/Distributed_Microservices_Backend/services/services_bindings_go v0.0.0-20260218093155-57f1f032c67d
 	github.com/confluentinc/confluent-kafka-go/v2 v2.11.1
 	github.com/redis/go-redis/v9 v9.14.0
-	google.golang.org/grpc v1.75.0
+	google.golang.org/grpc v1.79.3
 )
 
 require (
@@ -16,10 +16,10 @@ require (
 	github.com/prometheus/client_golang v1.20.5 // indirect
 	github.com/prometheus/common v0.62.0 // indirect
 	github.com/stretchr/testify v1.10.0 // indirect
-	golang.org/x/net v0.45.0 // indirect
-	golang.org/x/sys v0.36.0 // indirect
-	golang.org/x/text v0.29.0 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20250707201910-8d1bb00bc6a7 // indirect
-	google.golang.org/protobuf v1.36.8 // indirect
+	golang.org/x/net v0.48.0 // indirect
+	golang.org/x/sys v0.39.0 // indirect
+	golang.org/x/text v0.32.0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217 // indirect
+	google.golang.org/protobuf v1.36.10 // indirect
 	sigs.k8s.io/yaml v1.4.0 // indirect
 )
diff --git a/services/feed_service/go.sum b/services/feed_service/go.sum
index b7b26df..09b9425 100644
--- a/services/feed_service/go.sum
+++ b/services/feed_service/go.sum
@@ -299,16 +299,16 @@ github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17
 github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y=
 github.com/yusufpapurcu/wmi v1.2.3 h1:E1ctvB7uKFMOJw3fdOW32DwGE9I7t++CRUEMKvFoFiw=
 github.com/yusufpapurcu/wmi v1.2.3/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
-go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA=
-go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A=
+go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64=
+go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.49.0 h1:4Pp6oUg3+e/6M4C0A/3kJ2VYa++dsWVTtGgLVj5xtHg=
 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.49.0/go.mod h1:Mjt1i1INqiaoZOMGR1RIUJN+i3ChKoFRqzrRQhlkbs0=
 go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.46.1 h1:gbhw/u49SS3gkPWiYweQNJGm/uJN5GkI/FrosxSHT7A=
 go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.46.1/go.mod h1:GnOaBaFQ2we3b9AGWJpsBa7v1S5RlQzlC3O7dRMxZhM=
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 h1:jq9TW8u3so/bN+JPT166wjOI6/vQPF6Xe7nMNIltagk=
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0/go.mod h1:p8pYQP+m5XfbZm9fxtSKAbM6oIllS7s2AfxrChvc7iw=
-go.opentelemetry.io/otel v1.37.0 h1:9zhNfelUvx0KBfu/gb+ZgeAfAgtWrfHJZcAqFC228wQ=
-go.opentelemetry.io/otel v1.37.0/go.mod h1:ehE/umFRLnuLa/vSccNq9oS1ErUlkkK71gMcN34UG8I=
+go.opentelemetry.io/otel v1.39.0 h1:8yPrr/S0ND9QEfTfdP9V+SiwT4E0G7Y5MO7p85nis48=
+go.opentelemetry.io/otel v1.39.0/go.mod h1:kLlFTywNWrFyEdH0oj2xK0bFYZtHRYUdv1NklR/tgc8=
 go.opentelemetry.io/otel/exporters/otlp/otlpmetric v0.42.0 h1:ZtfnDL+tUrs1F0Pzfwbg2d59Gru9NCH3bgSHBM6LDwU=
 go.opentelemetry.io/otel/exporters/otlp/otlpmetric v0.42.0/go.mod h1:hG4Fj/y8TR/tlEDREo8tWstl9fO9gcFkn4xrx0Io8xU=
 go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v0.42.0 h1:NmnYCiR0qNufkldjVvyQfZTHSdzeHoZ41zggMsdMcLM=
@@ -321,48 +321,48 @@ go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.21.0 h1:tIqhe
 go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.21.0/go.mod h1:nUeKExfxAQVbiVFn32YXpXZZHZ61Cc3s3Rn1pDBGAb0=
 go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.21.0 h1:digkEZCJWobwBqMwC0cwCq8/wkkRy/OowZg5OArWZrM=
 go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.21.0/go.mod h1:/OpE/y70qVkndM0TrxT4KBoN3RsFZP0QaofcfYrj76I=
-go.opentelemetry.io/otel/metric v1.37.0 h1:mvwbQS5m0tbmqML4NqK+e3aDiO02vsf/WgbsdpcPoZE=
-go.opentelemetry.io/otel/metric v1.37.0/go.mod h1:04wGrZurHYKOc+RKeye86GwKiTb9FKm1WHtO+4EVr2E=
-go.opentelemetry.io/otel/sdk v1.37.0 h1:ItB0QUqnjesGRvNcmAcU0LyvkVyGJ2xftD29bWdDvKI=
-go.opentelemetry.io/otel/sdk v1.37.0/go.mod h1:VredYzxUvuo2q3WRcDnKDjbdvmO0sCzOvVAiY+yUkAg=
-go.opentelemetry.io/otel/sdk/metric v1.37.0 h1:90lI228XrB9jCMuSdA0673aubgRobVZFhbjxHHspCPc=
-go.opentelemetry.io/otel/sdk/metric v1.37.0/go.mod h1:cNen4ZWfiD37l5NhS+Keb5RXVWZWpRE+9WyVCpbo5ps=
-go.opentelemetry.io/otel/trace v1.37.0 h1:HLdcFNbRQBE2imdSEgm/kwqmQj1Or1l/7bW6mxVK7z4=
-go.opentelemetry.io/otel/trace v1.37.0/go.mod h1:TlgrlQ+PtQO5XFerSPUYG0JSgGyryXewPGyayAWSBS0=
+go.opentelemetry.io/otel/metric v1.39.0 h1:d1UzonvEZriVfpNKEVmHXbdf909uGTOQjA0HF0Ls5Q0=
+go.opentelemetry.io/otel/metric v1.39.0/go.mod h1:jrZSWL33sD7bBxg1xjrqyDjnuzTUB0x1nBERXd7Ftcs=
+go.opentelemetry.io/otel/sdk v1.39.0 h1:nMLYcjVsvdui1B/4FRkwjzoRVsMK8uL/cj0OyhKzt18=
+go.opentelemetry.io/otel/sdk v1.39.0/go.mod h1:vDojkC4/jsTJsE+kh+LXYQlbL8CgrEcwmt1ENZszdJE=
+go.opentelemetry.io/otel/sdk/metric v1.39.0 h1:cXMVVFVgsIf2YL6QkRF4Urbr/aMInf+2WKg+sEJTtB8=
+go.opentelemetry.io/otel/sdk/metric v1.39.0/go.mod h1:xq9HEVH7qeX69/JnwEfp6fVq5wosJsY1mt4lLfYdVew=
+go.opentelemetry.io/otel/trace v1.39.0 h1:2d2vfpEDmCJ5zVYz7ijaJdOF59xLomrvj7bjt6/qCJI=
+go.opentelemetry.io/otel/trace v1.39.0/go.mod h1:88w4/PnZSazkGzz/w84VHpQafiU4EtqqlVdxWy+rNOA=
 go.opentelemetry.io/proto/otlp v1.0.0 h1:T0TX0tmXU8a3CbNXzEKGeU5mIVOdf0oykP+u2lIVU/I=
 go.opentelemetry.io/proto/otlp v1.0.0/go.mod h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v80hjKIs5JXpM=
 go.uber.org/mock v0.4.0 h1:VcM4ZOtdbR4f6VXfiOpwpVJDL6lCReaZ6mw31wqh7KU=
 go.uber.org/mock v0.4.0/go.mod h1:a6FSlNadKUHUa9IP5Vyt1zh4fC7uAwxMutEAscFbkZc=
-golang.org/x/crypto v0.42.0 h1:chiH31gIWm57EkTXpwnqf8qeuMUi0yekh6mT2AvFlqI=
-golang.org/x/crypto v0.42.0/go.mod h1:4+rDnOTJhQCx2q7/j6rAN5XDw8kPjeaXEUR2eL94ix8=
+golang.org/x/crypto v0.46.0 h1:cKRW/pmt1pKAfetfu+RCEvjvZkA9RimPbh7bhFjGVBU=
+golang.org/x/crypto v0.46.0/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0=
 golang.org/x/exp v0.0.0-20240112132812-db7319d0e0e3 h1:hNQpMuAJe5CtcUqCXaWga3FHu+kQvCqcsoVaQgSV60o=
 golang.org/x/exp v0.0.0-20240112132812-db7319d0e0e3/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08=
-golang.org/x/net v0.45.0 h1:RLBg5JKixCy82FtLJpeNlVM0nrSqpCRYzVU1n8kj0tM=
-golang.org/x/net v0.45.0/go.mod h1:ECOoLqd5U3Lhyeyo/QDCEVQ4sNgYsqvCZ722XogGieY=
-golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
-golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU=
-golang.org/x/sync v0.17.0 h1:l60nONMj9l5drqw6jlhIELNv9I0A4OFgRsG9k2oT9Ug=
-golang.org/x/sync v0.17.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
-golang.org/x/sys v0.36.0 h1:KVRy2GtZBrk1cBYA7MKu5bEZFxQk4NIDV6RLVcC8o0k=
-golang.org/x/sys v0.36.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
-golang.org/x/term v0.35.0 h1:bZBVKBudEyhRcajGcNc3jIfWPqV4y/Kt2XcoigOWtDQ=
-golang.org/x/term v0.35.0/go.mod h1:TPGtkTLesOwf2DE8CgVYiZinHAOuy5AYUYT1lENIZnA=
-golang.org/x/text v0.29.0 h1:1neNs90w9YzJ9BocxfsQNHKuAT4pkghyXc4nhZ6sJvk=
-golang.org/x/text v0.29.0/go.mod h1:7MhJOA9CD2qZyOKYazxdYMF85OwPdEr9jTtBpO7ydH4=
+golang.org/x/net v0.48.0 h1:zyQRTTrjc33Lhh0fBgT/H3oZq9WuvRR5gPC70xpDiQU=
+golang.org/x/net v0.48.0/go.mod h1:+ndRgGjkh8FGtu1w1FGbEC31if4VrNVMuKTgcAAnQRY=
+golang.org/x/oauth2 v0.34.0 h1:hqK/t4AKgbqWkdkcAeI8XLmbK+4m4G5YeQRrmiotGlw=
+golang.org/x/oauth2 v0.34.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA=
+golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
+golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
+golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk=
+golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/term v0.38.0 h1:PQ5pkm/rLO6HnxFR7N2lJHOZX6Kez5Y1gDSJla6jo7Q=
+golang.org/x/term v0.38.0/go.mod h1:bSEAKrOT1W+VSu9TSCMtoGEOUcKxOKgl3LE5QEF/xVg=
+golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU=
+golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY=
 golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U=
 golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
 gonum.org/v1/gonum v0.16.0 h1:5+ul4Swaf3ESvrOnidPp4GZbzf0mxVQpDCYUQE7OJfk=
 gonum.org/v1/gonum v0.16.0/go.mod h1:fef3am4MQ93R2HHpKnLk4/Tbh/s0+wqD5nfa6Pnwy4E=
 google.golang.org/genproto v0.0.0-20240325203815-454cdb8f5daa h1:ePqxpG3LVx+feAUOx8YmR5T7rc0rdzK8DyxM8cQ9zq0=
 google.golang.org/genproto v0.0.0-20240325203815-454cdb8f5daa/go.mod h1:CnZenrTdRJb7jc+jOm0Rkywq+9wh0QC4U8tyiRbEPPM=
-google.golang.org/genproto/googleapis/api v0.0.0-20250707201910-8d1bb00bc6a7 h1:FiusG7LWj+4byqhbvmB+Q93B/mOxJLN2DTozDuZm4EU=
-google.golang.org/genproto/googleapis/api v0.0.0-20250707201910-8d1bb00bc6a7/go.mod h1:kXqgZtrWaf6qS3jZOCnCH7WYfrvFjkC51bM8fz3RsCA=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20250707201910-8d1bb00bc6a7 h1:pFyd6EwwL2TqFf8emdthzeX+gZE1ElRq3iM8pui4KBY=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20250707201910-8d1bb00bc6a7/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A=
-google.golang.org/grpc v1.75.0 h1:+TW+dqTd2Biwe6KKfhE5JpiYIBWq865PhKGSXiivqt4=
-google.golang.org/grpc v1.75.0/go.mod h1:JtPAzKiq4v1xcAB2hydNlWI2RnF85XXcV0mhKXr2ecQ=
-google.golang.org/protobuf v1.36.8 h1:xHScyCOEuuwZEc6UtSOvPbAT4zRh0xcNRYekJwfqyMc=
-google.golang.org/protobuf v1.36.8/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXntxiD/uRU=
+google.golang.org/genproto/googleapis/api v0.0.0-20251202230838-ff82c1b0f217 h1:fCvbg86sFXwdrl5LgVcTEvNC+2txB5mgROGmRL5mrls=
+google.golang.org/genproto/googleapis/api v0.0.0-20251202230838-ff82c1b0f217/go.mod h1:+rXWjjaukWZun3mLfjmVnQi18E1AsFbDN9QdJ5YXLto=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217 h1:gRkg/vSppuSQoDjxyiGfN4Upv/h/DQmIR10ZU8dh4Ww=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217/go.mod h1:7i2o+ce6H/6BluujYR+kqX3GKH+dChPTQU19wjRPiGk=
+google.golang.org/grpc v1.79.3 h1:sybAEdRIEtvcD68Gx7dmnwjZKlyfuc61Dyo9pGXXkKE=
+google.golang.org/grpc v1.79.3/go.mod h1:KmT0Kjez+0dde/v2j9vzwoAScgEPx/Bw1CYChhHLrHQ=
+google.golang.org/protobuf v1.36.10 h1:AYd7cD/uASjIL6Q9LiTjz8JLcrh/88q5UObnmY3aOOE=
+google.golang.org/protobuf v1.36.10/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
 gopkg.in/cenkalti/backoff.v1 v1.1.0 h1:Arh75ttbsvlpVA7WtVpH4u9h6Zl46xuptxqLxPiSo4Y=
 gopkg.in/cenkalti/backoff.v1 v1.1.0/go.mod h1:J6Vskwqd+OMVJl8C33mmtxTBs2gyzfv7UDAkHu8BrjI=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
diff --git a/services/post_service/go.mod b/services/post_service/go.mod
index 8762975..cd4e4fb 100644
--- a/services/post_service/go.mod
+++ b/services/post_service/go.mod
@@ -7,15 +7,15 @@ require (
 	github.com/lib/pq v1.10.9
 	github.com/oklog/ulid/v2 v2.1.1
 	github.com/redis/go-redis/v9 v9.13.0
-	google.golang.org/grpc v1.75.0
+	google.golang.org/grpc v1.79.3
 )
 
 require (
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
-	golang.org/x/net v0.45.0 // indirect
-	golang.org/x/sys v0.36.0 // indirect
-	golang.org/x/text v0.29.0 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20250707201910-8d1bb00bc6a7 // indirect
-	google.golang.org/protobuf v1.36.8 // indirect
+	golang.org/x/net v0.48.0 // indirect
+	golang.org/x/sys v0.39.0 // indirect
+	golang.org/x/text v0.32.0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217 // indirect
+	google.golang.org/protobuf v1.36.10 // indirect
 )
diff --git a/services/post_service/go.sum b/services/post_service/go.sum
index 12215db..f169476 100644
--- a/services/post_service/go.sum
+++ b/services/post_service/go.sum
@@ -25,29 +25,29 @@ github.com/oklog/ulid/v2 v2.1.1/go.mod h1:rcEKHmBBKfef9DhnvX7y1HZBYxjXb0cP5ExxNs
 github.com/pborman/getopt v0.0.0-20170112200414-7148bc3a4c30/go.mod h1:85jBQOZwpVEaDAr341tbn15RS4fCAsIst0qp7i8ex1o=
 github.com/redis/go-redis/v9 v9.13.0 h1:PpmlVykE0ODh8P43U0HqC+2NXHXwG+GUtQyz+MPKGRg=
 github.com/redis/go-redis/v9 v9.13.0/go.mod h1:huWgSWd8mW6+m0VPhJjSSQ+d6Nh1VICQ6Q5lHuCH/Iw=
-go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA=
-go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A=
-go.opentelemetry.io/otel v1.37.0 h1:9zhNfelUvx0KBfu/gb+ZgeAfAgtWrfHJZcAqFC228wQ=
-go.opentelemetry.io/otel v1.37.0/go.mod h1:ehE/umFRLnuLa/vSccNq9oS1ErUlkkK71gMcN34UG8I=
-go.opentelemetry.io/otel/metric v1.37.0 h1:mvwbQS5m0tbmqML4NqK+e3aDiO02vsf/WgbsdpcPoZE=
-go.opentelemetry.io/otel/metric v1.37.0/go.mod h1:04wGrZurHYKOc+RKeye86GwKiTb9FKm1WHtO+4EVr2E=
-go.opentelemetry.io/otel/sdk v1.37.0 h1:ItB0QUqnjesGRvNcmAcU0LyvkVyGJ2xftD29bWdDvKI=
-go.opentelemetry.io/otel/sdk v1.37.0/go.mod h1:VredYzxUvuo2q3WRcDnKDjbdvmO0sCzOvVAiY+yUkAg=
-go.opentelemetry.io/otel/sdk/metric v1.37.0 h1:90lI228XrB9jCMuSdA0673aubgRobVZFhbjxHHspCPc=
-go.opentelemetry.io/otel/sdk/metric v1.37.0/go.mod h1:cNen4ZWfiD37l5NhS+Keb5RXVWZWpRE+9WyVCpbo5ps=
-go.opentelemetry.io/otel/trace v1.37.0 h1:HLdcFNbRQBE2imdSEgm/kwqmQj1Or1l/7bW6mxVK7z4=
-go.opentelemetry.io/otel/trace v1.37.0/go.mod h1:TlgrlQ+PtQO5XFerSPUYG0JSgGyryXewPGyayAWSBS0=
-golang.org/x/net v0.45.0 h1:RLBg5JKixCy82FtLJpeNlVM0nrSqpCRYzVU1n8kj0tM=
-golang.org/x/net v0.45.0/go.mod h1:ECOoLqd5U3Lhyeyo/QDCEVQ4sNgYsqvCZ722XogGieY=
-golang.org/x/sys v0.36.0 h1:KVRy2GtZBrk1cBYA7MKu5bEZFxQk4NIDV6RLVcC8o0k=
-golang.org/x/sys v0.36.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
-golang.org/x/text v0.29.0 h1:1neNs90w9YzJ9BocxfsQNHKuAT4pkghyXc4nhZ6sJvk=
-golang.org/x/text v0.29.0/go.mod h1:7MhJOA9CD2qZyOKYazxdYMF85OwPdEr9jTtBpO7ydH4=
+go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64=
+go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
+go.opentelemetry.io/otel v1.39.0 h1:8yPrr/S0ND9QEfTfdP9V+SiwT4E0G7Y5MO7p85nis48=
+go.opentelemetry.io/otel v1.39.0/go.mod h1:kLlFTywNWrFyEdH0oj2xK0bFYZtHRYUdv1NklR/tgc8=
+go.opentelemetry.io/otel/metric v1.39.0 h1:d1UzonvEZriVfpNKEVmHXbdf909uGTOQjA0HF0Ls5Q0=
+go.opentelemetry.io/otel/metric v1.39.0/go.mod h1:jrZSWL33sD7bBxg1xjrqyDjnuzTUB0x1nBERXd7Ftcs=
+go.opentelemetry.io/otel/sdk v1.39.0 h1:nMLYcjVsvdui1B/4FRkwjzoRVsMK8uL/cj0OyhKzt18=
+go.opentelemetry.io/otel/sdk v1.39.0/go.mod h1:vDojkC4/jsTJsE+kh+LXYQlbL8CgrEcwmt1ENZszdJE=
+go.opentelemetry.io/otel/sdk/metric v1.39.0 h1:cXMVVFVgsIf2YL6QkRF4Urbr/aMInf+2WKg+sEJTtB8=
+go.opentelemetry.io/otel/sdk/metric v1.39.0/go.mod h1:xq9HEVH7qeX69/JnwEfp6fVq5wosJsY1mt4lLfYdVew=
+go.opentelemetry.io/otel/trace v1.39.0 h1:2d2vfpEDmCJ5zVYz7ijaJdOF59xLomrvj7bjt6/qCJI=
+go.opentelemetry.io/otel/trace v1.39.0/go.mod h1:88w4/PnZSazkGzz/w84VHpQafiU4EtqqlVdxWy+rNOA=
+golang.org/x/net v0.48.0 h1:zyQRTTrjc33Lhh0fBgT/H3oZq9WuvRR5gPC70xpDiQU=
+golang.org/x/net v0.48.0/go.mod h1:+ndRgGjkh8FGtu1w1FGbEC31if4VrNVMuKTgcAAnQRY=
+golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk=
+golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU=
+golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY=
 gonum.org/v1/gonum v0.16.0 h1:5+ul4Swaf3ESvrOnidPp4GZbzf0mxVQpDCYUQE7OJfk=
 gonum.org/v1/gonum v0.16.0/go.mod h1:fef3am4MQ93R2HHpKnLk4/Tbh/s0+wqD5nfa6Pnwy4E=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20250707201910-8d1bb00bc6a7 h1:pFyd6EwwL2TqFf8emdthzeX+gZE1ElRq3iM8pui4KBY=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20250707201910-8d1bb00bc6a7/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A=
-google.golang.org/grpc v1.75.0 h1:+TW+dqTd2Biwe6KKfhE5JpiYIBWq865PhKGSXiivqt4=
-google.golang.org/grpc v1.75.0/go.mod h1:JtPAzKiq4v1xcAB2hydNlWI2RnF85XXcV0mhKXr2ecQ=
-google.golang.org/protobuf v1.36.8 h1:xHScyCOEuuwZEc6UtSOvPbAT4zRh0xcNRYekJwfqyMc=
-google.golang.org/protobuf v1.36.8/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXntxiD/uRU=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217 h1:gRkg/vSppuSQoDjxyiGfN4Upv/h/DQmIR10ZU8dh4Ww=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217/go.mod h1:7i2o+ce6H/6BluujYR+kqX3GKH+dChPTQU19wjRPiGk=
+google.golang.org/grpc v1.79.3 h1:sybAEdRIEtvcD68Gx7dmnwjZKlyfuc61Dyo9pGXXkKE=
+google.golang.org/grpc v1.79.3/go.mod h1:KmT0Kjez+0dde/v2j9vzwoAScgEPx/Bw1CYChhHLrHQ=
+google.golang.org/protobuf v1.36.10 h1:AYd7cD/uASjIL6Q9LiTjz8JLcrh/88q5UObnmY3aOOE=
+google.golang.org/protobuf v1.36.10/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=

From c32d0f42f9a5ff5c376d58dcf31327211735d175 Mon Sep 17 00:00:00 2001
From: "https://github.com/alimx07"
 <149194464+alimx07@users.noreply.github.com>
Date: Mon, 20 Apr 2026 21:26:18 +0200
Subject: [PATCH 3/3] feat: Hanlde unchecked err statments

---
 services/feed_service/Dockerfile              |  2 +-
 services/feed_service/feedService.go          |  8 +++++--
 services/feed_service/feedUserClient.go       |  2 +-
 services/feed_service/write_fanout.go         | 14 +++++++----
 services/post_service/Dockerfile              |  2 +-
 services/post_service/cachedRepo/redisRepo.go | 12 +++++++---
 .../post_service/postRepo/postgresRepo.go     | 24 +++++++++++++++----
 services/post_service/postService.go          |  8 +++++--
 8 files changed, 54 insertions(+), 18 deletions(-)

diff --git a/services/feed_service/Dockerfile b/services/feed_service/Dockerfile
index 61f2c4d..341e27d 100644
--- a/services/feed_service/Dockerfile
+++ b/services/feed_service/Dockerfile
@@ -9,7 +9,7 @@ RUN CGO_ENABLED=1 GOOS=linux go build -o app .
 FROM alpine:3.22
 RUN addgroup -S appgroup && adduser -S appuser -G appgroup
 RUN apk add --no-cache libc6-compat
-WORKDIR /root/
+WORKDIR /app
 COPY --from=builder /app/app .
 RUN chown -R appuser:appgroup /app                                           
 USER appuser 
diff --git a/services/feed_service/feedService.go b/services/feed_service/feedService.go
index 39932ae..6fc7969 100644
--- a/services/feed_service/feedService.go
+++ b/services/feed_service/feedService.go
@@ -226,10 +226,14 @@ func (fs *FeedService) StartHealthServer() error {
 	router.HandleFunc("/health", func(w http.ResponseWriter, r *http.Request) {
 		if fs.serviceOFF.Load() {
 			w.WriteHeader(http.StatusServiceUnavailable)
-			w.Write([]byte(`{"status": "Down" , "service": "feed_service"}`))
+			if _, err := w.Write([]byte(`{"status": "Down" , "service": "feed_service"}`)); err != nil {
+				log.Println("health write error:", err)
+			}
 		} else {
 			w.WriteHeader(http.StatusOK)
-			w.Write([]byte(`{"status": "ok" , "service": "feed_service"}`))
+			if _, err := w.Write([]byte(`{"status": "ok" , "service": "feed_service"}`)); err != nil {
+				log.Println("health write error:", err)
+			}
 		}
 	})
 
diff --git a/services/feed_service/feedUserClient.go b/services/feed_service/feedUserClient.go
index 9c7cf7f..2086db2 100644
--- a/services/feed_service/feedUserClient.go
+++ b/services/feed_service/feedUserClient.go
@@ -43,7 +43,7 @@ func (uc *UserClient) GetUsersData(ctx context.Context, ids []string) (map[strin
 
 func (uc *UserClient) Close() error {
 	if uc.conn != nil {
-		uc.conn.Close()
+		return uc.conn.Close()
 	}
 	return nil
 }
diff --git a/services/feed_service/write_fanout.go b/services/feed_service/write_fanout.go
index eb4ed54..03ddb83 100644
--- a/services/feed_service/write_fanout.go
+++ b/services/feed_service/write_fanout.go
@@ -84,7 +84,9 @@ func (fw *FanoutWriter) WriteFanout() {
 					if err != nil {
 						log.Println("Error Processing Message", err.Error())
 					} else {
-						fw.c.Commit()
+						if _, err := fw.c.Commit(); err != nil {
+							log.Println("Error committing kafka offset:", err)
+						}
 					}
 				}()
 			case kafka.Error:
@@ -107,7 +109,9 @@ func (fw *FanoutWriter) ProcessMessage(msg *kafka.Message) error {
 	defer c1()
 	celeb, _ := fw.followClient.IsCeleb(ctx, item.UserId)
 	if celeb {
-		fw.cache.Set(item)
+		if err := fw.cache.Set(item); err != nil {
+			log.Println("Error setting cache item:", err)
+		}
 		return nil
 	}
 	ctx2, c2 := context.WithTimeout(fw.ctx, 5*time.Second)
@@ -124,11 +128,13 @@ func (fw *FanoutWriter) ProcessMessage(msg *kafka.Message) error {
 		go func(ids []string) {
 			defer wg.Done()
 			for _, id := range ids {
-				fw.cache.Set(models.FeedItem{
+				if err := fw.cache.Set(models.FeedItem{
 					UserId:     id,
 					PostId:     item.PostId,
 					Created_at: item.Created_at,
-				})
+				}); err != nil {
+					log.Println("Error setting cache item:", err)
+				}
 			}
 		}(followers[i:endIdx])
 		atomic.AddInt32(&i, int32(fw.workerThreshold))
diff --git a/services/post_service/Dockerfile b/services/post_service/Dockerfile
index 2bbfca6..93f7a4a 100644
--- a/services/post_service/Dockerfile
+++ b/services/post_service/Dockerfile
@@ -8,7 +8,7 @@ RUN CGO_ENABLED=0 GOOS=linux go build -o app .
 
 FROM alpine:3.22
 RUN addgroup -S appgroup && adduser -S appuser -G appgroup 
-WORKDIR /root/
+WORKDIR /app
 COPY --from=builder /app/app .
 RUN chown -R appuser:appgroup /app                                           
 USER appuser 
diff --git a/services/post_service/cachedRepo/redisRepo.go b/services/post_service/cachedRepo/redisRepo.go
index 6fccc40..3c65d65 100644
--- a/services/post_service/cachedRepo/redisRepo.go
+++ b/services/post_service/cachedRepo/redisRepo.go
@@ -58,14 +58,18 @@ func (rs *redisRepo) UpdateLikesCounter(ctx context.Context, id string, delta in
 	pipe := rs.redisClient.Pipeline()
 	pipe.HIncrBy(ctx, counterKey(id), "likes", delta)
 	pipe.SAdd(ctx, "counters:set", counterKey(id))
-	pipe.Exec(ctx)
+	if _, err := pipe.Exec(ctx); err != nil {
+		log.Println("Error executing likes counter pipeline:", err)
+	}
 }
 
 func (rs *redisRepo) UpdateCommentsCounter(ctx context.Context, id string, delta int64) {
 	pipe := rs.redisClient.Pipeline()
 	pipe.HIncrBy(ctx, counterKey(id), "comments", delta)
 	pipe.SAdd(ctx, "counters:set", counterKey(id))
-	pipe.Exec(ctx)
+	if _, err := pipe.Exec(ctx); err != nil {
+		log.Println("Error executing comments counter pipeline:", err)
+	}
 }
 
 func (rs *redisRepo) GetPosts(ctx context.Context, ids []string) ([]models.Post, error) {
@@ -238,7 +242,9 @@ func (rs *redisRepo) SyncCounters() {
 					}
 					cnts = append(cnts, cachedcounter)
 				}
-				rs.presistanceDB.UpdateCounters(rs.ctx, cnts)
+				if err := rs.presistanceDB.UpdateCounters(rs.ctx, cnts); err != nil {
+					log.Println("Error flushing counters to DB:", err)
+				}
 			}
 		}
 	}
diff --git a/services/post_service/postRepo/postgresRepo.go b/services/post_service/postRepo/postgresRepo.go
index 6128b32..6e26160 100644
--- a/services/post_service/postRepo/postgresRepo.go
+++ b/services/post_service/postRepo/postgresRepo.go
@@ -108,7 +108,11 @@ func (ps *PostgresRepo) GetPosts(ctx context.Context, ids []string) ([]models.Po
 		log.Println("Error querying posts: ", err.Error())
 		return nil, err
 	}
-	defer rows.Close()
+	defer func() {
+		if err := rows.Close(); err != nil {
+			log.Println("Error closing posts rows:", err)
+		}
+	}()
 
 	posts := make([]models.Post, 0, len(ids))
 	for rows.Next() {
@@ -135,7 +139,11 @@ func (ps *PostgresRepo) GetComments(ctx context.Context, id string) ([]models.Co
 		log.Println("Error querying comments: ", err.Error())
 		return nil, err
 	}
-	defer rows.Close()
+	defer func() {
+		if err := rows.Close(); err != nil {
+			log.Println("Error closing comments rows:", err)
+		}
+	}()
 
 	var comments []models.Comment
 	for rows.Next() {
@@ -156,7 +164,11 @@ func (ps *PostgresRepo) GetLikes(ctx context.Context, id string) ([]models.Like,
 		log.Println("Error querying likes: ", err.Error())
 		return nil, err
 	}
-	defer rows.Close()
+	defer func() {
+		if err := rows.Close(); err != nil {
+			log.Println("Error closing likes rows:", err)
+		}
+	}()
 
 	var likes []models.Like
 	for rows.Next() {
@@ -182,7 +194,11 @@ func (ps *PostgresRepo) GetCounters(ctx context.Context, ids []string) ([]models
 		log.Println("Error querying posts: ", err.Error())
 		return nil, err
 	}
-	defer rows.Close()
+	defer func() {
+		if err := rows.Close(); err != nil {
+			log.Println("Error closing counters rows:", err)
+		}
+	}()
 
 	cnts := make([]models.CachedCounter, 0, len(ids))
 	for rows.Next() {
diff --git a/services/post_service/postService.go b/services/post_service/postService.go
index fda95e0..6cdca1c 100644
--- a/services/post_service/postService.go
+++ b/services/post_service/postService.go
@@ -214,10 +214,14 @@ func (ps *postService) StartHealthServer() error {
 
 		if ps.serviceOFF.Load() {
 			w.WriteHeader(http.StatusServiceUnavailable)
-			w.Write([]byte(`{"status": "down" , service": "post_service"}`))
+			if _, err := w.Write([]byte(`{"status": "down" , service": "post_service"}`)); err != nil {
+				log.Println("health write error:", err)
+			}
 		} else {
 			w.WriteHeader(http.StatusOK)
-			w.Write([]byte(`{"status": "ok" , service": "post_service"}`))
+			if _, err := w.Write([]byte(`{"status": "ok" , service": "post_service"}`)); err != nil {
+				log.Println("health write error:", err)
+			}
 		}
 
 	})