extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2024-11-07 16:54:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
1a15b0f900
netbird/.golangci.yaml

140 lines
5.8 KiB
YAML
Raw Normal View History

Update GitHub Actions and Enhance golangci-lint (#1075) This PR showcases the implementation of additional linter rules. I've updated the golangci-lint GitHub Actions to the latest available version. This update makes sure that the tool works the same way locally - assuming being updated regularly - and with the GitHub Actions. I've also taken care of keeping all the GitHub Actions up to date, which helps our code stay current. But there's one part, goreleaser that's a bit tricky to test on our computers. So, it's important to take a close look at that. To make it easier to understand what I've done, I've made separate changes for each thing that the new linters found. This should help the people reviewing the changes see what's going on more clearly. Some of the changes might not be obvious at first glance. Things to consider for the future CI runs on Ubuntu so the static analysis only happens for Linux. Consider running it for the rest: Darwin, Windows
2023-09-04 17:03:44 +02:00
run:
# Timeout for analysis, e.g. 30s, 5m.
# Default: 1m
timeout: 6m
# This file contains only configs which differ from defaults.
# All possible options can be found here https://github.com/golangci/golangci-lint/blob/master/.golangci.reference.yml
linters-settings:
errcheck:
# Report about not checking of errors in type assertions: `a := b.(MyStruct)`.
# Such cases aren't reported by default.
# Default: false
check-type-assertions: false
Add gosec linter (#1342) This PR adds `gosec` linter with the following checks disabled: - G102: Bind to all interfaces - G107: Url provided to HTTP request as taint input - G112: Potential slowloris attack - G114: Use of net/http serve function that has no support for setting timeouts - G204: Audit use of command execution - G401: Detect the usage of DES, RC4, MD5 or SHA1 - G402: Look for bad TLS connection settings - G404: Insecure random number source (rand) - G501: Import blocklist: crypto/md5 - G505: Import blocklist: crypto/sha1 We have complaints related to the checks above. They have to be addressed separately.
2023-12-04 13:34:06 +01:00
gosec:
includes:
- G101 # Look for hard coded credentials
#- G102 # Bind to all interfaces
- G103 # Audit the use of unsafe block
- G104 # Audit errors not checked
- G106 # Audit the use of ssh.InsecureIgnoreHostKey
#- G107 # Url provided to HTTP request as taint input
- G108 # Profiling endpoint automatically exposed on /debug/pprof
- G109 # Potential Integer overflow made by strconv.Atoi result conversion to int16/32
- G110 # Potential DoS vulnerability via decompression bomb
- G111 # Potential directory traversal
#- G112 # Potential slowloris attack
- G113 # Usage of Rat.SetString in math/big with an overflow (CVE-2022-23772)
#- G114 # Use of net/http serve function that has no support for setting timeouts
- G201 # SQL query construction using format string
- G202 # SQL query construction using string concatenation
- G203 # Use of unescaped data in HTML templates
#- G204 # Audit use of command execution
- G301 # Poor file permissions used when creating a directory
- G302 # Poor file permissions used with chmod
- G303 # Creating tempfile using a predictable path
- G304 # File path provided as taint input
- G305 # File traversal when extracting zip/tar archive
- G306 # Poor file permissions used when writing to a new file
- G307 # Poor file permissions used when creating a file with os.Create
#- G401 # Detect the usage of DES, RC4, MD5 or SHA1
#- G402 # Look for bad TLS connection settings
- G403 # Ensure minimum RSA key length of 2048 bits
#- G404 # Insecure random number source (rand)
#- G501 # Import blocklist: crypto/md5
- G502 # Import blocklist: crypto/des
- G503 # Import blocklist: crypto/rc4
- G504 # Import blocklist: net/http/cgi
#- G505 # Import blocklist: crypto/sha1
- G601 # Implicit memory aliasing of items from a range statement
- G602 # Slice access out of bounds
Add gocritic linter (#1324) * Add gocritic linter `gocritic` provides diagnostics that check for bugs, performance, and style issues We disable the following checks: - commentFormatting - captLocal - deprecatedComment This PR contains many `//nolint:gocritic` to disable `appendAssign`.
2023-11-27 16:40:02 +01:00
gocritic:
disabled-checks:
- commentFormatting
- captLocal
- deprecatedComment
Update GitHub Actions and Enhance golangci-lint (#1075) This PR showcases the implementation of additional linter rules. I've updated the golangci-lint GitHub Actions to the latest available version. This update makes sure that the tool works the same way locally - assuming being updated regularly - and with the GitHub Actions. I've also taken care of keeping all the GitHub Actions up to date, which helps our code stay current. But there's one part, goreleaser that's a bit tricky to test on our computers. So, it's important to take a close look at that. To make it easier to understand what I've done, I've made separate changes for each thing that the new linters found. This should help the people reviewing the changes see what's going on more clearly. Some of the changes might not be obvious at first glance. Things to consider for the future CI runs on Ubuntu so the static analysis only happens for Linux. Consider running it for the rest: Darwin, Windows
2023-09-04 17:03:44 +02:00
govet:
# Enable all analyzers.
# Default: false
enable-all: false
enable:
- nilness
Enable review linter with exported docs check (#1647) Exported function and methods should have comments. This warns on undocumented exported functions and methods.
2024-02-29 16:05:31 +01:00
revive:
rules:
- name: exported
severity: warning
disabled: false
arguments:
- "checkPrivateReceivers"
- "sayRepetitiveInsteadOfStutters"
Add tenv linter (#1322) Tenv is analyzer that detects using `os.Setenv` instead of `t.Setenv` since Go 1.17.
2023-11-21 17:38:33 +01:00
tenv:
# The option `all` will run against whole test files (`_test.go`) regardless of method/function signatures.
# Otherwise, only methods that take `*testing.T`, `*testing.B`, and `testing.TB` as arguments are checked.
# Default: false
all: true
Update GitHub Actions and Enhance golangci-lint (#1075) This PR showcases the implementation of additional linter rules. I've updated the golangci-lint GitHub Actions to the latest available version. This update makes sure that the tool works the same way locally - assuming being updated regularly - and with the GitHub Actions. I've also taken care of keeping all the GitHub Actions up to date, which helps our code stay current. But there's one part, goreleaser that's a bit tricky to test on our computers. So, it's important to take a close look at that. To make it easier to understand what I've done, I've made separate changes for each thing that the new linters found. This should help the people reviewing the changes see what's going on more clearly. Some of the changes might not be obvious at first glance. Things to consider for the future CI runs on Ubuntu so the static analysis only happens for Linux. Consider running it for the rest: Darwin, Windows
2023-09-04 17:03:44 +02:00
linters:
disable-all: true
enable:
## enabled by default
- errcheck # checking for unchecked errors, these unchecked errors can be critical bugs in some cases
- gosimple # specializes in simplifying a code
- govet # reports suspicious constructs, such as Printf calls whose arguments do not align with the format string
- ineffassign # detects when assignments to existing variables are not used
- staticcheck # is a go vet on steroids, applying a ton of static analysis checks
Add tenv linter (#1322) Tenv is analyzer that detects using `os.Setenv` instead of `t.Setenv` since Go 1.17.
2023-11-21 17:38:33 +01:00
- tenv # Tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17.
Update GitHub Actions and Enhance golangci-lint (#1075) This PR showcases the implementation of additional linter rules. I've updated the golangci-lint GitHub Actions to the latest available version. This update makes sure that the tool works the same way locally - assuming being updated regularly - and with the GitHub Actions. I've also taken care of keeping all the GitHub Actions up to date, which helps our code stay current. But there's one part, goreleaser that's a bit tricky to test on our computers. So, it's important to take a close look at that. To make it easier to understand what I've done, I've made separate changes for each thing that the new linters found. This should help the people reviewing the changes see what's going on more clearly. Some of the changes might not be obvious at first glance. Things to consider for the future CI runs on Ubuntu so the static analysis only happens for Linux. Consider running it for the rest: Darwin, Windows
2023-09-04 17:03:44 +02:00
- typecheck # like the front-end of a Go compiler, parses and type-checks Go code
- unused # checks for unused constants, variables, functions and types
## disable by default but the have interesting results so lets add them
- bodyclose # checks whether HTTP response body is closed successfully
Extend linter rules (#1300) - dupword checks for duplicate words in the source code - durationcheck checks for two durations multiplied together - forbidigo forbids identifiers - mirror reports wrong mirror patterns of bytes/strings usage - misspell finds commonly misspelled English words in comments - predeclared finds code that shadows one of Go's predeclared identifiers - thelper detects Go test helpers without t.Helper() call and checks the consistency of test helpers
2023-11-10 16:33:13 +01:00
- dupword # dupword checks for duplicate words in the source code
- durationcheck # durationcheck checks for two durations multiplied together
- forbidigo # forbidigo forbids identifiers
Add gocritic linter (#1324) * Add gocritic linter `gocritic` provides diagnostics that check for bugs, performance, and style issues We disable the following checks: - commentFormatting - captLocal - deprecatedComment This PR contains many `//nolint:gocritic` to disable `appendAssign`.
2023-11-27 16:40:02 +01:00
- gocritic # provides diagnostics that check for bugs, performance and style issues
Add gosec linter (#1342) This PR adds `gosec` linter with the following checks disabled: - G102: Bind to all interfaces - G107: Url provided to HTTP request as taint input - G112: Potential slowloris attack - G114: Use of net/http serve function that has no support for setting timeouts - G204: Audit use of command execution - G401: Detect the usage of DES, RC4, MD5 or SHA1 - G402: Look for bad TLS connection settings - G404: Insecure random number source (rand) - G501: Import blocklist: crypto/md5 - G505: Import blocklist: crypto/sha1 We have complaints related to the checks above. They have to be addressed separately.
2023-12-04 13:34:06 +01:00
- gosec # inspects source code for security problems
Extend linter rules (#1300) - dupword checks for duplicate words in the source code - durationcheck checks for two durations multiplied together - forbidigo forbids identifiers - mirror reports wrong mirror patterns of bytes/strings usage - misspell finds commonly misspelled English words in comments - predeclared finds code that shadows one of Go's predeclared identifiers - thelper detects Go test helpers without t.Helper() call and checks the consistency of test helpers
2023-11-10 16:33:13 +01:00
- mirror # mirror reports wrong mirror patterns of bytes/strings usage
- misspell # misspess finds commonly misspelled English words in comments
Update GitHub Actions and Enhance golangci-lint (#1075) This PR showcases the implementation of additional linter rules. I've updated the golangci-lint GitHub Actions to the latest available version. This update makes sure that the tool works the same way locally - assuming being updated regularly - and with the GitHub Actions. I've also taken care of keeping all the GitHub Actions up to date, which helps our code stay current. But there's one part, goreleaser that's a bit tricky to test on our computers. So, it's important to take a close look at that. To make it easier to understand what I've done, I've made separate changes for each thing that the new linters found. This should help the people reviewing the changes see what's going on more clearly. Some of the changes might not be obvious at first glance. Things to consider for the future CI runs on Ubuntu so the static analysis only happens for Linux. Consider running it for the rest: Darwin, Windows
2023-09-04 17:03:44 +02:00
- nilerr # finds the code that returns nil even if it checks that the error is not nil
- nilnil # checks that there is no simultaneous return of nil error and an invalid value
Extend linter rules (#1300) - dupword checks for duplicate words in the source code - durationcheck checks for two durations multiplied together - forbidigo forbids identifiers - mirror reports wrong mirror patterns of bytes/strings usage - misspell finds commonly misspelled English words in comments - predeclared finds code that shadows one of Go's predeclared identifiers - thelper detects Go test helpers without t.Helper() call and checks the consistency of test helpers
2023-11-10 16:33:13 +01:00
- predeclared # predeclared finds code that shadows one of Go's predeclared identifiers
Enable review linter with exported docs check (#1647) Exported function and methods should have comments. This warns on undocumented exported functions and methods.
2024-02-29 16:05:31 +01:00
- revive # Fast, configurable, extensible, flexible, and beautiful linter for Go. Drop-in replacement of golint.
Update GitHub Actions and Enhance golangci-lint (#1075) This PR showcases the implementation of additional linter rules. I've updated the golangci-lint GitHub Actions to the latest available version. This update makes sure that the tool works the same way locally - assuming being updated regularly - and with the GitHub Actions. I've also taken care of keeping all the GitHub Actions up to date, which helps our code stay current. But there's one part, goreleaser that's a bit tricky to test on our computers. So, it's important to take a close look at that. To make it easier to understand what I've done, I've made separate changes for each thing that the new linters found. This should help the people reviewing the changes see what's going on more clearly. Some of the changes might not be obvious at first glance. Things to consider for the future CI runs on Ubuntu so the static analysis only happens for Linux. Consider running it for the rest: Darwin, Windows
2023-09-04 17:03:44 +02:00
- sqlclosecheck # checks that sql.Rows and sql.Stmt are closed
Extend linter rules (#1300) - dupword checks for duplicate words in the source code - durationcheck checks for two durations multiplied together - forbidigo forbids identifiers - mirror reports wrong mirror patterns of bytes/strings usage - misspell finds commonly misspelled English words in comments - predeclared finds code that shadows one of Go's predeclared identifiers - thelper detects Go test helpers without t.Helper() call and checks the consistency of test helpers
2023-11-10 16:33:13 +01:00
- thelper # thelper detects Go test helpers without t.Helper() call and checks the consistency of test helpers.
Update GitHub Actions and Enhance golangci-lint (#1075) This PR showcases the implementation of additional linter rules. I've updated the golangci-lint GitHub Actions to the latest available version. This update makes sure that the tool works the same way locally - assuming being updated regularly - and with the GitHub Actions. I've also taken care of keeping all the GitHub Actions up to date, which helps our code stay current. But there's one part, goreleaser that's a bit tricky to test on our computers. So, it's important to take a close look at that. To make it easier to understand what I've done, I've made separate changes for each thing that the new linters found. This should help the people reviewing the changes see what's going on more clearly. Some of the changes might not be obvious at first glance. Things to consider for the future CI runs on Ubuntu so the static analysis only happens for Linux. Consider running it for the rest: Darwin, Windows
2023-09-04 17:03:44 +02:00
- wastedassign # wastedassign finds wasted assignment statements
issues:
# Maximum count of issues with the same text.
# Set to 0 to disable.
# Default: 3
max-same-issues: 5
exclude-rules:
Extend linter rules (#1300) - dupword checks for duplicate words in the source code - durationcheck checks for two durations multiplied together - forbidigo forbids identifiers - mirror reports wrong mirror patterns of bytes/strings usage - misspell finds commonly misspelled English words in comments - predeclared finds code that shadows one of Go's predeclared identifiers - thelper detects Go test helpers without t.Helper() call and checks the consistency of test helpers
2023-11-10 16:33:13 +01:00
# allow fmt
Add gosec linter (#1342) This PR adds `gosec` linter with the following checks disabled: - G102: Bind to all interfaces - G107: Url provided to HTTP request as taint input - G112: Potential slowloris attack - G114: Use of net/http serve function that has no support for setting timeouts - G204: Audit use of command execution - G401: Detect the usage of DES, RC4, MD5 or SHA1 - G402: Look for bad TLS connection settings - G404: Insecure random number source (rand) - G501: Import blocklist: crypto/md5 - G505: Import blocklist: crypto/sha1 We have complaints related to the checks above. They have to be addressed separately.
2023-12-04 13:34:06 +01:00
- path: management/cmd/root\.go
Extend linter rules (#1300) - dupword checks for duplicate words in the source code - durationcheck checks for two durations multiplied together - forbidigo forbids identifiers - mirror reports wrong mirror patterns of bytes/strings usage - misspell finds commonly misspelled English words in comments - predeclared finds code that shadows one of Go's predeclared identifiers - thelper detects Go test helpers without t.Helper() call and checks the consistency of test helpers
2023-11-10 16:33:13 +01:00
linters: forbidigo
Add gosec linter (#1342) This PR adds `gosec` linter with the following checks disabled: - G102: Bind to all interfaces - G107: Url provided to HTTP request as taint input - G112: Potential slowloris attack - G114: Use of net/http serve function that has no support for setting timeouts - G204: Audit use of command execution - G401: Detect the usage of DES, RC4, MD5 or SHA1 - G402: Look for bad TLS connection settings - G404: Insecure random number source (rand) - G501: Import blocklist: crypto/md5 - G505: Import blocklist: crypto/sha1 We have complaints related to the checks above. They have to be addressed separately.
2023-12-04 13:34:06 +01:00
- path: signal/cmd/root\.go
Extend linter rules (#1300) - dupword checks for duplicate words in the source code - durationcheck checks for two durations multiplied together - forbidigo forbids identifiers - mirror reports wrong mirror patterns of bytes/strings usage - misspell finds commonly misspelled English words in comments - predeclared finds code that shadows one of Go's predeclared identifiers - thelper detects Go test helpers without t.Helper() call and checks the consistency of test helpers
2023-11-10 16:33:13 +01:00
linters: forbidigo
Add gosec linter (#1342) This PR adds `gosec` linter with the following checks disabled: - G102: Bind to all interfaces - G107: Url provided to HTTP request as taint input - G112: Potential slowloris attack - G114: Use of net/http serve function that has no support for setting timeouts - G204: Audit use of command execution - G401: Detect the usage of DES, RC4, MD5 or SHA1 - G402: Look for bad TLS connection settings - G404: Insecure random number source (rand) - G501: Import blocklist: crypto/md5 - G505: Import blocklist: crypto/sha1 We have complaints related to the checks above. They have to be addressed separately.
2023-12-04 13:34:06 +01:00
- path: sharedsock/filter\.go
Update GitHub Actions and Enhance golangci-lint (#1075) This PR showcases the implementation of additional linter rules. I've updated the golangci-lint GitHub Actions to the latest available version. This update makes sure that the tool works the same way locally - assuming being updated regularly - and with the GitHub Actions. I've also taken care of keeping all the GitHub Actions up to date, which helps our code stay current. But there's one part, goreleaser that's a bit tricky to test on our computers. So, it's important to take a close look at that. To make it easier to understand what I've done, I've made separate changes for each thing that the new linters found. This should help the people reviewing the changes see what's going on more clearly. Some of the changes might not be obvious at first glance. Things to consider for the future CI runs on Ubuntu so the static analysis only happens for Linux. Consider running it for the rest: Darwin, Windows
2023-09-04 17:03:44 +02:00
linters:
- unused
Add gosec linter (#1342) This PR adds `gosec` linter with the following checks disabled: - G102: Bind to all interfaces - G107: Url provided to HTTP request as taint input - G112: Potential slowloris attack - G114: Use of net/http serve function that has no support for setting timeouts - G204: Audit use of command execution - G401: Detect the usage of DES, RC4, MD5 or SHA1 - G402: Look for bad TLS connection settings - G404: Insecure random number source (rand) - G501: Import blocklist: crypto/md5 - G505: Import blocklist: crypto/sha1 We have complaints related to the checks above. They have to be addressed separately.
2023-12-04 13:34:06 +01:00
- path: client/firewall/iptables/rule\.go
Update GitHub Actions and Enhance golangci-lint (#1075) This PR showcases the implementation of additional linter rules. I've updated the golangci-lint GitHub Actions to the latest available version. This update makes sure that the tool works the same way locally - assuming being updated regularly - and with the GitHub Actions. I've also taken care of keeping all the GitHub Actions up to date, which helps our code stay current. But there's one part, goreleaser that's a bit tricky to test on our computers. So, it's important to take a close look at that. To make it easier to understand what I've done, I've made separate changes for each thing that the new linters found. This should help the people reviewing the changes see what's going on more clearly. Some of the changes might not be obvious at first glance. Things to consider for the future CI runs on Ubuntu so the static analysis only happens for Linux. Consider running it for the rest: Darwin, Windows
2023-09-04 17:03:44 +02:00
linters:
- unused
Add gosec linter (#1342) This PR adds `gosec` linter with the following checks disabled: - G102: Bind to all interfaces - G107: Url provided to HTTP request as taint input - G112: Potential slowloris attack - G114: Use of net/http serve function that has no support for setting timeouts - G204: Audit use of command execution - G401: Detect the usage of DES, RC4, MD5 or SHA1 - G402: Look for bad TLS connection settings - G404: Insecure random number source (rand) - G501: Import blocklist: crypto/md5 - G505: Import blocklist: crypto/sha1 We have complaints related to the checks above. They have to be addressed separately.
2023-12-04 13:34:06 +01:00
- path: test\.go
Extend linter rules (#1300) - dupword checks for duplicate words in the source code - durationcheck checks for two durations multiplied together - forbidigo forbids identifiers - mirror reports wrong mirror patterns of bytes/strings usage - misspell finds commonly misspelled English words in comments - predeclared finds code that shadows one of Go's predeclared identifiers - thelper detects Go test helpers without t.Helper() call and checks the consistency of test helpers
2023-11-10 16:33:13 +01:00
linters:
- mirror
Add gosec linter (#1342) This PR adds `gosec` linter with the following checks disabled: - G102: Bind to all interfaces - G107: Url provided to HTTP request as taint input - G112: Potential slowloris attack - G114: Use of net/http serve function that has no support for setting timeouts - G204: Audit use of command execution - G401: Detect the usage of DES, RC4, MD5 or SHA1 - G402: Look for bad TLS connection settings - G404: Insecure random number source (rand) - G501: Import blocklist: crypto/md5 - G505: Import blocklist: crypto/sha1 We have complaints related to the checks above. They have to be addressed separately.
2023-12-04 13:34:06 +01:00
- gosec
- path: mock\.go
Update GitHub Actions and Enhance golangci-lint (#1075) This PR showcases the implementation of additional linter rules. I've updated the golangci-lint GitHub Actions to the latest available version. This update makes sure that the tool works the same way locally - assuming being updated regularly - and with the GitHub Actions. I've also taken care of keeping all the GitHub Actions up to date, which helps our code stay current. But there's one part, goreleaser that's a bit tricky to test on our computers. So, it's important to take a close look at that. To make it easier to understand what I've done, I've made separate changes for each thing that the new linters found. This should help the people reviewing the changes see what's going on more clearly. Some of the changes might not be obvious at first glance. Things to consider for the future CI runs on Ubuntu so the static analysis only happens for Linux. Consider running it for the rest: Darwin, Windows
2023-09-04 17:03:44 +02:00
linters:
Extend linter rules (#1300) - dupword checks for duplicate words in the source code - durationcheck checks for two durations multiplied together - forbidigo forbids identifiers - mirror reports wrong mirror patterns of bytes/strings usage - misspell finds commonly misspelled English words in comments - predeclared finds code that shadows one of Go's predeclared identifiers - thelper detects Go test helpers without t.Helper() call and checks the consistency of test helpers
2023-11-10 16:33:13 +01:00
- nilnil
Upgrade gRPC and OpenTelemetry packages for compatibility (#2003) Upgrades `go.opentelemetry.io/otel` from version` v1.11.1` to `v1.26.0`. The upgrade addresses compatibility issues caused by the removal of several sub-packages in the latest OpenTelemetry release, which were causing broken dependencies. **Key Changes:** - Upgraded `go.opentelemetry.io/otel` from `v1.11.1` to `v1.26.0`. - Fixed broken dependencies by replacing the deprecated sub-packages: - `go.opentelemetry.io/otel/metric/instrument` - `go.opentelemetry.io/otel/metric/instrument/asyncint64` - `go.opentelemetry.io/otel/metric/instrument/syncint64` - Upgraded `google.golang.org/grpc` from `v1.56.3` to `v1.64.0` which deprecate `Dial` and `DialContext` to `NewClient`.
2024-05-27 08:39:18 +02:00
# Exclude specific deprecation warnings for grpc methods
- linters:
- staticcheck
text: "grpc.DialContext is deprecated"
- linters:
- staticcheck
text: "grpc.WithBlock is deprecated"
Reference in New Issue Copy Permalink