diff --git a/.golangci.yml b/.golangci.yml index 1d8f1ba60d..92c94a5348 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,7 +1,6 @@ linters: enable: - bodyclose - - deadcode - depguard - dogsled - gocyclo @@ -14,14 +13,12 @@ linters: - megacheck - misspell - nakedret + - revive - staticcheck - - structcheck - typecheck - unconvert - unparam - unused - - revive - - varcheck disable: - errcheck @@ -98,6 +95,12 @@ issues: linters: - gosec + # G113 Potential uncontrolled memory consumption in Rat.SetString (CVE-2022-23772) + # only affects gp < 1.16.14. and go < 1.17.7 + - text: "(G113)" + linters: + - gosec + # Looks like the match in "EXC0007" above doesn't catch this one # TODO: consider upstreaming this to golangci-lint's default exclusion rules - text: "G204: Subprocess launched with a potential tainted input or cmd arguments" @@ -109,6 +112,11 @@ issues: linters: - gosec + # TODO: make sure all packages have a description. Currently, there's 67 packages without. + - text: "package-comments: should have a package comment" + linters: + - revive + # Exclude some linters from running on tests files. - path: _test\.go linters: diff --git a/dockerfiles/Dockerfile.lint b/dockerfiles/Dockerfile.lint index 6c1ce4225b..46368784db 100644 --- a/dockerfiles/Dockerfile.lint +++ b/dockerfiles/Dockerfile.lint @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1 ARG GO_VERSION=1.18.5 -ARG GOLANGCI_LINT_VERSION=v1.45.2 +ARG GOLANGCI_LINT_VERSION=v1.49.0 FROM golangci/golangci-lint:${GOLANGCI_LINT_VERSION}-alpine AS golangci-lint