github/slsa-verifier
1
0
Fork 0
mirror of https://github.com/slsa-framework/slsa-verifier.git synced 2026-02-14 09:39:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
4cd7d4802ea6705bbc195652e434307f83cfb9b8
slsa-verifier/.golangci.yml
Ramon Petgrave 4cd7d4802e chore: update go and golanci lint (#810) 
This PR updates go to 1.23.1 and updates golanci-lint to v1.61.1, while
fixing new lint errors.

---------

Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
2024-10-10 13:07:08 -04:00

250 lines
6.4 KiB
YAML
Raw Blame History

---
run:
concurrency: 2
deadline: 5m
# For generics.
issues:
include:
- EXC0012
- EXC0013
- EXC0014
- EXC0015
exclude:
# TODO(#589): Remove after updating to Go 1.20
- "non-wrapping format verb for fmt.Errorf. Use `%w` to format errors"
# Maximum issues count per one linter.
# Set to 0 to disable.
# Default: 50
max-issues-per-linter: 0
# Maximum count of issues with the same text.
# Set to 0 to disable.
# Default: 3
max-same-issues: 0
new-from-rev: ""
linters:
disable-all: true
enable:
- asciicheck
- depguard
- dogsled
# TODO(https://github.com/slsa-framework/slsa-verifier/issues/363): Restore linter
# - errcheck
- errorlint
- exhaustive
- copyloopvar
# TODO(https://github.com/slsa-framework/slsa-verifier/issues/363): Restore linter
# - gci
- gochecknoinits
# TODO(https://github.com/slsa-framework/slsa-verifier/issues/363): Restore linter
# - gocognit
- goconst
- gocritic
- gocyclo
- godot
- godox
# TODO(https://github.com/slsa-framework/slsa-verifier/issues/363): Restore linter
# - goerr113
- gofmt
# TODO(https://github.com/slsa-framework/slsa-verifier/issues/363): Restore linter
# - gofumpt
- goheader
- goimports
- gomodguard
- goprintffuncname
# TODO(https://github.com/slsa-framework/slsa-verifier/issues/363): Restore linter
# - gosec
- gosimple
# TODO(https://github.com/slsa-framework/slsa-verifier/issues/363): Restore linter
# - govet
- ineffassign
# TODO(https://github.com/slsa-framework/slsa-verifier/issues/363): Restore linter
# - lll
- makezero
- misspell
- nakedret
# TODO(https://github.com/slsa-framework/slsa-verifier/issues/363): Restore linter
# - nestif
- nolintlint
# TODO(https://github.com/slsa-framework/slsa-verifier/issues/363): Restore linter
# - paralleltest
- predeclared
# TODO(https://github.com/slsa-framework/slsa-verifier/issues/363): Restore linter
# - revive
- staticcheck
- stylecheck
- thelper
- typecheck
- unconvert
- unused
- whitespace
# TODO(https://github.com/slsa-framework/slsa-verifier/issues/363): Restore linter
# - wrapcheck
linters-settings:
depguard:
rules:
global:
files:
- $all
- "!$test"
- "!**/experimental/**"
# This is an exception for the existing code.
# TODO(#642): Don't allow go-cmp in non-test code.
- "!**/verifiers/internal/gcb/provenance.go"
allow:
- $gostd
# Approved orgs.
- "github.com/slsa-framework"
- "github.com/in-toto"
- "github.com/sigstore"
- "github.com/secure-systems-lab"
- "github.com/go-openapi"
# Approved packages.
- "sigs.k8s.io/release-utils/version"
- "github.com/spf13/cobra" # For CLI
- "github.com/docker/go/canonical/json" # For canonical json.
- "github.com/google/go-containerregistry" # For interacting with container registries.
deny:
- pkg: "reflect"
desc: Please don't use reflect package
- pkg: "unsafe"
desc: Please don't use unsafe package
test:
files:
- "$test"
# - "!**/experimental/**"
# This is an exception for the existing code.
# TODO(#642): Don't allow go-cmp in non-test code.
- "!**/verifiers/internal/gcb/provenance.go"
# NOTE: test code is allowed to use github.com/google/go-cmp (there is no
# deny for it) but non-test code is not.
allow:
- $gostd
# Approved orgs.
- "github.com/slsa-framework"
- "github.com/in-toto"
- "github.com/sigstore"
- "github.com/secure-systems-lab"
- "github.com/go-openapi"
# Approved packages.
- "sigs.k8s.io/release-utils/version"
- "github.com/spf13/cobra" # For CLI
- "github.com/docker/go/canonical/json" # For canonical json.
- "github.com/google/go-containerregistry" # For interacting with container registries.
# Allowed in test code.
- "github.com/google/go-cmp"
deny:
- pkg: "reflect"
desc: Please don't use reflect package
- pkg: "unsafe"
desc: Please don't use unsafe package
experimental:
files:
- "**/experimental/**/*.go"
allow:
- $gostd
# Approved orgs.
- "github.com/slsa-framework"
# Allowed in experimental.
- "github.com/gorilla/mux"
deny:
- pkg: "reflect"
desc: Please don't use reflect package
- pkg: "unsafe"
desc: Please don't use unsafe package
errcheck:
check-type-assertions: true
check-blank: true
govet:
enable:
- fieldalignment
godox:
keywords:
- BUG
- FIXME
- HACK
gci:
sections:
- standard
- default
- prefix(github.com/slsa-framework/slsa-github-generator)
gocritic:
enabled-checks:
# Diagnostic
- appendAssign
- argOrder
- badCond
- caseOrder
- codegenComment
- commentedOutCode
- deprecatedComment
- dupArg
- dupBranchBody
- dupCase
- dupSubExpr
- exitAfterDefer
- flagDeref
- flagName
- nilValReturn
- offBy1
- sloppyReassign
- weakCond
- octalLiteral
# Performance
- appendCombine
- equalFold
- hugeParam
- indexAlloc
- rangeExprCopy
- rangeValCopy
# Style
- assignOp
- boolExprSimplify
- captLocal
- commentFormatting
- commentedOutImport
- defaultCaseOrder
- docStub
- elseif
- emptyFallthrough
- emptyStringTest
- hexLiteral
- ifElseChain
- methodExprCall
- regexpMust
- singleCaseSwitch
- sloppyLen
- stringXbytes
- switchTrue
- typeAssertChain
- typeSwitchVar
- underef
- unlabelStmt
- unlambda
- unslice
- valSwap
- wrapperFunc
- yodaStyleExpr
# Opinionated
- builtinShadow
- importShadow
- initClause
- nestingReduce
- paramTypeCombine
- ptrToRefParam
- typeUnparen
- unnecessaryBlock
Reference in New Issue View Git Blame Copy Permalink