################################################################################ # This file is AUTOGENERATED with # # Edit Makefile.maker.yaml instead. # ################################################################################ run: timeout: 3m # 1m by default modules-download-mode: readonly output: # Do not print lines of code with issue. print-issued-lines: false issues: exclude: # It is idiomatic Go to reuse the name 'err' with ':=' for subsequent errors. # Ref: https://go.dev/doc/effective_go#redeclaration - 'declaration of "err" shadows declaration at' exclude-rules: - path: _test\.go linters: - bodyclose - dupl # '0' disables the following options. max-issues-per-linter: 0 max-same-issues: 0 linters-settings: dupl: # Tokens count to trigger issue, 150 by default. threshold: 100 errcheck: # Report about assignment of errors to blank identifier. check-blank: true # Report about not checking of errors in type assertions. check-type-assertions: true forbidigo: analyze-types: true # required for pkg: forbid: # ioutil package has been deprecated: https://github.com/golang/go/issues/42026 - ^ioutil\..*$ # Using http.DefaultServeMux is discouraged because it's a global variable that some packages silently and magically add handlers to (esp. net/http/pprof). # Applications wishing to use http.ServeMux should obtain local instances through http.NewServeMux() instead of using the global default instance. - ^http\.DefaultServeMux$ - ^http\.Handle(?:Func)?$ # Forbid usage of old and archived square/go-jose - pkg: ^gopkg\.in/square/go-jose\.v2$ msg: "gopk.in/square/go-jose is arcived and has CVEs. Replace it with gopkg.in/go-jose/go-jose.v2" - pkg: ^github.com/coreos/go-oidc$ msg: "github.com/coreos/go-oidc depends on gopkg.in/square/go-jose which has CVEs. Replace it with github.com/coreos/go-oidc/v3" - pkg: ^github.com/howeyc/gopass$ msg: "github.com/howeyc/gopass is archived, use golang.org/x/term instead" goconst: ignore-tests: true min-occurrences: 5 gocritic: enabled-checks: - boolExprSimplify - builtinShadow - emptyStringTest - evalOrder - httpNoBody - importShadow - initClause - methodExprCall - paramTypeCombine - preferFilepathJoin - ptrToRefParam - redundantSprint - returnAfterHttpError - stringConcatSimplify - timeExprSimplify - truncateCmp - typeAssertChain - typeUnparen - unnamedResult - unnecessaryBlock - unnecessaryDefer - weakCond - yodaStyleExpr goimports: # Put local imports after 3rd-party packages. local-prefixes: github.com/majewsky/schwift gosec: excludes: # gosec wants us to set a short ReadHeaderTimeout to avoid Slowloris attacks, but doing so would expose us to Keep-Alive race conditions (see https://iximiuz.com/en/posts/reverse-proxy-http-keep-alive-and-502s/) - G112 # created file permissions are restricted by umask if necessary - G306 govet: enable-all: true disable: - fieldalignment nolintlint: require-specific: true stylecheck: dot-import-whitelist: - github.com/onsi/ginkgo/v2 - github.com/onsi/gomega usestdlibvars: constant-kind: true crypto-hash: true default-rpc-path: true http-method: true http-status-code: true sql-isolation-level: true time-layout: true time-month: true time-weekday: true tls-signature-scheme: true whitespace: # Enforce newlines (or comments) after multi-line function signatures. multi-func: true linters: # We use 'disable-all' and enable linters explicitly so that a newer version # does not introduce new linters unexpectedly. disable-all: true enable: - bodyclose - containedctx - copyloopvar - dupl - dupword - durationcheck - errcheck - errname - errorlint - forbidigo - ginkgolinter - gocheckcompilerdirectives - goconst - gocritic - gofmt - goimports - gosec - gosimple - govet - ineffassign - intrange - misspell - nilerr - noctx - nolintlint - nosprintfhostport - perfsprint - predeclared - rowserrcheck - sqlclosecheck - staticcheck - stylecheck - tenv - typecheck - unconvert - unparam - unused - usestdlibvars - whitespace