# https://github.com/golangci/golangci-lint/blob/master/.golangci.reference.yml run: skip-dirs: - pkg/time/rate skip-files: - pkg/database/ent/generate.go - pkg/yamlpatch/merge.go - pkg/yamlpatch/merge_test.go linters-settings: gci: sections: - standard - default - prefix(github.com/crowdsecurity) - prefix(github.com/crowdsecurity/crowdsec) gocyclo: min-complexity: 30 funlen: # Checks the number of lines in a function. # If lower than 0, disable the check. # Default: 60 lines: -1 # Checks the number of statements in a function. # If lower than 0, disable the check. # Default: 40 statements: -1 govet: check-shadowing: true lll: line-length: 140 misspell: locale: US nlreturn: block-size: 4 nolintlint: allow-unused: false # report any unused nolint directives require-explanation: false # don't require an explanation for nolint directives require-specific: false # don't require nolint directives to be specific about which linter is being skipped interfacebloat: max: 12 depguard: rules: main: deny: - pkg: "github.com/pkg/errors" desc: "errors.New() is deprecated in favor of fmt.Errorf()" linters: enable-all: true disable: # # DEPRECATED by golangi-lint # - deadcode # The owner seems to have abandoned the linter. Replaced by unused. - exhaustivestruct # The owner seems to have abandoned the linter. Replaced by exhaustruct. - golint # Golint differs from gofmt. Gofmt reformats Go source code, whereas golint prints out style mistakes - ifshort # Checks that your code uses short syntax for if-statements whenever possible - interfacer # Linter that suggests narrower interface types - maligned # Tool to detect Go structs that would take less memory if their fields were sorted - nosnakecase # nosnakecase is a linter that detects snake case of variable naming and function name. - scopelint # Scopelint checks for unpinned variables in go programs - structcheck # The owner seems to have abandoned the linter. Replaced by unused. - varcheck # The owner seems to have abandoned the linter. Replaced by unused. # # Enabled # # - asasalint # check for pass []any as any in variadic func(...any) # - asciicheck # Simple linter to check that your code does not contain non-ASCII identifiers # - bidichk # Checks for dangerous unicode character sequences # - bodyclose # checks whether HTTP response body is closed successfully # - decorder # check declaration order and count of types, constants, variables and functions # - depguard # Go linter that checks if package imports are in a list of acceptable packages # - dupword # checks for duplicate words in the source code # - durationcheck # check for two durations multiplied together # - errcheck # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases # - errorlint # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13. # - exportloopref # checks for pointers to enclosing loop variables # - funlen # Tool for detection of long functions # - ginkgolinter # enforces standards of using ginkgo and gomega # - gochecknoinits # Checks that no init functions are present in Go code # - gocritic # Provides diagnostics that check for bugs, performance and style issues. # - goheader # Checks is file header matches to pattern # - gomoddirectives # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod. # - gomodguard # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations. # - goprintffuncname # Checks that printf-like functions are named with `f` at the end # - gosimple # (megacheck): Linter for Go source code that specializes in simplifying a code # - govet # (vet, vetshadow): Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string # - grouper # An analyzer to analyze expression groups. # - importas # Enforces consistent import aliases # - ineffassign # Detects when assignments to existing variables are not used # - interfacebloat # A linter that checks the number of methods inside an interface. # - logrlint # Check logr arguments. # - makezero # Finds slice declarations with non-zero initial length # - misspell # Finds commonly misspelled English words in comments # - nakedret # Finds naked returns in functions greater than a specified function length # - nilerr # Finds the code that returns nil even if it checks that the error is not nil. # - nolintlint # Reports ill-formed or insufficient nolint directives # - nonamedreturns # Reports all named returns # - nosprintfhostport # Checks for misuse of Sprintf to construct a host with port in a URL. # - predeclared # find code that shadows one of Go's predeclared identifiers # - reassign # Checks that package variables are not reassigned # - rowserrcheck # checks whether Err of rows is checked successfully # - sqlclosecheck # Checks that sql.Rows and sql.Stmt are closed. # - staticcheck # (megacheck): Staticcheck is a go vet on steroids, applying a ton of static analysis checks # - testableexamples # linter checks if examples are testable (have an expected output) # - tenv # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17 # - tparallel # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes # - typecheck # Like the front-end of a Go compiler, parses and type-checks Go code # - unconvert # Remove unnecessary type conversions # - unused # (megacheck): Checks Go code for unused constants, variables, functions and types # - usestdlibvars # A linter that detect the possibility to use variables/constants from the Go standard library. # - wastedassign # wastedassign finds wasted assignment statements. # # Recommended? (easy) # - dogsled # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f()) - errchkjson # Checks types passed to the json encoding functions. Reports unsupported types and optionally reports occations, where the check for the returned error can be omitted. - exhaustive # check exhaustiveness of enum switch statements - gci # Gci control golang package import order and make it always deterministic. - godot # Check if comments end in a period - gofmt # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification - goimports # In addition to fixing imports, goimports also formats your code in the same style as gofmt. - gosec # (gas): Inspects source code for security problems - inamedparam # reports interfaces with unnamed method parameters - lll # Reports long lines - musttag # enforce field tags in (un)marshaled structs - promlinter # Check Prometheus metrics naming via promlint - protogetter # Reports direct reads from proto message fields when getters should be used - revive # Fast, configurable, extensible, flexible, and beautiful linter for Go. Drop-in replacement of golint. - tagalign # check that struct tags are well aligned - thelper # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers - wrapcheck # Checks that errors returned from external packages are wrapped # # Recommended? (requires some work) # - containedctx # containedctx is a linter that detects struct contained context.Context field - contextcheck # check the function whether use a non-inherited context - errname # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`. - gomnd # An analyzer to detect magic numbers. - ireturn # Accept Interfaces, Return Concrete Types - nilnil # Checks that there is no simultaneous return of `nil` error and an invalid value. - noctx # noctx finds sending http request without context.Context - unparam # Reports unused function parameters # # Formatting only, useful in IDE but should not be forced on CI? # - gofumpt # Gofumpt checks whether code was gofumpt-ed. - nlreturn # nlreturn checks for a new line before return and branch statements to increase code clarity - whitespace # Tool for detection of leading and trailing whitespace - wsl # Whitespace Linter - Forces you to use empty lines! # # Well intended, but not ready for this # - cyclop # checks function and package cyclomatic complexity - dupl # Tool for code clone detection - forcetypeassert # finds forced type assertions - gocognit # Computes and checks the cognitive complexity of functions - gocyclo # Computes and checks the cyclomatic complexity of functions - godox # Tool for detection of FIXME, TODO and other comment keywords - goerr113 # Golang linter to check the errors handling expressions - maintidx # maintidx measures the maintainability index of each function. - nestif # Reports deeply nested if statements - paralleltest # paralleltest detects missing usage of t.Parallel() method in your Go test - testpackage # linter that makes you use a separate _test package # # Too strict / too many false positives (for now?) # - execinquery # execinquery is a linter about query string checker in Query function which reads your Go src files and warning it finds - exhaustruct # Checks if all structure fields are initialized - forbidigo # Forbids identifiers - gochecknoglobals # check that no global variables exist - goconst # Finds repeated strings that could be replaced by a constant - stylecheck # Stylecheck is a replacement for golint - tagliatelle # Checks the struct tags. - varnamelen # checks that the length of a variable's name matches its scope # # Under evaluation # - prealloc # Finds slice declarations that could potentially be preallocated issues: # “Look, that’s why there’s rules, understand? So that you think before you # break ‘em.” ― Terry Pratchett max-issues-per-linter: 0 max-same-issues: 0 exclude-rules: # Won't fix: - path: go.mod text: "replacement are not allowed: golang.org/x/time/rate" # `err` is often shadowed, we may continue to do it - linters: - govet text: "shadow: declaration of \"err\" shadows declaration" - linters: - errcheck text: "Error return value of `.*` is not checked" - linters: - gocritic text: "ifElseChain: rewrite if-else to switch statement" - linters: - gocritic text: "captLocal: `.*' should not be capitalized" - linters: - gocritic text: "appendAssign: append result not assigned to the same slice" - linters: - gocritic text: "commentFormatting: put a space between `//` and comment text" # Will fix, trivial - just beware of merge conflicts - linters: - perfsprint text: "fmt.Sprintf can be replaced .*" # # Will fix, easy but some neurons required # - linters: - errorlint text: "non-wrapping format verb for fmt.Errorf. Use `%w` to format errors" - linters: - errorlint text: "type assertion on error will fail on wrapped errors. Use errors.As to check for specific errors" - linters: - errorlint text: "type switch on error will fail on wrapped errors. Use errors.As to check for specific errors" - linters: - errorlint text: "type assertion on error will fail on wrapped errors. Use errors.Is to check for specific errors" - linters: - errorlint text: "comparing with .* will fail on wrapped errors. Use errors.Is to check for a specific error" - linters: - errorlint text: "switch on an error will fail on wrapped errors. Use errors.Is to check for specific errors" - linters: - nosprintfhostport text: "host:port in url should be constructed with net.JoinHostPort and not directly with fmt.Sprintf" - linters: - wastedassign text: "assigned to .*, but reassigned without using the value" # https://github.com/timakin/bodyclose - linters: - bodyclose text: "response body must be closed" # named/naked returns are evil - linters: - nonamedreturns text: "named return .* with type .* found" # https://github.com/alexkohler/nakedret#purpose - linters: - nakedret text: "naked return in func .* with .* lines of code" # # Will fix, might be trickier # - linters: - staticcheck text: "x509.ParseCRL has been deprecated since Go 1.19: Use ParseRevocationList instead" # https://github.com/pkg/errors/issues/245 - linters: - depguard text: "import 'github.com/pkg/errors' is not allowed .*"