.golangci.yml

Documentation: github.com/linkerd/linkerd2

     1# This file specifies which linters golangci-lint should run.
     2#
     3# For descriptions of all available linters, run:
     4# ./.golangci-lint-1.17.1 linters
     5# or browse to:
     6# https://github.com/golangci/golangci-lint#supported-linters
     7
     8run:
     9  deadline: 5m
    10  skip-dirs:
    11  - controller/gen
    12
    13linters:
    14  enable:
    15  - bodyclose
    16  - errcheck
    17  - errorlint
    18  - exportloopref
    19  - gocritic
    20  - gosec
    21  - gosimple
    22  - govet
    23  - ineffassign
    24  - misspell
    25  - nakedret
    26  - revive
    27  - staticcheck
    28  - stylecheck
    29  - typecheck
    30  - unconvert
    31  - unparam
    32  - unused
    33  # TODO: enable more linters!
    34  # - depguard
    35  # - dupl
    36  # - gochecknoglobals
    37  # - gochecknoinits
    38  # - gocyclo
    39  # - interfacer
    40  # - lll
    41  # - maligned
    42  # - prealloc
    43
    44  disable:
    45  # https://github.com/golangci/golangci-lint/issues/2649
    46  - structcheck
    47
    48linters-settings:
    49  revive:
    50    rules:
    51    - name: package-comments
    52      disabled: true
    53  stylecheck:
    54    checks: ["ST1019"]
    55
    56issues:
    57  exclude-use-default: false
    58  exclude-rules:
    59  # Ignore errors when performing the following file operations. If these are
    60  # not handled separately already, they tend to be insignificant.
    61  - linters:
    62    - errcheck
    63    text: Error return value of `.*\.(Copy|Flush|Write|WriteTo)` is not checked
    64
    65  # Ignore error values when closing file or HTTP response bodies. These
    66  # generally happen as cleanup and are part of defer statements.
    67  - linters:
    68    - errcheck
    69    text: Error return value of `.*\.Close` is not checked
    70
    71  # Ignore error values when closing file or HTTP response bodies. These
    72  # generally happen as cleanup and are part of defer statements.
    73  - linters:
    74    - gosec
    75    text: Deferring unsafe method "Close" on type
    76
    77  # Ignore error checks for CLI output.
    78  - linters:
    79    - errcheck
    80    text: Error return value of `(plugin|spin|termbox)\.(Clear|Color|Flush|Run)` is not checked
    81
    82  # The errcheck linter catches these instances and we exclude them with the
    83  # rule above; therefore we'll ignore redundant warnings through gosec.
    84  - linters:
    85    - gosec
    86    text: "G104: Errors unhandled."
    87
    88  # This gives false negatives if a variable name is too close to the pattern
    89  # used to determine if a variable is a credential.
    90  - linters:
    91    - gosec
    92    text: "G101: Potential hardcoded credentials"
    93
    94  # Temporarily disable this check until the next golang-ci upgrade (greater
    95  # than v1.50.1) which upgrades gosec from v2.13.1 to v2.14.0. The fix is in
    96  # this commit, that refers to G404 but it seems it also affects G402:
    97  # https://github.com/securego/gosec/commit/dfde579243e1bfe0856ddafc5fc6aebb29c0edf6
    98  - linters:
    99    - gosec
   100    text: "G402: TLS MinVersion too low"
   101
   102  # Flag operations are fallible if the flag does not exist. We assume these
   103  # exist as they are generally flags we are deprecating or use only for
   104  # development.
   105  - linters:
   106    - errcheck
   107    text: Error return value of `(.*)\.(MarkDeprecated|MarkHidden|Set)` is not checked
   108
   109  # Flag completion is not critical to the CLI and errors are ignored if
   110  # registration fails.
   111  - linters:
   112    - errcheck
   113    text: Error return value of `.*\.RegisterFlagCompletionFunc` is not checked
   114
   115  # Errors that occur when gracefully shutting down control plane components
   116  # are insignificant.
   117  - linters:
   118    - errcheck
   119    text: Error return value of `(adminServer|apiServer|server)\.Shutdown` is not checked
   120
   121  # Append should be able to assign to a different var/slice.
   122  - linters:
   123    - gocritic
   124    text: "appendAssign: append result not assigned to the same slice"
   125
   126  # This does not always result in more readable code.
   127  - linters:
   128    - gocritic
   129    text: "singleCaseSwitch: should rewrite switch statement to if statement"
   130
   131  # This does not always result in more readable code.
   132  - linters:
   133    - gocritic
   134    text: "ifElseChain: rewrite if-else to switch statement"
   135
   136  # Test/fuzzing do not need to be tested for security issues.
   137  - linters:
   138    - gosec
   139    path: .*(test|fuzzer).*\.go
   140
   141  # In tests/fuzzing we are usually mocking components or have a good idea
   142  # about the errors that we expect. For this reason, we ignore unchecked
   143  # errors in all test files.
   144  - path: .*(test|fuzzer).*\.go
   145    text: Error return value of `.*` is not checked
   146
   147  # In tests we'll ignore unchecked filename operations because the values
   148  # are not dynamic.
   149  - path: (.*test.*\.go|fake)
   150    text: "G304: Potential file inclusion via variable"
   151
   152  # This ignores the errors returned from AddToScheme operations.
   153  - path: pkg/k8s/fake.go
   154    text: Error return value is not checked
View as plain text