| linters: |
| enable: |
| - bodyclose |
| - depguard |
| - dogsled |
| - dupword # Detects duplicate words. |
| - durationcheck |
| - errchkjson |
| - exportloopref # Detects pointers to enclosing loop variables. |
| - gocritic # Metalinter; detects bugs, performance, and styling issues. |
| - gocyclo |
| - gofumpt # Detects whether code was gofumpt-ed. |
| - goimports |
| - gosec # Detects security problems. |
| - gosimple |
| - govet |
| - ineffassign |
| - lll |
| - megacheck |
| - misspell # Detects commonly misspelled English words in comments. |
| - nakedret |
| - nilerr # Detects code that returns nil even if it checks that the error is not nil. |
| - nolintlint # Detects ill-formed or insufficient nolint directives. |
| - perfsprint # Detects fmt.Sprintf uses that can be replaced with a faster alternative. |
| - prealloc # Detects slice declarations that could potentially be pre-allocated. |
| - predeclared # Detects code that shadows one of Go's predeclared identifiers |
| - reassign |
| - revive # Metalinter; drop-in replacement for golint. |
| - staticcheck |
| - stylecheck # Replacement for golint |
| - tenv # Detects using os.Setenv instead of t.Setenv. |
| - thelper # Detects test helpers without t.Helper(). |
| - tparallel # Detects inappropriate usage of t.Parallel(). |
| - typecheck |
| - unconvert # Detects unnecessary type conversions. |
| - unparam |
| - unused |
| - usestdlibvars |
| - vet |
| - wastedassign |
| |
| disable: |
| - errcheck |
| |
| run: |
| timeout: 5m |
| skip-files: |
| - cli/compose/schema/bindata.go |
| - .*generated.* |
| |
| linters-settings: |
| depguard: |
| rules: |
| main: |
| deny: |
| - pkg: io/ioutil |
| desc: The io/ioutil package has been deprecated, see https://go.dev/doc/go1.16#ioutil |
| gocyclo: |
| min-complexity: 16 |
| govet: |
| check-shadowing: true |
| settings: |
| shadow: |
| strict: true |
| lll: |
| line-length: 200 |
| nakedret: |
| command: nakedret |
| pattern: ^(?P<path>.*?\\.go):(?P<line>\\d+)\\s*(?P<message>.*)$ |
| |
| revive: |
| rules: |
| # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#import-shadowing |
| - name: import-shadowing |
| severity: warning |
| disabled: false |
| # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#empty-block |
| - name: empty-block |
| severity: warning |
| disabled: false |
| # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#empty-lines |
| - name: empty-lines |
| severity: warning |
| disabled: false |
| # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#use-any |
| - name: use-any |
| severity: warning |
| disabled: false |
| |
| issues: |
| # The default exclusion rules are a bit too permissive, so copying the relevant ones below |
| exclude-use-default: false |
| |
| exclude: |
| - parameter .* always receives |
| |
| exclude-rules: |
| # We prefer to use an "exclude-list" so that new "default" exclusions are not |
| # automatically inherited. We can decide whether or not to follow upstream |
| # defaults when updating golang-ci-lint versions. |
| # Unfortunately, this means we have to copy the whole exclusion pattern, as |
| # (unlike the "include" option), the "exclude" option does not take exclusion |
| # ID's. |
| # |
| # These exclusion patterns are copied from the default excluses at: |
| # https://github.com/golangci/golangci-lint/blob/v1.44.0/pkg/config/issues.go#L10-L104 |
| |
| # EXC0001 |
| - text: "Error return value of .((os\\.)?std(out|err)\\..*|.*Close|.*Flush|os\\.Remove(All)?|.*print(f|ln)?|os\\.(Un)?Setenv). is not checked" |
| linters: |
| - errcheck |
| # EXC0003 |
| - text: "func name will be used as test\\.Test.* by other packages, and that stutters; consider calling this" |
| linters: |
| - revive |
| # EXC0006 |
| - text: "Use of unsafe calls should be audited" |
| linters: |
| - gosec |
| # EXC0007 |
| - text: "Subprocess launch(ed with variable|ing should be audited)" |
| linters: |
| - gosec |
| # EXC0008 |
| # TODO: evaluate these and fix where needed: G307: Deferring unsafe method "*os.File" on type "Close" (gosec) |
| - text: "G307" |
| linters: |
| - gosec |
| # EXC0009 |
| - text: "(Expect directory permissions to be 0750 or less|Expect file permissions to be 0600 or less)" |
| linters: |
| - gosec |
| # EXC0010 |
| - text: "Potential file inclusion via variable" |
| linters: |
| - gosec |
| |
| # G113 Potential uncontrolled memory consumption in Rat.SetString (CVE-2022-23772) |
| # only affects gp < 1.16.14. and go < 1.17.7 |
| - text: "G113" |
| linters: |
| - gosec |
| # TODO: G104: Errors unhandled. (gosec) |
| - text: "G104" |
| linters: |
| - gosec |
| # Looks like the match in "EXC0007" above doesn't catch this one |
| # TODO: consider upstreaming this to golangci-lint's default exclusion rules |
| - text: "G204: Subprocess launched with a potential tainted input or cmd arguments" |
| linters: |
| - gosec |
| # Looks like the match in "EXC0009" above doesn't catch this one |
| # TODO: consider upstreaming this to golangci-lint's default exclusion rules |
| - text: "G306: Expect WriteFile permissions to be 0600 or less" |
| linters: |
| - gosec |
| |
| # TODO: make sure all packages have a description. Currently, there's 67 packages without. |
| - text: "package-comments: should have a package comment" |
| linters: |
| - revive |
| # FIXME temporarily suppress these (see https://github.com/gotestyourself/gotest.tools/issues/272) |
| - text: "SA1019: (assert|cmp|is)\\.ErrorType is deprecated" |
| linters: |
| - staticcheck |
| # Exclude some linters from running on tests files. |
| - path: _test\.go |
| linters: |
| - errcheck |
| - gosec |
| - text: "ST1000: at least one file in a package should have a package comment" |
| linters: |
| - stylecheck |
| |
| # Allow "err" and "ok" vars to shadow existing declarations, otherwise we get too many false positives. |
| - text: '^shadow: declaration of "(err|ok)" shadows declaration' |
| linters: |
| - govet |
| |
| |
| # Maximum issues count per one linter. Set to 0 to disable. Default is 50. |
| max-issues-per-linter: 0 |
| |
| # Maximum count of issues with the same text. Set to 0 to disable. Default is 3. |
| max-same-issues: 0 |