diff --git a/.golangci.yml b/.golangci.yml index 3b0940f2b7..1f5e980957 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,7 +1,6 @@ linters: enable: - bodyclose - - deadcode - dogsled - gocyclo - goimports @@ -13,14 +12,12 @@ linters: - megacheck - misspell - nakedret + - revive - staticcheck - - structcheck - typecheck - unconvert - unparam - unused - - revive - - varcheck disable: - errcheck @@ -93,6 +90,12 @@ issues: linters: - gosec + # G113 Potential uncontrolled memory consumption in Rat.SetString (CVE-2022-23772) + # only affects gp < 1.16.14. and go < 1.17.7 + - text: "(G113)" + linters: + - gosec + # Looks like the match in "EXC0007" above doesn't catch this one # TODO: consider upstreaming this to golangci-lint's default exclusion rules - text: "G204: Subprocess launched with a potential tainted input or cmd arguments" @@ -104,6 +107,11 @@ issues: linters: - gosec + # TODO: make sure all packages have a description. Currently, there's 67 packages without. + - text: "package-comments: should have a package comment" + linters: + - revive + # Exclude some linters from running on tests files. - path: _test\.go linters: diff --git a/dockerfiles/Dockerfile.lint b/dockerfiles/Dockerfile.lint index 13bd9acf05..966c232bf5 100644 --- a/dockerfiles/Dockerfile.lint +++ b/dockerfiles/Dockerfile.lint @@ -2,7 +2,7 @@ ARG GO_VERSION=1.18.10 ARG ALPINE_VERSION=3.16 -ARG GOLANGCI_LINT_VERSION=v1.45.2 +ARG GOLANGCI_LINT_VERSION=v1.49.0 FROM golang:${GO_VERSION}-alpine${ALPINE_VERSION} AS build ENV CGO_ENABLED=0