From ef0a5eb6944b3ef52a7a948cb2a3613f1ada49d0 Mon Sep 17 00:00:00 2001 From: Matthieu MOREL Date: Mon, 21 Apr 2025 21:10:33 +0000 Subject: [PATCH] chore: bump golangci-lint to v2 Signed-off-by: Matthieu MOREL --- .golangci.yml | 282 +++++++++---------- cli/command/formatter/tabwriter/tabwriter.go | 2 +- dockerfiles/Dockerfile.lint | 2 +- 3 files changed, 136 insertions(+), 150 deletions(-) diff --git a/.golangci.yml b/.golangci.yml index 73ef1f80da..c49f5d53b0 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,3 +1,29 @@ +version: "2" + +run: + # prevent golangci-lint from deducting the go version to lint for through go.mod, + # which causes it to fallback to go1.17 semantics. + # + # TODO(thaJeztah): update "usetesting" settings to enable go1.24 features once our minimum version is go1.24 + go: "1.23.8" + + timeout: 5m + +issues: + # Maximum issues count per one linter. Set to 0 to disable. Default is 50. + max-issues-per-linter: 0 + + # Maximum count of issues with the same text. Set to 0 to disable. Default is 3. + max-same-issues: 0 + +formatters: + enable: + - gofumpt # Detects whether code was gofumpt-ed. + - goimports + + exclusions: + generated: strict + linters: enable: - bodyclose @@ -6,14 +32,12 @@ linters: - dogsled - dupword # Detects duplicate words. - durationcheck + - errcheck - errchkjson - forbidigo - gocritic # Metalinter; detects bugs, performance, and styling issues. - gocyclo - - gofumpt # Detects whether code was gofumpt-ed. - - goimports - gosec # Detects security problems. - - gosimple - govet - ineffassign - misspell # Detects commonly misspelled English words in comments. @@ -26,10 +50,8 @@ linters: - reassign - revive # Metalinter; drop-in replacement for golint. - staticcheck - - stylecheck # Replacement for golint - thelper # Detects test helpers without t.Helper(). - tparallel # Detects inappropriate usage of t.Parallel(). - - typecheck - unconvert # Detects unnecessary type conversions. - unparam - unused @@ -40,113 +62,82 @@ linters: disable: - errcheck -run: - # prevent golangci-lint from deducting the go version to lint for through go.mod, - # which causes it to fallback to go1.17 semantics. - # - # TODO(thaJeztah): update "usetesting" settings to enable go1.24 features once our minimum version is go1.24 - go: "1.23.8" - timeout: 5m + settings: + depguard: + rules: + main: + deny: + - pkg: "github.com/containerd/containerd/errdefs" + desc: The containerd errdefs package was migrated to a separate module. Use github.com/containerd/errdefs instead. + - pkg: "github.com/containerd/containerd/log" + desc: The containerd log package was migrated to a separate module. Use github.com/containerd/log instead. + - pkg: "github.com/containerd/containerd/pkg/userns" + desc: Use github.com/moby/sys/userns instead. + - pkg: "github.com/containerd/containerd/platforms" + desc: The containerd platforms package was migrated to a separate module. Use github.com/containerd/platforms instead. + - pkg: "github.com/docker/docker/pkg/system" + desc: This package should not be used unless strictly necessary. + - pkg: "github.com/docker/distribution/uuid" + desc: Use github.com/google/uuid instead. + - pkg: "io/ioutil" + desc: The io/ioutil package has been deprecated, see https://go.dev/doc/go1.16#ioutil -linters-settings: - depguard: - rules: - main: - deny: - - pkg: "github.com/containerd/containerd/errdefs" - desc: The containerd errdefs package was migrated to a separate module. Use github.com/containerd/errdefs instead. - - pkg: "github.com/containerd/containerd/log" - desc: The containerd log package was migrated to a separate module. Use github.com/containerd/log instead. - - pkg: "github.com/containerd/containerd/pkg/userns" - desc: Use github.com/moby/sys/userns instead. - - pkg: "github.com/containerd/containerd/platforms" - desc: The containerd platforms package was migrated to a separate module. Use github.com/containerd/platforms instead. - - pkg: "github.com/docker/docker/pkg/system" - desc: This package should not be used unless strictly necessary. - - pkg: "github.com/docker/distribution/uuid" - desc: Use github.com/google/uuid instead. - - pkg: "io/ioutil" - desc: The io/ioutil package has been deprecated, see https://go.dev/doc/go1.16#ioutil - forbidigo: - forbid: - - pkg: ^regexp$ - p: ^regexp\.MustCompile - msg: Use internal/lazyregexp.New instead. - gocyclo: - min-complexity: 16 - gosec: - excludes: - - G104 # G104: Errors unhandled; (TODO: reduce unhandled errors, or explicitly ignore) - - G113 # G113: Potential uncontrolled memory consumption in Rat.SetString (CVE-2022-23772); (only affects go < 1.16.14. and go < 1.17.7) - - G115 # G115: integer overflow conversion; (TODO: verify these: https://github.com/docker/cli/issues/5584) - - G306 # G306: Expect WriteFile permissions to be 0600 or less (too restrictive; also flags "0o644" permissions) - - G307 # G307: Deferring unsafe method "*os.File" on type "Close" (also EXC0008); (TODO: evaluate these and fix where needed: G307: Deferring unsafe method "*os.File" on type "Close") - govet: - enable: - - shadow - settings: - shadow: - strict: true - lll: - line-length: 200 - nakedret: - # Disallow naked returns if func has more lines of code than this setting. - # Default: 30 - max-func-lines: 0 + forbidigo: + forbid: + - pkg: ^regexp$ + pattern: ^regexp\.MustCompile + msg: Use internal/lazyregexp.New instead. - revive: - rules: - # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#empty-block - - name: empty-block - severity: warning - disabled: false - # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#empty-lines - - name: empty-lines - severity: warning - disabled: false - # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#import-shadowing - - name: import-shadowing - severity: warning - disabled: false - # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#line-length-limit - - name: line-length-limit - severity: warning - disabled: false - arguments: [200] - # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#unused-receiver - - name: unused-receiver - severity: warning - disabled: false - # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#use-any - - name: use-any - severity: warning - disabled: false + gocyclo: + min-complexity: 16 - usetesting: - # FIXME(thaJeztah): Disable `os.Chdir()` detections; should be automatically disabled on Go < 1.24; see https://github.com/docker/cli/pull/5835#issuecomment-2665302478 - os-chdir: false - # FIXME(thaJeztah): Disable `context.Background()` detections; should be automatically disabled on Go < 1.24; see https://github.com/docker/cli/pull/5835#issuecomment-2665302478 - context-background: false - # FIXME(thaJeztah): Disable `context.TODO()` detections; should be automatically disabled on Go < 1.24; see https://github.com/docker/cli/pull/5835#issuecomment-2665302478 - context-todo: false + gosec: + excludes: + - G104 # G104: Errors unhandled; (TODO: reduce unhandled errors, or explicitly ignore) + - G115 # G115: integer overflow conversion; (TODO: verify these: https://github.com/docker/cli/issues/5584) + - G306 # G306: Expect WriteFile permissions to be 0600 or less (too restrictive; also flags "0o644" permissions) + - G307 # G307: Deferring unsafe method "*os.File" on type "Close" (also EXC0008); (TODO: evaluate these and fix where needed: G307: Deferring unsafe method "*os.File" on type "Close") -issues: - # The default exclusion rules are a bit too permissive, so copying the relevant ones below - exclude-use-default: false + govet: + enable: + - shadow + settings: + shadow: + strict: true - # This option has been defined when Go modules was not existed and when the - # golangci-lint core was different, this is not something we still recommend. - exclude-dirs-use-default: false + lll: + line-length: 200 - exclude: - - parameter .* always receives + nakedret: + # Disallow naked returns if func has more lines of code than this setting. + # Default: 30 + max-func-lines: 0 - exclude-files: - - cli/compose/schema/bindata.go - - .*generated.* + staticcheck: + checks: + - all + - -QF1003 # FIXME Convert if/else-if chain to tagged switch + - -QF1008 # FIXME Omit embedded fields from selector expression + - -ST1020 # FIXME The documentation of an exported function should start with the function’s name + - -ST1022 # FIXME The documentation of an exported variable or constant should start with variable’s name - exclude-rules: - # We prefer to use an "exclude-list" so that new "default" exclusions are not + revive: + rules: + - name: empty-block # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#empty-block + - name: empty-lines # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#empty-lines + - name: import-shadowing # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#import-shadowing + - name: line-length-limit # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#line-length-limit + arguments: [200] + - name: unused-receiver # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#unused-receiver + - name: use-any # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#use-any + + usetesting: + os-chdir: false # FIXME(thaJeztah): Disable `os.Chdir()` detections; should be automatically disabled on Go < 1.24; see https://github.com/docker/cli/pull/5835#issuecomment-2665302478 + context-background: false # FIXME(thaJeztah): Disable `context.Background()` detections; should be automatically disabled on Go < 1.24; see https://github.com/docker/cli/pull/5835#issuecomment-2665302478 + context-todo: false # FIXME(thaJeztah): Disable `context.TODO()` detections; should be automatically disabled on Go < 1.24; see https://github.com/docker/cli/pull/5835#issuecomment-2665302478 + + exclusions: + # We prefer to use an "linters.exclusions.rules" so that new "default" exclusions are not # automatically inherited. We can decide whether or not to follow upstream # defaults when updating golang-ci-lint versions. # Unfortunately, this means we have to copy the whole exclusion pattern, as @@ -158,54 +149,49 @@ issues: # # The default list of exclusions can be found at: # https://golangci-lint.run/usage/false-positives/#default-exclusions + generated: strict - # EXC0001 - - text: "Error return value of .((os\\.)?std(out|err)\\..*|.*Close|.*Flush|os\\.Remove(All)?|.*print(f|ln)?|os\\.(Un)?Setenv). is not checked" - linters: - - errcheck - # EXC0003 - - text: "func name will be used as test\\.Test.* by other packages, and that stutters; consider calling this" - linters: - - revive - # EXC0006 - - text: "Use of unsafe calls should be audited" - linters: - - gosec - # EXC0007 - - text: "Subprocess launch(ed with variable|ing should be audited)" - linters: - - gosec - # EXC0009 - - text: "(Expect directory permissions to be 0750 or less|Expect file permissions to be 0600 or less)" - linters: - - gosec - # EXC0010 - - text: "Potential file inclusion via variable" - linters: - - gosec + rules: + # EXC0003 + - text: "func name will be used as test\\.Test.* by other packages, and that stutters; consider calling this" + linters: + - revive - # TODO: make sure all packages have a description. Currently, there's 67 packages without. - - text: "package-comments: should have a package comment" - linters: - - revive + # EXC0007 + - text: "Subprocess launch(ed with variable|ing should be audited)" + linters: + - gosec - # Exclude some linters from running on tests files. - - path: _test\.go - linters: - - errcheck - - gosec - - text: "ST1000: at least one file in a package should have a package comment" - linters: - - stylecheck + # EXC0009 + - text: "(Expect directory permissions to be 0750 or less|Expect file permissions to be 0600 or less)" + linters: + - gosec - # Allow "err" and "ok" vars to shadow existing declarations, otherwise we get too many false positives. - - text: '^shadow: declaration of "(err|ok)" shadows declaration' - linters: - - govet + # EXC0010 + - text: "Potential file inclusion via variable" + linters: + - gosec + # TODO: make sure all packages have a description. Currently, there's 67 packages without. + - text: "package-comments: should have a package comment" + linters: + - revive - # Maximum issues count per one linter. Set to 0 to disable. Default is 50. - max-issues-per-linter: 0 + # Exclude some linters from running on tests files. + - path: _test\.go + linters: + - errcheck + - gosec - # Maximum count of issues with the same text. Set to 0 to disable. Default is 3. - max-same-issues: 0 + - text: "ST1000: at least one file in a package should have a package comment" + linters: + - staticcheck + + # Allow "err" and "ok" vars to shadow existing declarations, otherwise we get too many false positives. + - text: '^shadow: declaration of "(err|ok)" shadows declaration' + linters: + - govet + + # Log a warning if an exclusion rule is unused. + # Default: false + warn-unused: true diff --git a/cli/command/formatter/tabwriter/tabwriter.go b/cli/command/formatter/tabwriter/tabwriter.go index 1d908f58e9..e7473cd9bb 100644 --- a/cli/command/formatter/tabwriter/tabwriter.go +++ b/cli/command/formatter/tabwriter/tabwriter.go @@ -12,7 +12,7 @@ // based on https://github.com/golang/go/blob/master/src/text/tabwriter/tabwriter.go Last modified 690ac40 on 31 Jan -//nolint:gocyclo,nakedret,stylecheck,unused // ignore linting errors, so that we can stick close to upstream +//nolint:gocyclo,nakedret,unused // ignore linting errors, so that we can stick close to upstream package tabwriter import ( diff --git a/dockerfiles/Dockerfile.lint b/dockerfiles/Dockerfile.lint index d3fdb8f446..5cd4a6698b 100644 --- a/dockerfiles/Dockerfile.lint +++ b/dockerfiles/Dockerfile.lint @@ -2,7 +2,7 @@ ARG GO_VERSION=1.23.8 ARG ALPINE_VERSION=3.21 -ARG GOLANGCI_LINT_VERSION=v1.64.5 +ARG GOLANGCI_LINT_VERSION=v2.1.2 FROM golangci/golangci-lint:${GOLANGCI_LINT_VERSION}-alpine AS golangci-lint