golangci-lint: move gosec excludes to linters-settings

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 7451339ab0)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2024-10-30 15:34:28 +01:00
parent 7a906196ed
commit 1890ea0762
No known key found for this signature in database
GPG Key ID: 76698F39D527CE8C
1 changed files with 6 additions and 20 deletions

View File

@ -54,6 +54,12 @@ linters-settings:
desc: The io/ioutil package has been deprecated, see https://go.dev/doc/go1.16#ioutil desc: The io/ioutil package has been deprecated, see https://go.dev/doc/go1.16#ioutil
gocyclo: gocyclo:
min-complexity: 16 min-complexity: 16
gosec:
excludes:
- G104 # G104: Errors unhandled; (TODO: reduce unhandled errors, or explicitly ignore)
- G113 # G113: Potential uncontrolled memory consumption in Rat.SetString (CVE-2022-23772); (only affects go < 1.16.14. and go < 1.17.7)
- G306 # G306: Expect WriteFile permissions to be 0600 or less (too restrictive; also flags "0o644" permissions)
- G307 # G307: Deferring unsafe method "*os.File" on type "Close" (also EXC0008); (TODO: evaluate these and fix where needed: G307: Deferring unsafe method "*os.File" on type "Close")
govet: govet:
enable: enable:
- shadow - shadow
@ -123,11 +129,6 @@ issues:
- text: "Subprocess launch(ed with variable|ing should be audited)" - text: "Subprocess launch(ed with variable|ing should be audited)"
linters: linters:
- gosec - gosec
# EXC0008
# TODO: evaluate these and fix where needed: G307: Deferring unsafe method "*os.File" on type "Close" (gosec)
- text: "G307"
linters:
- gosec
# EXC0009 # EXC0009
- text: "(Expect directory permissions to be 0750 or less|Expect file permissions to be 0600 or less)" - text: "(Expect directory permissions to be 0750 or less|Expect file permissions to be 0600 or less)"
linters: linters:
@ -137,21 +138,6 @@ issues:
linters: linters:
- gosec - gosec
# G113 Potential uncontrolled memory consumption in Rat.SetString (CVE-2022-23772)
# only affects gp < 1.16.14. and go < 1.17.7
- text: "G113"
linters:
- gosec
# TODO: G104: Errors unhandled. (gosec)
- text: "G104"
linters:
- gosec
# Looks like the match in "EXC0009" above doesn't catch this one
# TODO: consider upstreaming this to golangci-lint's default exclusion rules
- text: "G306: Expect WriteFile permissions to be 0600 or less"
linters:
- gosec
# TODO: make sure all packages have a description. Currently, there's 67 packages without. # TODO: make sure all packages have a description. Currently, there's 67 packages without.
- text: "package-comments: should have a package comment" - text: "package-comments: should have a package comment"
linters: linters: