chore: update gosec rules and resolve errs (#2090)

.github/workflows/gosec.yml

@@ -28,4 +28,4 @@ jobs:
       - name: Run Gosec Security Scanner
         uses: securego/gosec@master
         with:
-          args: -exclude-dir=tests ./... -exclude-generated ./...
+          args: -exclude-dir=tests -exclude-dir=app -exclude-generated ./...

x/ccv/consumer/module.go

@@ -172,7 +172,10 @@ func (am AppModule) BeginBlock(goCtx context.Context) error {
 	am.keeper.SetHeightValsetUpdateID(ctx, blockHeight+1, vID)
 	am.keeper.Logger(ctx).Debug("block height was mapped to vscID", "height", blockHeight+1, "vscID", vID)
 
-	am.keeper.TrackHistoricalInfo(ctx)
+	err := am.keeper.TrackHistoricalInfo(ctx)
+	if err != nil {
+		am.keeper.Logger(ctx).Warn("failed to track historical info", "error", err)
+	}
 	return nil
 }
 

x/ccv/democracy/distribution/module.go

@@ -127,12 +127,12 @@ func (am AppModule) AllocateTokens(
 	representativesFraction := math.LegacyOneDec().Sub(communityTax)
 
 	// allocate tokens proportionally to representatives voting power
-	vs.IterateBondedValidatorsByPower(ctx, func(_ int64, validator stakingtypes.ValidatorI) bool {
+	_ = vs.IterateBondedValidatorsByPower(ctx, func(_ int64, validator stakingtypes.ValidatorI) bool {
 		// we get this validator's percentage of the total power by dividing their tokens by the total bonded tokens
 		powerFraction := math.LegacyNewDecFromInt(validator.GetTokens()).QuoTruncate(math.LegacyNewDecFromInt(totalBondedTokens))
 		// we truncate here again, which means that the reward will be slightly lower than it should be
 		reward := feesCollected.MulDecTruncate(representativesFraction).MulDecTruncate(powerFraction)
-		am.keeper.AllocateTokensToValidator(ctx, validator, reward)
+		_ = am.keeper.AllocateTokensToValidator(ctx, validator, reward)
 		remaining = remaining.Sub(reward)
 
 		return false

x/ccv/democracy/governance/module.go

@@ -113,14 +113,41 @@ func deleteForbiddenProposal(ctx sdk.Context, am AppModule, proposal govv1.Propo
 		return
 	}
 
+	logger := am.keeper.Logger(ctx)
+
 	// delete the votes related to the proposal calling Tally
 	// Tally's return result won't be used in decision if the tokens will be burned or refunded (they are always refunded), but
 	// this function needs to be called to delete the votes related to the given proposal, since the deleteVote function is
 	// private and cannot be called directly from the overridden app module
-	am.keeper.Tally(ctx, proposal)
+	_, _, _, err := am.keeper.Tally(ctx, proposal)
+	if err != nil {
+		logger.Warn(
+			"failed to tally disallowed proposal",
+			"proposal", proposal.Id,
+			"title", proposal.GetTitle(),
+			"total_deposit", proposal.TotalDeposit)
+		return
+	}
 
-	am.keeper.DeleteProposal(ctx, proposal.Id)
-	am.keeper.RefundAndDeleteDeposits(ctx, proposal.Id)
+	err = am.keeper.DeleteProposal(ctx, proposal.Id)
+	if err != nil {
+		logger.Warn(
+			"failed to delete disallowed proposal",
+			"proposal", proposal.Id,
+			"title", proposal.GetTitle(),
+			"total_deposit", proposal.TotalDeposit)
+		return
+	}
+
+	err = am.keeper.RefundAndDeleteDeposits(ctx, proposal.Id)
+	if err != nil {
+		logger.Warn(
+			"failed to refund deposits for disallowed proposal",
+			"proposal", proposal.Id,
+			"title", proposal.GetTitle(),
+			"total_deposit", proposal.TotalDeposit)
+		return
+	}
 
 	ctx.EventManager().EmitEvent(
 		sdk.NewEvent(
@@ -130,9 +157,8 @@ func deleteForbiddenProposal(ctx sdk.Context, am AppModule, proposal govv1.Propo
 		),
 	)
 
-	logger := am.keeper.Logger(ctx)
 	logger.Info(
-		"proposal is not whitelisted; deleted",
+		"proposal is not allowed; deleted",
 		"proposal", proposal.Id,
 		"title", proposal.GetTitle(),
 		"total_deposit", proposal.TotalDeposit)