From dee2525d5f6c3e717ecfc41855a91eb0dcd3d80b Mon Sep 17 00:00:00 2001
From: Qiaochu Hu <110hqc@gmail.com>
Date: Sun, 10 May 2026 20:46:42 +0800
Subject: [PATCH] Fix silently ignored errors in password migration seeder
 (#4206)

The runSeeders function in database/db.go had three database operations
whose errors were silently ignored:

1. Pluck("seeder_name", &seedersHistory) - if this fails, the seeder
   might re-run and double-hash already bcrypt'd passwords, corrupting
   them
2. Find(&users) - if this fails, no users get migrated but the seeder
   still marks itself as complete
3. Update("password", hashedPassword) - if this fails for a user, their
   password silently remains in the old format

All three now properly check and return errors with descriptive messages.
---
 database/db.go | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/database/db.go b/database/db.go
index 9b3dd133..45197f7f 100644
--- a/database/db.go
+++ b/database/db.go
@@ -89,11 +89,17 @@ func runSeeders(isUsersEmpty bool) error {
 		return db.Create(hashSeeder).Error
 	} else {
 		var seedersHistory []string
-		db.Model(&model.HistoryOfSeeders{}).Pluck("seeder_name", &seedersHistory)
+		if err := db.Model(&model.HistoryOfSeeders{}).Pluck("seeder_name", &seedersHistory).Error; err != nil {
+			log.Printf("Error fetching seeder history: %v", err)
+			return err
+		}
 
 		if !slices.Contains(seedersHistory, "UserPasswordHash") && !isUsersEmpty {
 			var users []model.User
-			db.Find(&users)
+			if err := db.Find(&users).Error; err != nil {
+				log.Printf("Error fetching users for password migration: %v", err)
+				return err
+			}
 
 			for _, user := range users {
 				hashedPassword, err := crypto.HashPasswordAsBcrypt(user.Password)
@@ -101,7 +107,10 @@ func runSeeders(isUsersEmpty bool) error {
 					log.Printf("Error hashing password for user '%s': %v", user.Username, err)
 					return err
 				}
-				db.Model(&user).Update("password", hashedPassword)
+				if err := db.Model(&user).Update("password", hashedPassword).Error; err != nil {
+					log.Printf("Error updating password for user '%s': %v", user.Username, err)
+					return err
+				}
 			}
 
 			hashSeeder := &model.HistoryOfSeeders{