chunk-cli/.golangci.yml at main · CircleCI-Public/chunk-cli · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
version: "2"
issues:
  # Make sure all the errors are getting returned.
  max-same-issues: 0

formatters:
  enable:
    - gofmt
    - goimports

  exclusions:
    generated: lax
    paths:
      - third_party$
      - builtin$
      - examples$

linters:
  settings:
    depguard:
      rules:
        main:
          deny:
            - pkg: gotest.tools/assert
              desc: use gotest.tools/v3/assert instead

    govet:
      enable-all: true
      disable:
        - fieldalignment

    errorlint:
      errorf: true
      asserts: true
      comparison: true

  exclusions:
    generated: lax

    rules:
        # We're fine shadowing err since it's the standard way to name
        # returned errors
      - linters: [govet]
        text: 'shadow: declaration of "err"'

        # We're fine shadowing ctx since it's the standard way to name
        # the context
      - linters: [govet]
        text: 'shadow: declaration of "ctx"'

        # We don't require comments on everything in services
      - linters: [revive]
        text: 'exported: exported (type|method|function) (.+) should have comment or be unexported'

        # We don't require comments on package level
      - linters: [revive]
        text: 'package-comments: should have a package comment'

        # Shading router is okay
      - linters: [govet]
        path: api\.go
        text: 'shadow: declaration of "r"'

        # Unused params allowed in tests
      - linters: [revive]
        text: 'unused-parameter:'
        path: _test\.go

        # CLI tools legitimately use standard Unix directory permissions
      - linters: [gosec]
        text: 'G301: Expect directory permissions to be 0750 or less'

        # CLI tools legitimately write user-readable files (configs, caches, env)
      - linters: [gosec]
        text: 'G306: Expect WriteFile permissions to be 0600 or less'

        # CLI tools legitimately open files with standard permissions
      - linters: [gosec]
        text: 'G302: Expect file permissions to be 0600 or less'

        # File paths come from config/flags, not untrusted input
      - linters: [gosec]
        text: 'G304: Potential file inclusion via variable'

        # Subprocess args are constructed from config/flags, not untrusted input
      - linters: [gosec]
        text: 'G204'

        # File paths from config/flags/env are not tainted in a CLI context
      - linters: [gosec]
        text: 'G703'

        # Test fixtures with fake credentials are not real secrets
      - linters: [gosec]
        text: 'G101: Potential hardcoded credentials'
        path: internal/testing/

        # Config marshalling of API keys is intentional
      - linters: [gosec]
        text: 'G117'

        # Integer conversion for fd is safe on all supported platforms
      - linters: [gosec]
        text: 'G115: integer overflow conversion uintptr -> int'

        # Unused params in cobra RunE handlers are required by the interface
      - linters: [revive]
        text: 'unused-parameter:'
        path: internal/cmd/

        # We don't require package docs
      - linters: [staticcheck]
        text: ST1000

        # we remove a few annoying things from our tests, because they
        # don't provide much beside complexity
      - path: _test\.go
        linters:
          - errcheck
          - funlen
          - goconst
          - gocyclo
          - gosec
          - govet
          - prealloc
          - unparam

    paths:
      - third_party$
      - builtin$
      - examples$

  default: none
  enable:
    - asciicheck # Simple linter to check that your code does not contain non-ASCII identifiers
    - bidichk # Checks for dangerous unicode character sequences
    - bodyclose # checks whether HTTP response body is closed successfully
    - depguard # checks if package imports are in a list of acceptable packages
    - errcheck # Checks for unchecked errors
    - errorlint # Checks that errors are checked and wrapped correctly
    - exhaustive # Check exhaustiveness of enum switch statements
    - gochecknoinits # Checks that no init functions are present in Go code
    - goconst # Finds repeated strings that could be replaced by a constant
    - gocritic # Provides diagnostics that check for bugs, performance and style issues
    - gocyclo # Computes and checks the cyclomatic complexity of functions
    - gosec # Inspects source code for security problems
    - govet # Reports suspicious constructs, such as Printf calls whose arguments do not align with the format string, or shadowed variables.
    - ineffassign # Detects when assignments to existing variables are not used
    - misspell # Finds commonly misspelled English words in comments
    - nakedret # Finds naked returns in functions greater than a specified function length
    - prealloc # Finds slice declarations that could potentially be preallocated
    - predeclared # Find code that shadows one of Go's predeclared identifiers (new, int, case, etc.)
    - revive # Replacement for golint
    - staticcheck # Applies a ton of static analysis checks
    - tparallel # Finds improper usage of the t.Parallel() method in test code
    - unconvert # Remove unnecessary type conversions
    - unparam # Reports unused function parameters
    - unused # Checks Go code for unused constants, variables, functions and types