mirror of https://github.com/docker/cli.git
178 lines
6.4 KiB
YAML
178 lines
6.4 KiB
YAML
linters:
|
|
enable:
|
|
- bodyclose
|
|
- copyloopvar # Detects places where loop variables are copied.
|
|
- depguard
|
|
- dogsled
|
|
- dupword # Detects duplicate words.
|
|
- durationcheck
|
|
- errchkjson
|
|
- gocritic # Metalinter; detects bugs, performance, and styling issues.
|
|
- gocyclo
|
|
- gofumpt # Detects whether code was gofumpt-ed.
|
|
- goimports
|
|
- gosec # Detects security problems.
|
|
- gosimple
|
|
- govet
|
|
- ineffassign
|
|
- lll
|
|
- misspell # Detects commonly misspelled English words in comments.
|
|
- nakedret
|
|
- nilerr # Detects code that returns nil even if it checks that the error is not nil.
|
|
- nolintlint # Detects ill-formed or insufficient nolint directives.
|
|
- perfsprint # Detects fmt.Sprintf uses that can be replaced with a faster alternative.
|
|
- prealloc # Detects slice declarations that could potentially be pre-allocated.
|
|
- predeclared # Detects code that shadows one of Go's predeclared identifiers
|
|
- reassign
|
|
- revive # Metalinter; drop-in replacement for golint.
|
|
- staticcheck
|
|
- stylecheck # Replacement for golint
|
|
- tenv # Detects using os.Setenv instead of t.Setenv.
|
|
- thelper # Detects test helpers without t.Helper().
|
|
- tparallel # Detects inappropriate usage of t.Parallel().
|
|
- typecheck
|
|
- unconvert # Detects unnecessary type conversions.
|
|
- unparam
|
|
- unused
|
|
- usestdlibvars
|
|
- wastedassign
|
|
|
|
disable:
|
|
- errcheck
|
|
|
|
run:
|
|
# prevent golangci-lint from deducting the go version to lint for through go.mod,
|
|
# which causes it to fallback to go1.17 semantics.
|
|
go: "1.23.3"
|
|
timeout: 5m
|
|
|
|
linters-settings:
|
|
depguard:
|
|
rules:
|
|
main:
|
|
deny:
|
|
- pkg: io/ioutil
|
|
desc: The io/ioutil package has been deprecated, see https://go.dev/doc/go1.16#ioutil
|
|
gocyclo:
|
|
min-complexity: 16
|
|
gosec:
|
|
excludes:
|
|
- G104 # G104: Errors unhandled; (TODO: reduce unhandled errors, or explicitly ignore)
|
|
- G113 # G113: Potential uncontrolled memory consumption in Rat.SetString (CVE-2022-23772); (only affects go < 1.16.14. and go < 1.17.7)
|
|
- G115 # G115: integer overflow conversion; (TODO: verify these: https://github.com/docker/cli/issues/5584)
|
|
- G306 # G306: Expect WriteFile permissions to be 0600 or less (too restrictive; also flags "0o644" permissions)
|
|
- G307 # G307: Deferring unsafe method "*os.File" on type "Close" (also EXC0008); (TODO: evaluate these and fix where needed: G307: Deferring unsafe method "*os.File" on type "Close")
|
|
govet:
|
|
enable:
|
|
- shadow
|
|
settings:
|
|
shadow:
|
|
strict: true
|
|
lll:
|
|
line-length: 200
|
|
nakedret:
|
|
command: nakedret
|
|
pattern: ^(?P<path>.*?\\.go):(?P<line>\\d+)\\s*(?P<message>.*)$
|
|
|
|
revive:
|
|
rules:
|
|
# https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#import-shadowing
|
|
- name: import-shadowing
|
|
severity: warning
|
|
disabled: false
|
|
# https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#empty-block
|
|
- name: empty-block
|
|
severity: warning
|
|
disabled: false
|
|
# https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#empty-lines
|
|
- name: empty-lines
|
|
severity: warning
|
|
disabled: false
|
|
# https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#use-any
|
|
- name: use-any
|
|
severity: warning
|
|
disabled: false
|
|
|
|
issues:
|
|
# The default exclusion rules are a bit too permissive, so copying the relevant ones below
|
|
exclude-use-default: false
|
|
|
|
# This option has been defined when Go modules was not existed and when the
|
|
# golangci-lint core was different, this is not something we still recommend.
|
|
exclude-dirs-use-default: false
|
|
|
|
exclude:
|
|
- parameter .* always receives
|
|
|
|
exclude-files:
|
|
- cli/compose/schema/bindata.go
|
|
- .*generated.*
|
|
|
|
exclude-rules:
|
|
# We prefer to use an "exclude-list" so that new "default" exclusions are not
|
|
# automatically inherited. We can decide whether or not to follow upstream
|
|
# defaults when updating golang-ci-lint versions.
|
|
# Unfortunately, this means we have to copy the whole exclusion pattern, as
|
|
# (unlike the "include" option), the "exclude" option does not take exclusion
|
|
# ID's.
|
|
#
|
|
# These exclusion patterns are copied from the default excluses at:
|
|
# https://github.com/golangci/golangci-lint/blob/v1.44.0/pkg/config/issues.go#L10-L104
|
|
#
|
|
# The default list of exclusions can be found at:
|
|
# https://golangci-lint.run/usage/false-positives/#default-exclusions
|
|
|
|
# EXC0001
|
|
- text: "Error return value of .((os\\.)?std(out|err)\\..*|.*Close|.*Flush|os\\.Remove(All)?|.*print(f|ln)?|os\\.(Un)?Setenv). is not checked"
|
|
linters:
|
|
- errcheck
|
|
# EXC0003
|
|
- text: "func name will be used as test\\.Test.* by other packages, and that stutters; consider calling this"
|
|
linters:
|
|
- revive
|
|
# EXC0006
|
|
- text: "Use of unsafe calls should be audited"
|
|
linters:
|
|
- gosec
|
|
# EXC0007
|
|
- text: "Subprocess launch(ed with variable|ing should be audited)"
|
|
linters:
|
|
- gosec
|
|
# EXC0009
|
|
- text: "(Expect directory permissions to be 0750 or less|Expect file permissions to be 0600 or less)"
|
|
linters:
|
|
- gosec
|
|
# EXC0010
|
|
- text: "Potential file inclusion via variable"
|
|
linters:
|
|
- gosec
|
|
|
|
# TODO: make sure all packages have a description. Currently, there's 67 packages without.
|
|
- text: "package-comments: should have a package comment"
|
|
linters:
|
|
- revive
|
|
# FIXME temporarily suppress these (see https://github.com/gotestyourself/gotest.tools/issues/272)
|
|
- text: "SA1019: (assert|cmp|is)\\.ErrorType is deprecated"
|
|
linters:
|
|
- staticcheck
|
|
# Exclude some linters from running on tests files.
|
|
- path: _test\.go
|
|
linters:
|
|
- errcheck
|
|
- gosec
|
|
- text: "ST1000: at least one file in a package should have a package comment"
|
|
linters:
|
|
- stylecheck
|
|
|
|
# Allow "err" and "ok" vars to shadow existing declarations, otherwise we get too many false positives.
|
|
- text: '^shadow: declaration of "(err|ok)" shadows declaration'
|
|
linters:
|
|
- govet
|
|
|
|
|
|
# Maximum issues count per one linter. Set to 0 to disable. Default is 50.
|
|
max-issues-per-linter: 0
|
|
|
|
# Maximum count of issues with the same text. Set to 0 to disable. Default is 3.
|
|
max-same-issues: 0
|