fix all linter errors

Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>

cmd/mcpserver/mcpserver.go

@@ -233,9 +233,10 @@ func (ksServer *KubescapeMcpserver) CallTool(name string, arguments map[string]i
 
 		// Get workload-level manifests
 		labelSelector := ""
-		if level == "workload" {
+		switch level {
+		case "workload":
 			labelSelector = "kubescape.io/context=filtered"
-		} else if level == "image" {
+		case "image":
 			labelSelector = "kubescape.io/context=non-filtered"
 		}
 
@@ -480,7 +481,7 @@ func mcpServerEntrypoint() error {
 
 	// Start the server
 	if err := server.ServeStdio(s); err != nil {
-		return fmt.Errorf("Server error: %v\n", err)
+		return fmt.Errorf("server error: %v", err)
 	}
 	return nil
 }

cmd/operator/operator.go

@@ -14,7 +14,7 @@ const (
 )
 
 var operatorExamples = fmt.Sprintf(`
-  
+
   # Trigger a configuration scan
   %[1]s operator scan configurations
 
@@ -34,16 +34,16 @@ func GetOperatorCmd(ks meta.IKubescape) *cobra.Command {
 		Args: func(cmd *cobra.Command, args []string) error {
 			operatorInfo.Subcommands = append(operatorInfo.Subcommands, "operator")
 			if len(args) < 2 {
-				return errors.New("For the operator sub-command, you need to provide at least one additional sub-command. Refer to the examples above.")
+				return errors.New("for the operator sub-command, you need to provide at least one additional sub-command. Refer to the examples above")
 			}
 			return nil
 		},
 		RunE: func(cmd *cobra.Command, args []string) error {
 			if len(args) < 2 {
-				return errors.New("For the operator sub-command, you need to provide at least one additional sub-command. Refer to the examples above.")
+				return errors.New("for the operator sub-command, you need to provide at least one additional sub-command. Refer to the examples above")
 			}
 			if args[0] != scanSubCommand {
-				return errors.New(fmt.Sprintf("For the operator sub-command, only %s is supported. Refer to the examples above.", scanSubCommand))
+				return fmt.Errorf("for the operator sub-command, only %s is supported. Refer to the examples above", scanSubCommand)
 			}
 			return nil
 		},

cmd/operator/operator_test.go

@@ -21,7 +21,7 @@ func TestGetOperatorCmd(t *testing.T) {
 	assert.Equal(t, operatorExamples, cmd.Example)
 
 	err := cmd.Args(&cobra.Command{}, []string{})
-	expectedErrorMessage := "For the operator sub-command, you need to provide at least one additional sub-command. Refer to the examples above."
+	expectedErrorMessage := "for the operator sub-command, you need to provide at least one additional sub-command. Refer to the examples above"
 	assert.Equal(t, expectedErrorMessage, err.Error())
 
 	err = cmd.Args(&cobra.Command{}, []string{"scan", "configurations"})
@@ -37,6 +37,6 @@ func TestGetOperatorCmd(t *testing.T) {
 	assert.Equal(t, expectedErrorMessage, err.Error())
 
 	err = cmd.RunE(&cobra.Command{}, []string{"random-subcommand", "random-config"})
-	expectedErrorMessage = "For the operator sub-command, only " + scanSubCommand + " is supported. Refer to the examples above."
+	expectedErrorMessage = "for the operator sub-command, only " + scanSubCommand + " is supported. Refer to the examples above"
 	assert.Equal(t, expectedErrorMessage, err.Error())
 }

cmd/operator/scan.go

@@ -32,7 +32,7 @@ func getOperatorScanCmd(ks meta.IKubescape, operatorInfo cautils.OperatorInfo) *
 				return errors.New("for operator scan sub command, you must pass at least 1 more sub commands, see above examples")
 			}
 			if (args[0] != vulnerabilitiesSubCommand) && (args[0] != configurationsSubCommand) {
-				return errors.New(fmt.Sprintf("For the operator sub-command, only %s and %s are supported. Refer to the examples above.", vulnerabilitiesSubCommand, configurationsSubCommand))
+				return fmt.Errorf("for the operator sub-command, only %s and %s are supported. Refer to the examples above", vulnerabilitiesSubCommand, configurationsSubCommand)
 			}
 			return nil
 		},

cmd/operator/scan_test.go

@@ -41,6 +41,6 @@ func TestGetOperatorScanCmd(t *testing.T) {
 	assert.Nil(t, err)
 
 	err = cmd.RunE(&cobra.Command{}, []string{"random"})
-	expectedErrorMessage = "For the operator sub-command, only " + vulnerabilitiesSubCommand + " and " + configurationsSubCommand + " are supported. Refer to the examples above."
+	expectedErrorMessage = "for the operator sub-command, only " + vulnerabilitiesSubCommand + " and " + configurationsSubCommand + " are supported. Refer to the examples above"
 	assert.Equal(t, expectedErrorMessage, err.Error())
 }

cmd/scan/validators_test.go

@@ -35,7 +35,7 @@ func Test_validateControlScanInfo(t *testing.T) {
 		t.Run(
 			tc.Description,
 			func(t *testing.T) {
-				var want error = tc.Want
+				var want = tc.Want
 
 				got := validateControlScanInfo(tc.ScanInfo)
 
@@ -85,7 +85,7 @@ func Test_validateFrameworkScanInfo(t *testing.T) {
 		t.Run(
 			tc.Description,
 			func(t *testing.T) {
-				var want error = tc.Want
+				var want = tc.Want
 
 				got := validateFrameworkScanInfo(tc.ScanInfo)
 

cmd/shared/image_scan_test.go

@@ -50,7 +50,7 @@ func TestValidateImageScanInfo(t *testing.T) {
 		t.Run(
 			tc.Description,
 			func(t *testing.T) {
-				var want error = tc.Want
+				var want = tc.Want
 
 				got := ValidateImageScanInfo(tc.ScanInfo)
 

core/cautils/customerloader.go

@@ -521,9 +521,3 @@ func GetTenantConfig(accountID, accessKey, clusterName, customClusterName string
 }
 
 // firstNonEmpty returns the first non-empty string
-func firstNonEmpty(s1, s2 string) string {
-	if s1 != "" {
-		return s1
-	}
-	return s2
-}

core/cautils/fileutils.go

@@ -322,7 +322,7 @@ func glob(root, pattern string, onlyDirectories bool) ([]string, error) {
 			return nil
 		}
 		fileFormat := getFileFormat(path)
-		if !(fileFormat == JSON_FILE_FORMAT || fileFormat == YAML_FILE_FORMAT) {
+		if fileFormat != JSON_FILE_FORMAT && fileFormat != YAML_FILE_FORMAT {
 			return nil
 		}
 		if matched, err := filepath.Match(pattern, filepath.Base(path)); err != nil {

core/cautils/getter/getpoliciesutils_test.go

@@ -1,7 +1,7 @@
 package getter
 
 import (
-	"io/ioutil"
+	"io"
 	"net/http"
 	"os"
 	"path/filepath"
@@ -102,7 +102,7 @@ func TestHttpRespToString_NilResponse(t *testing.T) {
 
 func TestHttpRespToString_ValidResponse(t *testing.T) {
 	resp := &http.Response{
-		Body:       ioutil.NopCloser(strings.NewReader("test response")),
+		Body:       io.NopCloser(strings.NewReader("test response")),
 		Status:     "200 OK",
 		StatusCode: 200,
 	}
@@ -114,7 +114,7 @@ func TestHttpRespToString_ValidResponse(t *testing.T) {
 // Returns an error with status and reason when unable to read response body.
 func TestHttpRespToString_ReadError(t *testing.T) {
 	resp := &http.Response{
-		Body: ioutil.NopCloser(strings.NewReader("test response")),
+		Body: io.NopCloser(strings.NewReader("test response")),
 	}
 	resp.Body.Close()
 	result, err := httpRespToString(resp)
@@ -125,7 +125,7 @@ func TestHttpRespToString_ReadError(t *testing.T) {
 // Returns an error with status and reason when unable to read response body.
 func TestHttpRespToString_ErrorCodeLessThan200(t *testing.T) {
 	resp := &http.Response{
-		Body:       ioutil.NopCloser(strings.NewReader("test response")),
+		Body:       io.NopCloser(strings.NewReader("test response")),
 		StatusCode: 100,
 	}
 	resp.Body.Close()

core/cautils/getter/kscloudapi_test.go

@@ -5,7 +5,6 @@ import (
 	"io"
 	"net/http"
 	"net/http/httptest"
-	"os"
 	"strings"
 	"sync"
 	"testing"
@@ -25,10 +24,6 @@ const (
 
 var (
 	globalMx sync.Mutex // a mutex to avoid data races on package globals while testing
-
-	testOptions = []v1.KSCloudOption{
-		v1.WithTrace(os.Getenv("DEBUG_TEST") != ""),
-	}
 )
 
 func TestGlobalKSCloudAPIConnector(t *testing.T) {
@@ -113,8 +108,6 @@ func mockAPIServer(t testing.TB) *testServer {
 		defer func() { _ = r.Body.Close() }()
 		_, _ = io.Copy(w, r.Body)
 
-		return
-
 	})
 
 	return server

core/cautils/getter/loadpolicy.go

@@ -226,7 +226,7 @@ func (lp *LoadPolicy) GetControlsInputs(_ /* clusterName */ string) (map[string]
 	buf, err := os.ReadFile(filePath)
 	if err != nil {
 		formattedError := fmt.Errorf(
-			`Error opening %s file, "controls-config" will be downloaded from ARMO management portal`,
+			`error opening %s file, "controls-config" will be downloaded from ARMO management portal`,
 			fileName,
 		)
 
@@ -236,7 +236,7 @@ func (lp *LoadPolicy) GetControlsInputs(_ /* clusterName */ string) (map[string]
 	controlInputs := make(map[string][]string, 100) // from armotypes.Settings.PostureControlInputs
 	if err = json.Unmarshal(buf, &controlInputs); err != nil {
 		formattedError := fmt.Errorf(
-			`Error reading %s file, %v, "controls-config" will be downloaded from ARMO management portal`,
+			`error reading %s file, %v, "controls-config" will be downloaded from ARMO management portal`,
 			fileName, err,
 		)
 

core/cautils/kustomizedirectory_test.go

@@ -54,7 +54,7 @@ func TestGetKustomizeDirectoryName(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			tempFile := filepath.Join(tt.args.path, "kustomization.yaml")
 			if tt.createKustomization {
-				_ = os.WriteFile(tempFile, []byte(""), 0644)
+				_ = os.WriteFile(tempFile, []byte(""), 0600)
 			}
 			if got := getKustomizeDirectoryName(tt.args.path); got != tt.want {
 				t.Errorf("GetKustomizeDirectoryName() = %v, want %v", got, tt.want)

core/cautils/operartorscaninfo_test.go

@@ -81,7 +81,7 @@ func Test_GetRequestPayload(t *testing.T) {
 
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			result := tc.OperatorScanInfo.GetRequestPayload()
+			result := tc.GetRequestPayload()
 			assert.Equal(t, tc.result, result)
 		})
 	}
@@ -136,8 +136,8 @@ func Test_ValidatePayload(t *testing.T) {
 
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			payload := tc.OperatorScanInfo.GetRequestPayload()
-			result := tc.OperatorScanInfo.ValidatePayload(payload)
+			payload := tc.GetRequestPayload()
+			result := tc.ValidatePayload(payload)
 			assert.Equal(t, tc.result, result)
 		})
 	}

core/cautils/parseFile.go

@@ -170,7 +170,6 @@ func getInfoFromOne(output string, lastNumber int, isMapType bool) (value string
 		if isMapType {
 			lineNumber = lineNumber - 1
 		}
-		lastNumber = lineNumber
 		// save to structure
 	} else {
 		lineNumber = lastNumber

core/cautils/portforwarder.go

@@ -78,7 +78,7 @@ func (p *portForward) StopPortForwarder() {
 
 func (p *portForward) StartPortForwarder() error {
 	go func() {
-		p.PortForwarder.ForwardPorts()
+		p.ForwardPorts()
 	}()
 	p.waitForPortForwardReadiness()
 

core/cautils/portforwarder_test.go

@@ -64,7 +64,7 @@ func Test_CreatePortForwarder(t *testing.T) {
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
 			k8sClient := k8sinterface.KubernetesApi{
-				KubernetesClient: fake.NewSimpleClientset(),
+				KubernetesClient: fake.NewClientset(),
 				K8SConfig: &rest.Config{
 					Host: "any",
 				},
@@ -105,7 +105,7 @@ func Test_GetPortForwardLocalhost(t *testing.T) {
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
 			k8sClient := k8sinterface.KubernetesApi{
-				KubernetesClient: fake.NewSimpleClientset(),
+				KubernetesClient: fake.NewClientset(),
 				K8SConfig: &rest.Config{
 					Host: "any",
 				},

core/core/clusterconnector.go

@@ -36,7 +36,7 @@ func getOperatorPod(k8sClient *k8sinterface.KubernetesApi, ns string) (*v1.Pod,
 		return nil, err
 	}
 	if len(pods.Items) != 1 {
-		return nil, errors.New("Could not find the Kubescape Operator chart, please validate that the Kubescape Operator helm chart is installed and running -> https://github.com/kubescape/helm-charts")
+		return nil, errors.New("could not find the Kubescape Operator chart, please validate that the Kubescape Operator helm chart is installed and running -> https://github.com/kubescape/helm-charts")
 	}
 
 	return &pods.Items[0], nil
@@ -90,8 +90,8 @@ func (a *OperatorAdapter) httpPostOperatorScanRequest(body apis.Commands) (strin
 }
 
 func (a *OperatorAdapter) OperatorScan() (string, error) {
-	payload := a.OperatorScanInfo.GetRequestPayload()
-	if err := a.OperatorScanInfo.ValidatePayload(payload); err != nil {
+	payload := a.GetRequestPayload()
+	if err := a.ValidatePayload(payload); err != nil {
 		return "", err
 	}
 	res, err := a.httpPostOperatorScanRequest(*payload)

core/core/clusterconnector_test.go

@@ -23,13 +23,13 @@ func Test_getOperatorPod(t *testing.T) {
 			name:                                  "test error no operator exist",
 			createOperatorPod:                     false,
 			createAnotherOperatorPodWithSameLabel: false,
-			expectedError:                         fmt.Errorf("Could not find the Kubescape Operator chart, please validate that the Kubescape Operator helm chart is installed and running -> https://github.com/kubescape/helm-charts"),
+			expectedError:                         fmt.Errorf("could not find the Kubescape Operator chart, please validate that the Kubescape Operator helm chart is installed and running -> https://github.com/kubescape/helm-charts"),
 		},
 		{
 			name:                                  "test error several operators exist",
 			createOperatorPod:                     true,
 			createAnotherOperatorPodWithSameLabel: true,
-			expectedError:                         fmt.Errorf("Could not find the Kubescape Operator chart, please validate that the Kubescape Operator helm chart is installed and running -> https://github.com/kubescape/helm-charts"),
+			expectedError:                         fmt.Errorf("could not find the Kubescape Operator chart, please validate that the Kubescape Operator helm chart is installed and running -> https://github.com/kubescape/helm-charts"),
 		},
 		{
 			name:                                  "test no error",
@@ -42,7 +42,7 @@ func Test_getOperatorPod(t *testing.T) {
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
 			k8sClient := k8sinterface.KubernetesApi{
-				KubernetesClient: fake.NewSimpleClientset(),
+				KubernetesClient: fake.NewClientset(),
 				Context:          context.TODO(),
 			}
 

core/core/fix.go

@@ -48,7 +48,7 @@ func (ks *Kubescape) Fix(fixInfo *metav1.FixInfo) error {
 		for _, err := range errors {
 			logger.L().Ctx(ks.Context()).Warning(err.Error())
 		}
-		return fmt.Errorf("Failed to fix some resources, check the logs for more details")
+		return fmt.Errorf("failed to fix some resources, check the logs for more details")
 	}
 
 	return nil
@@ -64,9 +64,10 @@ func userConfirmed() bool {
 		}
 
 		input = strings.ToLower(input)
-		if input == "y" || input == "yes" {
+		switch input {
+		case "y", "yes":
 			return true
-		} else if input == "n" || input == "no" {
+		case "n", "no":
 			return false
 		}
 	}

core/core/initutils.go

@@ -82,7 +82,7 @@ func getReporter(ctx context.Context, tenantConfig cautils.ITenantConfig, report
 }
 
 func getResourceHandler(ctx context.Context, scanInfo *cautils.ScanInfo, tenantConfig cautils.ITenantConfig, k8s *k8sinterface.KubernetesApi, hostSensorHandler hostsensorutils.IHostSensor) resourcehandler.IResourceHandler {
-	ctx, span := otel.Tracer("").Start(ctx, "getResourceHandler")
+	_, span := otel.Tracer("").Start(ctx, "getResourceHandler")
 	defer span.End()
 
 	if len(scanInfo.InputPatterns) > 0 || k8s == nil {

core/core/list.go

@@ -48,7 +48,7 @@ func (ks *Kubescape) List(listPolicies *metav1.ListPolicies) error {
 		if listFormatFunction, ok := listFormatFunc[listPolicies.Format]; ok {
 			listFormatFunction(ks.Context(), listPolicies.Target, policies)
 		} else {
-			return fmt.Errorf("Invalid format \"%s\", Supported formats: 'pretty-print'/'json' ", listPolicies.Format)
+			return fmt.Errorf("invalid format \"%s\", supported formats: 'pretty-print'/'json' ", listPolicies.Format)
 		}
 
 		return nil
@@ -168,7 +168,7 @@ func generateControlRows(policies []string) []table.Row {
 
 		docs := cautils.GetControlLink(id)
 
-		currentRow := table.Row{id, control, docs, strings.Replace(framework, " ", "\n", -1)}
+		currentRow := table.Row{id, control, docs, strings.ReplaceAll(framework, " ", "\n")}
 
 		rows = append(rows, currentRow)
 	}
@@ -188,7 +188,7 @@ func generatePolicyRows(policies []string) []table.Row {
 func shortFormatControlRows(controlRows []table.Row) []table.Row {
 	rows := make([]table.Row, 0, len(controlRows))
 	for _, controlRow := range controlRows {
-		rows = append(rows, table.Row{fmt.Sprintf("Control ID"+strings.Repeat(" ", 3)+": %+v\nControl Name"+strings.Repeat(" ", 1)+": %+v\nDocs"+strings.Repeat(" ", 9)+": %+v\nFrameworks"+strings.Repeat(" ", 3)+": %+v", controlRow[0], controlRow[1], controlRow[2], strings.Replace(controlRow[3].(string), "\n", " ", -1))})
+		rows = append(rows, table.Row{fmt.Sprintf("Control ID"+strings.Repeat(" ", 3)+": %+v\nControl Name"+strings.Repeat(" ", 1)+": %+v\nDocs"+strings.Repeat(" ", 9)+": %+v\nFrameworks"+strings.Repeat(" ", 3)+": %+v", controlRow[0], controlRow[1], controlRow[2], strings.ReplaceAll(controlRow[3].(string), "\n", " "))})
 	}
 	return rows
 }

core/core/patch.go

@@ -313,7 +313,7 @@ func patchWithContext(ctx context.Context, buildkitAddr, image, reportFile, patc
 		return res, nil
 	}, buildChannel)
 
-	return nil
+	return err
 }
 
 func getOSType(ctx context.Context, osreleaseBytes []byte) (string, error) {

core/core/scan.go

@@ -145,14 +145,14 @@ func (ks *Kubescape) Scan(scanInfo *cautils.ScanInfo) (*resultshandling.ResultsH
 	}
 
 	// set policy getter only after setting the customerGUID
-	scanInfo.Getters.PolicyGetter = getPolicyGetter(ctxInit, scanInfo.UseFrom, interfaces.tenantConfig.GetAccountID(), scanInfo.FrameworkScan, downloadReleasedPolicy)
-	scanInfo.Getters.ControlsInputsGetter = getConfigInputsGetter(ctxInit, scanInfo.ControlsInputs, interfaces.tenantConfig.GetAccountID(), downloadReleasedPolicy)
-	scanInfo.Getters.ExceptionsGetter = getExceptionsGetter(ctxInit, scanInfo.UseExceptions, interfaces.tenantConfig.GetAccountID(), downloadReleasedPolicy)
-	scanInfo.Getters.AttackTracksGetter = getAttackTracksGetter(ctxInit, scanInfo.AttackTracks, interfaces.tenantConfig.GetAccountID(), downloadReleasedPolicy)
+	scanInfo.PolicyGetter = getPolicyGetter(ctxInit, scanInfo.UseFrom, interfaces.tenantConfig.GetAccountID(), scanInfo.FrameworkScan, downloadReleasedPolicy)
+	scanInfo.ControlsInputsGetter = getConfigInputsGetter(ctxInit, scanInfo.ControlsInputs, interfaces.tenantConfig.GetAccountID(), downloadReleasedPolicy)
+	scanInfo.ExceptionsGetter = getExceptionsGetter(ctxInit, scanInfo.UseExceptions, interfaces.tenantConfig.GetAccountID(), downloadReleasedPolicy)
+	scanInfo.AttackTracksGetter = getAttackTracksGetter(ctxInit, scanInfo.AttackTracks, interfaces.tenantConfig.GetAccountID(), downloadReleasedPolicy)
 
 	// TODO - list supported frameworks/controls
 	if scanInfo.ScanAll {
-		scanInfo.SetPolicyIdentifiers(listFrameworksNames(scanInfo.Getters.PolicyGetter), apisv1.KindFramework)
+		scanInfo.SetPolicyIdentifiers(listFrameworksNames(scanInfo.PolicyGetter), apisv1.KindFramework)
 	}
 
 	// remove host scanner components
@@ -200,7 +200,7 @@ func (ks *Kubescape) Scan(scanInfo *cautils.ScanInfo) (*resultshandling.ResultsH
 	// ======================== prioritization ===================
 	if scanInfo.PrintAttackTree || isPrioritizationScanType(scanInfo.ScanType) {
 		_, spanPrioritization := otel.Tracer("").Start(ctxOpa, "prioritization")
-		if priotizationHandler, err := resourcesprioritization.NewResourcesPrioritizationHandler(ctxOpa, scanInfo.Getters.AttackTracksGetter, scanInfo.PrintAttackTree); err != nil {
+		if priotizationHandler, err := resourcesprioritization.NewResourcesPrioritizationHandler(ctxOpa, scanInfo.AttackTracksGetter, scanInfo.PrintAttackTree); err != nil {
 			logger.L().Ctx(ks.Context()).Warning("failed to get attack tracks, this may affect the scanning results", helpers.Error(err))
 		} else if err := priotizationHandler.PrioritizeResources(scanData); err != nil {
 			return resultsHandling, fmt.Errorf("%w", err)

core/pkg/containerscan/containerscan_mock.go

@@ -46,8 +46,6 @@ var hash = []rune("abcdef0123456789")
 var nums = []rune("0123456789")
 
 func randSeq(n int, bank []rune) string {
-	rand.Seed(time.Now().UnixNano())
-
 	b := make([]rune, n)
 	for i := range b {
 		b[i] = bank[rand.Intn(len(bank))] //nolint:gosec

core/pkg/containerscan/rawdatastrucutres.go

@@ -88,6 +88,6 @@ type PkgFiles []PackageFile
 
 func (v *ScanResultReport) AsFNVHash() string {
 	hasher := fnv.New64a()
-	hasher.Write([]byte(fmt.Sprintf("%v", *v)))
+	fmt.Fprintf(hasher, "%v", *v)
 	return fmt.Sprintf("%v", hasher.Sum64())
 }

core/pkg/fixhandler/fixhandler.go

@@ -209,7 +209,7 @@ func (h *FixHandler) ApplyChanges(ctx context.Context, resourcesToFix []Resource
 		fixedYamlString, err := ApplyFixToContent(ctx, fileAsString, yamlExpression)
 
 		if err != nil {
-			errors = append(errors, fmt.Errorf("Failed to fix file %s: %w ", filepath, err))
+			errors = append(errors, fmt.Errorf("failed to fix file %s: %w ", filepath, err))
 			continue
 		} else {
 			updatedFiles[filepath] = true
@@ -344,7 +344,7 @@ func GetFileString(filepath string) (string, error) {
 	bytes, err := os.ReadFile(filepath)
 
 	if err != nil {
-		return "", fmt.Errorf("Error reading file %s", filepath)
+		return "", fmt.Errorf("error reading file %s", filepath)
 	}
 
 	return string(bytes), nil
@@ -354,7 +354,7 @@ func writeFixesToFile(filepath, content string) error {
 	err := os.WriteFile(filepath, []byte(content), 0644) //nolint:gosec
 
 	if err != nil {
-		return fmt.Errorf("Error writing fixes to file: %w", err)
+		return fmt.Errorf("error writing fixes to file: %w", err)
 	}
 
 	return nil

core/pkg/fixhandler/yamlhandler.go

@@ -26,7 +26,7 @@ func decodeDocumentRoots(yamlAsString string) ([]yaml.Node, error) {
 			break
 		}
 		if err != nil {
-			return nil, fmt.Errorf("Cannot Decode File as YAML")
+			return nil, fmt.Errorf("cannot decode file as YAML")
 
 		}
 
@@ -55,7 +55,7 @@ func getFixedNodes(ctx context.Context, yamlAsString, yamlExpression string) ([]
 	fixedCandidateNodes, err := allAtOnceEvaluator.EvaluateCandidateNodes(yamlExpression, allDocuments)
 
 	if err != nil {
-		return nil, fmt.Errorf("Error fixing YAML, %w", err)
+		return nil, fmt.Errorf("error fixing YAML, %w", err)
 	}
 
 	fixedNodes := make([]yaml.Node, 0)

core/pkg/fixhandler/yamlhelper.go

@@ -86,7 +86,7 @@ func adjustFixedListLines(originalList, fixedList *[]nodeInfo) {
 func enocodeIntoYaml(parentNode *yaml.Node, nodeList *[]nodeInfo, tracker int) (string, error) {
 
 	if tracker < 0 || tracker >= len(*nodeList) {
-		return "", fmt.Errorf("Index out of range for nodeList: tracker=%d, length=%d", tracker, len(*nodeList))
+		return "", fmt.Errorf("index out of range for nodeList: tracker=%d, length=%d", tracker, len(*nodeList))
 	}
 
 	content := make([]*yaml.Node, 0)
@@ -112,11 +112,11 @@ func enocodeIntoYaml(parentNode *yaml.Node, nodeList *[]nodeInfo, tracker int) (
 
 	errorEncoding := encoder.Encode(parentForContent)
 	if errorEncoding != nil {
-		return "", fmt.Errorf("Error debugging node, %v", errorEncoding.Error())
+		return "", fmt.Errorf("error debugging node, %v", errorEncoding.Error())
 	}
 	errorClosingEncoder := encoder.Close()
 	if errorClosingEncoder != nil {
-		return "", fmt.Errorf("Error closing encoder: %v", errorClosingEncoder.Error())
+		return "", fmt.Errorf("error closing encoder: %v", errorClosingEncoder.Error())
 	}
 	return fmt.Sprintf(`%v`, buf.String()), nil
 }
@@ -216,7 +216,7 @@ func getLastLineOfResource(linesSlice *[]string, currentLine int) (int, error) {
 		}
 	}
 
-	return 0, fmt.Errorf("Provided line is greater than the length of YAML file")
+	return 0, fmt.Errorf("provided line is greater than the length of YAML file")
 }
 
 func getNodeLine(nodeList *[]nodeInfo, tracker int) int {
@@ -300,7 +300,7 @@ func isEmptyLineOrComment(lineContent string) bool {
 func readDocuments(ctx context.Context, reader io.Reader, decoder yqlib.Decoder) (*list.List, error) {
 	err := decoder.Init(reader)
 	if err != nil {
-		return nil, fmt.Errorf("Error Initializing the decoder, %w", err)
+		return nil, fmt.Errorf("error initializing the decoder, %w", err)
 	}
 	inputList := list.New()
 
@@ -316,7 +316,7 @@ func readDocuments(ctx context.Context, reader io.Reader, decoder yqlib.Decoder)
 			}
 			return inputList, nil
 		} else if errorReading != nil {
-			return nil, fmt.Errorf("Error Decoding YAML file, %w", errorReading)
+			return nil, fmt.Errorf("error decoding yaml file, %w", errorReading)
 		}
 
 		candidateNode.Document = currentIndex

core/pkg/fixhandler/yamlhelper_test.go

@@ -434,9 +434,9 @@ func TestRemoveOutOfRangeLines(t *testing.T) {
 func TestShouldCalculateTotalNumberOfChildrenAndAddToCurrentTracker(t *testing.T) {
 	node := &yaml.Node{
 		Content: []*yaml.Node{
-			&yaml.Node{},
-			&yaml.Node{},
-			&yaml.Node{},
+			{},
+			{},
+			{},
 		},
 	}
 	currentTracker := 5

core/pkg/hostsensorutils/json.go

@@ -1,15 +1 @@
 package hostsensorutils
-
-import (
-	jsoniter "github.com/json-iterator/go"
-)
-
-var (
-	json jsoniter.API
-)
-
-func init() {
-	// NOTE(fredbi): attention, this configuration rounds floats down to 6 digits
-	// For finer-grained config, see: https://pkg.go.dev/github.com/json-iterator/go#section-readme
-	json = jsoniter.ConfigFastest
-}

core/pkg/hostsensorutils/logging_messages.go

@@ -1,10 +0,0 @@
-package hostsensorutils
-
-// messages used for warnings
-var (
-	failedToGetData                     = "failed to get data"
-	failedToTeardownNamespace           = "failed to teardown Namespace"
-	oneHostSensorPodIsUnabledToSchedule = "One host-sensor pod is unable to schedule on node. We will fail to collect the data from this node"
-	failedToWatchOverDaemonSetPods      = "failed to watch over DaemonSet pods"
-	failedToValidateHostSensorPodStatus = "failed to validate host-scanner pods status"
-)

core/pkg/opaprocessor/processorhandler.go

@@ -63,12 +63,12 @@ func NewOPAProcessor(sessionObj *cautils.OPASessionObj, regoDependenciesData *re
 
 func (opap *OPAProcessor) ProcessRulesListener(ctx context.Context, progressListener IJobProgressNotificationClient) error {
 	scanningScope := cautils.GetScanningScope(opap.Metadata.ContextMetadata)
-	opap.OPASessionObj.AllPolicies = convertFrameworksToPolicies(opap.Policies, opap.ExcludedRules, scanningScope)
+	opap.AllPolicies = convertFrameworksToPolicies(opap.Policies, opap.ExcludedRules, scanningScope)
 
-	ConvertFrameworksToSummaryDetails(&opap.Report.SummaryDetails, opap.Policies, opap.OPASessionObj.AllPolicies)
+	ConvertFrameworksToSummaryDetails(&opap.Report.SummaryDetails, opap.Policies, opap.AllPolicies)
 
 	// process
-	if err := opap.Process(ctx, opap.OPASessionObj.AllPolicies, progressListener); err != nil {
+	if err := opap.Process(ctx, opap.AllPolicies, progressListener); err != nil {
 		logger.L().Ctx(ctx).Warning(err.Error())
 		// Return error?
 	}
@@ -126,7 +126,7 @@ func (opap *OPAProcessor) Process(ctx context.Context, policies *cautils.Policie
 }
 
 func (opap *OPAProcessor) loggerStartScanning() {
-	targetScan := opap.OPASessionObj.Metadata.ScanMetadata.ScanningTarget
+	targetScan := opap.Metadata.ScanMetadata.ScanningTarget
 	if reporthandlingv2.Cluster == targetScan {
 		logger.L().Start("Scanning", helpers.String(targetScan.String(), opap.clusterName))
 	} else {
@@ -135,7 +135,7 @@ func (opap *OPAProcessor) loggerStartScanning() {
 }
 
 func (opap *OPAProcessor) loggerDoneScanning() {
-	targetScan := opap.OPASessionObj.Metadata.ScanMetadata.ScanningTarget
+	targetScan := opap.Metadata.ScanMetadata.ScanningTarget
 	if reporthandlingv2.Cluster == targetScan {
 		logger.L().StopSuccess("Done scanning", helpers.String(targetScan.String(), opap.clusterName))
 	} else {
@@ -405,7 +405,7 @@ func (opap *OPAProcessor) makeRegoDeps(configInputs []reporthandling.ControlConf
 	}
 
 	dataControlInputs := map[string]string{
-		"cloudProvider": opap.OPASessionObj.Report.ClusterCloudProvider,
+		"cloudProvider": opap.Report.ClusterCloudProvider,
 	}
 
 	return resources.RegoDependenciesData{

core/pkg/opaprocessor/processorhandler_test.go

@@ -64,6 +64,12 @@ func unzipAllResourcesTestDataAndSetVar(zipFilePath, destFilePath string) error
 	}
 
 	_, err = io.Copy(dstFile, fileInArchive) //nolint:gosec
+	if err != nil {
+		dstFile.Close()
+		fileInArchive.Close()
+		archive.Close()
+		return err
+	}
 
 	dstFile.Close()
 	fileInArchive.Close()
@@ -165,12 +171,12 @@ func BenchmarkProcess(b *testing.B) {
 			go monitorHeapSpace(&maxHeap, quitChan)
 
 			// test
-			opap.Process(context.Background(), opap.OPASessionObj.AllPolicies, nil)
+			opap.Process(context.Background(), opap.AllPolicies, nil)
 
 			// teardown
 			quitChan <- true
-			b.Log(fmt.Sprintf("%s_max_heap_space_gb:  %.2f", testName, float64(maxHeap)/(1024*1024*1024)))
-			b.Log(fmt.Sprintf("%s_execution_time_sec: %f", testName, b.Elapsed().Seconds()))
+			b.Logf("%s_max_heap_space_gb:  %.2f", testName, float64(maxHeap)/(1024*1024*1024))
+			b.Logf("%s_execution_time_sec: %f", testName, b.Elapsed().Seconds())
 		})
 	}
 }

core/pkg/opaprocessor/utils.go

@@ -77,7 +77,7 @@ var cosignVerifySignatureDefinition = func(bctx rego.BuiltinContext, a, b *ast.T
 		return nil, fmt.Errorf("invalid parameter type: %v", err)
 	}
 	// Replace double backslashes with single backslashes
-	bbStr := strings.Replace(string(bStr), "\\n", "\n", -1)
+	bbStr := strings.ReplaceAll(string(bStr), "\\n", "\n")
 	result, err := verify(string(aStr), bbStr)
 	if err != nil {
 		// Do not change this log from debug level. We might find a lot of images without signature

core/pkg/resourcehandler/handlepullresources_test.go

@@ -3,7 +3,6 @@ package resourcehandler
 import (
 	"context"
 	_ "embed"
-	"encoding/json"
 	"testing"
 
 	"github.com/kubescape/k8s-interface/k8sinterface"
@@ -16,21 +15,8 @@ import (
 	"k8s.io/client-go/dynamic/fake"
 	fakeclientset "k8s.io/client-go/kubernetes/fake"
 	"k8s.io/client-go/rest"
-	clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
 )
 
-var (
-	//go:embed testdata/kubeconfig_mock.json
-	kubeConfigMock string
-)
-
-func getKubeConfigMock() *clientcmdapi.Config {
-	kubeConfig := clientcmdapi.Config{}
-	if err := json.Unmarshal([]byte(kubeConfigMock), &kubeConfig); err != nil {
-		panic(err)
-	}
-	return &kubeConfig
-}
 func Test_getCloudMetadata(t *testing.T) {
 
 	tests := []struct {
@@ -73,7 +59,7 @@ func Test_getCloudMetadata(t *testing.T) {
 // https://github.com/kubescape/kubescape/pull/1004
 // Cluster named .*eks.* config without a cloudconfig panics whereas we just want to scan a file
 func getResourceHandlerMock() *K8sResourceHandler {
-	client := fakeclientset.NewSimpleClientset()
+	client := fakeclientset.NewClientset()
 	fakeDiscovery := client.Discovery()
 
 	k8s := &k8sinterface.KubernetesApi{

core/pkg/resourcehandler/handlerpullresources.go

@@ -35,7 +35,7 @@ func CollectResources(ctx context.Context, rsrcHandler IResourceHandler, opaSess
 	opaSessionObj.ExternalResources = externalResources
 	opaSessionObj.ExcludedRules = excludedRulesMap
 
-	if (opaSessionObj.K8SResources == nil || len(opaSessionObj.K8SResources) == 0) && (opaSessionObj.ExternalResources == nil || len(opaSessionObj.ExternalResources) == 0) || len(opaSessionObj.AllResources) == 0 {
+	if len(opaSessionObj.K8SResources) == 0 && len(opaSessionObj.ExternalResources) == 0 || len(opaSessionObj.AllResources) == 0 {
 		return fmt.Errorf("no resources found to scan")
 	}
 

core/pkg/resourcehandler/repositoryscanner.go

@@ -3,13 +3,13 @@ package resourcehandler
 import (
 	"encoding/json"
 	"fmt"
+	"io"
 	"net/http"
 	"os"
 	"path/filepath"
 	"strings"
 
 	giturls "github.com/chainguard-dev/git-urls"
-	"github.com/kubescape/kubescape/v3/core/cautils/getter"
 	"k8s.io/utils/strings/slices"
 )
 
@@ -167,7 +167,7 @@ func (g *GitHubRepository) setBranch(branchOptional string) error {
 	if g.branch != "" {
 		return nil
 	}
-	body, err := getter.HttpGetter(&http.Client{}, g.defaultBranchAPI(), g.getHeaders())
+	body, err := httpGet(&http.Client{}, g.defaultBranchAPI(), g.getHeaders())
 	if err != nil {
 		return err
 	}
@@ -193,12 +193,27 @@ func (g *GitHubRepository) getHeaders() map[string]string {
 	}
 	return map[string]string{"Authorization": fmt.Sprintf("token %s", g.token)}
 }
+func httpGet(client *http.Client, url string, headers map[string]string) ([]byte, error) {
+	req, err := http.NewRequest(http.MethodGet, url, nil)
+	if err != nil {
+		return nil, err
+	}
+	for k, v := range headers {
+		req.Header.Set(k, v)
+	}
+	resp, err := client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+	return io.ReadAll(resp.Body)
+}
 func (g *GitHubRepository) setTree() error {
 	if g.isFile {
 		return nil
 	}
 
-	body, err := getter.HttpGetter(&http.Client{}, g.treeAPI(), g.getHeaders())
+	body, err := httpGet(&http.Client{}, g.treeAPI(), g.getHeaders())
 	if err != nil {
 		return err
 	}

core/pkg/resourcehandler/resourcehandlerutils.go

@@ -138,7 +138,7 @@ func updateQueryableResourcesMapFromRuleMatchObject(match *reporthandling.RuleMa
 					}
 					queryableResource.AddFieldSelector(globalFieldSelector)
 
-					if match.FieldSelector == nil || len(match.FieldSelector) == 0 {
+					if len(match.FieldSelector) == 0 {
 						queryableResources.Add(queryableResource)
 						continue
 					}

core/pkg/resultshandling/locationresolver/locationresolver_test.go

@@ -37,7 +37,7 @@ func TestResolveLocation(t *testing.T) {
 
 	resolver, _ := NewFixPathLocationResolver(yamlFilePath)
 
-	for fixPath, _ := range fixPathToExpectedLineAndColumn {
+	for fixPath := range fixPathToExpectedLineAndColumn {
 		location, err := resolver.ResolveLocation(fixPath, 100000)
 		assert.Contains(t, err.Error(), "node index [100000] out of range ")
 		assert.Empty(t, location)

core/pkg/resultshandling/printer/v2/jsonprinter.go

@@ -126,6 +126,9 @@ func printConfigurationsScanning(opaSessionObj *cautils.OPASessionObj, imageScan
 	reportWithSeverity := ConvertToPostureReportWithSeverityAndLabels(finalizedReport, opaSessionObj.LabelsToCopy, opaSessionObj.AllResources)
 
 	r, err := json.Marshal(reportWithSeverity)
+	if err != nil {
+		return err
+	}
 	_, err = jp.writer.Write(r)
 
 	return err

core/pkg/resultshandling/printer/v2/jsonprinter_test.go

@@ -1,7 +1,7 @@
 package printer
 
 import (
-	"io/ioutil"
+	"io"
 	"os"
 	"testing"
 
@@ -79,7 +79,7 @@ func TestScore_Json(t *testing.T) {
 
 			// Read the contents of the temporary file
 			f.Seek(0, 0)
-			got, err := ioutil.ReadAll(f)
+			got, err := io.ReadAll(f)
 			if err != nil {
 				panic(err)
 			}
@@ -169,22 +169,22 @@ func TestConvertToPackageScores(t *testing.T) {
 
 func TestConvertToReportSummary(t *testing.T) {
 	input := map[string]*imageprinter.SeveritySummary{
-		"High": &imageprinter.SeveritySummary{
+		"High": {
 			NumberOfCVEs:        10,
 			NumberOfFixableCVEs: 5,
 		},
-		"Medium": &imageprinter.SeveritySummary{
+		"Medium": {
 			NumberOfCVEs:        5,
 			NumberOfFixableCVEs: 2,
 		},
 	}
 
 	want := map[string]*reportsummary.SeveritySummary{
-		"High": &reportsummary.SeveritySummary{
+		"High": {
 			NumberOfCVEs:        10,
 			NumberOfFixableCVEs: 5,
 		},
-		"Medium": &reportsummary.SeveritySummary{
+		"Medium": {
 			NumberOfCVEs:        5,
 			NumberOfFixableCVEs: 2,
 		},

core/pkg/resultshandling/printer/v2/pdf.go

@@ -125,11 +125,12 @@ func (pp *PdfPrinter) getTableObjects(summaryDetails *reportsummary.SummaryDetai
 }
 
 func getSeverityColor(severity string) *props.Color {
-	if severity == "Critical" {
+	switch severity {
+	case "Critical":
 		return &props.Color{Red: 255, Green: 0, Blue: 0}
-	} else if severity == "High" {
+	case "High":
 		return &props.Color{Red: 0, Green: 0, Blue: 255}
-	} else if severity == "Medium" {
+	case "Medium":
 		return &props.Color{Red: 252, Green: 186, Blue: 3}
 	}
 	return &props.BlackColor

core/pkg/resultshandling/printer/v2/pdf_test.go

@@ -2,7 +2,7 @@ package printer
 
 import (
 	"context"
-	"io/ioutil"
+	"io"
 	"os"
 	"testing"
 
@@ -76,7 +76,7 @@ func TestScore_Pdf(t *testing.T) {
 
 			// Read the contents of the temporary file
 			f.Seek(0, 0)
-			got, err := ioutil.ReadAll(f)
+			got, err := io.ReadAll(f)
 			if err != nil {
 				panic(err)
 			}

core/pkg/resultshandling/printer/v2/prettyprinter.go

@@ -24,11 +24,6 @@ import (
 	"k8s.io/utils/strings/slices"
 )
 
-const (
-	prettyPrinterOutputFile             = "report"
-	clusterScanningScopeInformationLink = "https://github.com/kubescape/regolibrary/tree/master#add-a-framework"
-)
-
 var _ printer.IPrinter = &PrettyPrinter{}
 
 type PrettyPrinter struct {
@@ -157,12 +152,13 @@ func (pp *PrettyPrinter) printOverview(opaSessionObj *cautils.OPASessionObj, pri
 }
 
 func (pp *PrettyPrinter) printHeader(opaSessionObj *cautils.OPASessionObj) {
-	if pp.scanType == cautils.ScanTypeCluster {
+	switch pp.scanType {
+	case cautils.ScanTypeCluster:
 		cautils.InfoDisplay(pp.writer, fmt.Sprintf("\nSecurity posture overview for cluster: '%s'\n\n", pp.clusterName))
 		cautils.SimpleDisplay(pp.writer, "In this overview, Kubescape shows you a summary of your cluster security posture, including the number of users who can perform administrative actions. For each result greater than 0, you should evaluate its need, and then define an exception to allow it. This baseline can be used to detect drift in future.\n\n")
-	} else if pp.scanType == cautils.ScanTypeRepo {
+	case cautils.ScanTypeRepo:
 		cautils.InfoDisplay(pp.writer, fmt.Sprintf("\nSecurity posture overview for repo: '%s'\n\n", strings.Join(pp.inputPatterns, ", ")))
-	} else if pp.scanType == cautils.ScanTypeWorkload {
+	case cautils.ScanTypeWorkload:
 		cautils.InfoDisplay(pp.writer, "Workload security posture overview for:\n")
 		ns := opaSessionObj.SingleResourceScan.GetNamespace()
 		var rows []table.Row

core/pkg/resultshandling/printer/v2/prettyprinter/tableprinter/configurationprinter/categorytable.go

@@ -67,11 +67,11 @@ func generateCategoryStatusRow(controlSummary reportsummary.IControlSummary) tab
 
 	rows[0] = utils.GetStatusIcon(controlSummary.GetStatus().Status())
 
-	rows[1] = controlSummary.GetName()
-	if len(controlSummary.GetName()) > 50 {
-		rows[1] = controlSummary.GetName()[:50] + "..."
+	name := controlSummary.GetName()
+	if len(name) > 50 {
+		rows[1] = name[:50] + "..." //nolint:gosec // Safe: rows has length 3, accessing index 1
 	} else {
-		rows[1] = controlSummary.GetName()
+		rows[1] = name //nolint:gosec // Safe: rows has length 3, accessing index 1
 	}
 
 	rows[2] = getDocsForControl(controlSummary)

core/pkg/resultshandling/printer/v2/prettyprinter/tableprinter/configurationprinter/reposcan.go

@@ -8,7 +8,6 @@ import (
 	"github.com/jedib0t/go-pretty/v6/table"
 	"github.com/jwalton/gchalk"
 	"github.com/kubescape/kubescape/v3/core/pkg/resultshandling/printer/v2/prettyprinter/tableprinter/utils"
-	"github.com/kubescape/opa-utils/reporthandling"
 	"github.com/kubescape/opa-utils/reporthandling/apis"
 	"github.com/kubescape/opa-utils/reporthandling/results/v1/reportsummary"
 )
@@ -102,19 +101,6 @@ func (rp *RepoPrinter) generateCountingCategoryRow(controlSummary reportsummary.
 	return rows
 }
 
-func (rp *RepoPrinter) getWorkloadScanCommand(ns, kind, name string, source reporthandling.Source) string {
-	cmd := fmt.Sprintf("$ kubescape scan workload %s/%s/%s", ns, kind, name)
-	if ns == "" {
-		cmd = fmt.Sprintf("$ kubescape scan workload %s/%s", kind, name)
-	}
-	if source.FileType == "Helm" {
-		return fmt.Sprintf("%s --chart-path=%s", cmd, source.RelativePath)
-
-	} else {
-		return fmt.Sprintf("%s --file-path=%s", cmd, source.RelativePath)
-	}
-}
-
 func (rp *RepoPrinter) generateTableNextSteps(controlSummary reportsummary.IControlSummary, inputPatterns []string) string {
 	return fmt.Sprintf("$ kubescape scan control %s %s -v", controlSummary.GetID(), strings.Join(inputPatterns, ","))
 }

core/pkg/resultshandling/printer/v2/prettyprinter/tableprinter/configurationprinter/summarytable.go

@@ -72,9 +72,9 @@ func GenerateRow(controlSummary reportsummary.IControlSummary, infoToPrintInfo [
 
 	row[summaryColumnSeverity] = GetSeverityColumn(controlSummary)
 	if len(controlSummary.GetName()) > 50 {
-		row[summaryColumnName] = controlSummary.GetName()[:50] + "..."
+		row[summaryColumnName] = controlSummary.GetName()[:50] + "..." //nolint:gosec // Safe: row has length _summaryRowLen (5), accessing index 1
 	} else {
-		row[summaryColumnName] = controlSummary.GetName()
+		row[summaryColumnName] = controlSummary.GetName() //nolint:gosec // Safe: row has length _summaryRowLen (5), accessing index 1
 	}
 	row[summaryColumnCounterFailed] = fmt.Sprintf("%d", controlSummary.NumberOfResources().Failed())
 	row[summaryColumnCounterAll] = fmt.Sprintf("%d", controlSummary.NumberOfResources().All())

core/pkg/resultshandling/printer/v2/prettyprinter/tableprinter/utils/utils_test.go

@@ -1,7 +1,7 @@
 package utils
 
 import (
-	"io/ioutil"
+	"io"
 	"os"
 	"testing"
 
@@ -127,7 +127,7 @@ func TestPrintInfo(t *testing.T) {
 		{
 			name: "Critical info",
 			infoToPrintInfo: []InfoStars{
-				InfoStars{
+				{
 					Stars: "5",
 					Info:  "Critical Info",
 				},
@@ -137,11 +137,11 @@ func TestPrintInfo(t *testing.T) {
 		{
 			name: "Medium and high info",
 			infoToPrintInfo: []InfoStars{
-				InfoStars{
+				{
 					Stars: "3",
 					Info:  "Medium Info",
 				},
-				InfoStars{
+				{
 					Stars: "4",
 					Info:  "High Info",
 				},
@@ -151,11 +151,11 @@ func TestPrintInfo(t *testing.T) {
 		{
 			name: "Negligible and low info",
 			infoToPrintInfo: []InfoStars{
-				InfoStars{
+				{
 					Stars: "1",
 					Info:  "Negligible Info",
 				},
-				InfoStars{
+				{
 					Stars: "2",
 					Info:  "Low Info",
 				},
@@ -184,7 +184,7 @@ func TestPrintInfo(t *testing.T) {
 
 			// Read the contents of the temporary file
 			f.Seek(0, 0)
-			got, err := ioutil.ReadAll(f)
+			got, err := io.ReadAll(f)
 			if err != nil {
 				panic(err)
 			}

core/pkg/resultshandling/printer/v2/prettyprinter/utils.go

@@ -136,7 +136,7 @@ func filterCVEsBySeverities(cves []imageprinter.CVE, severities []string) []imag
 // getSortPackageScores returns a slice of package names sorted by score
 func getSortPackageScores(pkgScores map[string]*imageprinter.PackageScore) []string {
 	sortedSlice := make([]string, 0, len(pkgScores))
-	for pkgName, _ := range pkgScores {
+	for pkgName := range pkgScores {
 		sortedSlice = append(sortedSlice, pkgName)
 	}
 
@@ -203,8 +203,6 @@ func printTopComponents(writer *os.File, summary imageprinter.ImageScanSummary)
 	}
 
 	cautils.SimpleDisplay(writer, "\n")
-
-	return
 }
 
 func printImageScanningSummary(writer *os.File, summary imageprinter.ImageScanSummary, verboseMode bool) {

core/pkg/resultshandling/printer/v2/resourcetable.go

@@ -122,7 +122,7 @@ func generateResourceHeader(short bool) table.Row {
 func shortFormatResource(resourceRows []table.Row) []table.Row {
 	rows := make([]table.Row, len(resourceRows))
 	for i, resourceRow := range resourceRows {
-		rows[i] = table.Row{fmt.Sprintf("Severity"+strings.Repeat(" ", 13)+": %+v\nControl Name"+strings.Repeat(" ", 9)+": %+v\nDocs"+strings.Repeat(" ", 17)+": %+v\nAssisted Remediation"+strings.Repeat(" ", 1)+": %+v", resourceRow[resourceColumnSeverity], resourceRow[resourceColumnName], resourceRow[resourceColumnURL], strings.Replace(resourceRow[resourceColumnPath].(string), "\n", "\n"+strings.Repeat(" ", 23), -1))}
+		rows[i] = table.Row{fmt.Sprintf("Severity"+strings.Repeat(" ", 13)+": %+v\nControl Name"+strings.Repeat(" ", 9)+": %+v\nDocs"+strings.Repeat(" ", 17)+": %+v\nAssisted Remediation"+strings.Repeat(" ", 1)+": %+v", resourceRow[resourceColumnSeverity], resourceRow[resourceColumnName], resourceRow[resourceColumnURL], strings.ReplaceAll(resourceRow[resourceColumnPath].(string), "\n", "\n"+strings.Repeat(" ", 23)))}
 	}
 	return rows
 }

core/pkg/resultshandling/printer/v2/sarifprinter.go

@@ -152,7 +152,7 @@ func (sp *SARIFPrinter) printImageScan(ctx context.Context, scanResults cautils.
 		return err
 	}
 
-	return os.WriteFile(sp.writer.Name(), updatedSarifReport, os.ModePerm)
+	return os.WriteFile(sp.writer.Name(), updatedSarifReport, 0644) //nolint:gosec // Read-only report output, acceptable permissions
 }
 
 func (sp *SARIFPrinter) PrintNextSteps() {
@@ -519,7 +519,7 @@ func formReplaceFixedYamlString(node cautils.MappingNode, fileAsString string, l
 		yamlLines[location.Line] = yamlLines[location.Line] + " # This is the suggested modification, the value for " + fixPath + " is " + fixValue + "\n"
 	} else {
 		replacedLine := "# This is the suggested modification\n" + yamlLines[location.Line]
-		newLine := strings.Replace(replacedLine, replcaedValue, fixValue, -1)
+		newLine := strings.ReplaceAll(replacedLine, replcaedValue, fixValue)
 		yamlLines[location.Line] = newLine
 	}
 	fixedYamlString := strings.Join(yamlLines, "\n")

pkg/imagescan/imagescan_test.go

@@ -135,7 +135,7 @@ func TestGetProviderConfig(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			providerConfig := getProviderConfig(tt.creds)
 			assert.NotNil(t, providerConfig)
-			assert.Equal(t, true, providerConfig.SynthesisConfig.GenerateMissingCPEs)
+			assert.Equal(t, true, providerConfig.GenerateMissingCPEs)
 		})
 	}
 }