-
Notifications
You must be signed in to change notification settings - Fork 3
/
.golangci.yaml
137 lines (134 loc) · 3.33 KB
/
.golangci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
run:
timeout: 10m
allow-parallel-runners: true
linters:
disable-all: true
enable:
- asasalint
- asciicheck
- bidichk
- bodyclose
- containedctx
- depguard
- dupword
- durationcheck
- errcheck
- errchkjson
- exportloopref
- gocritic
- godot
- gofmt
- goprintffuncname
- gosec
- gosimple
- govet
- importas
- ineffassign
- misspell
- nilerr
- noctx
- nolintlint
- nosprintfhostport
- prealloc
- revive
- staticcheck
- unconvert
- unused
- usestdlibvars
- whitespace
# TODO(vincepri): Figure out if we want to enable or remove the following linters:
# - predeclared
# - goconst
linters-settings:
misspell:
ignore-words:
- creater
goconst:
ignore-tests: true
nolintlint:
allow-unused: false
allow-leading-space: false
require-specific: true
revive:
revive:
rules:
- name: context-keys-type
- name: error-return
- name: error-strings
- name: error-naming
- name: if-return
- name: increment-decrement
- name: var-declaration
- name: package-comments
- name: range
- name: receiver-naming
- name: time-naming
- name: errorf
- name: superfluous-else
- name: unreachable-code
- name: bool-literal-in-expr
- name: constant-logical-expr
# TODO(vincepri): Figure out if we want to enable
# the following rules, or remove them completely, they're a bit noisy.
# - name: context-as-argument
# - name: var-naming
# - name: exported
# - name: unexported-return
# - name: blank-imports
# - name: indent-error-flow # I think @ncdc prefers explicit else statements, remove?
# - name: redefines-builtin-id
# - name: dot-imports
gosec:
excludes:
- G307 # Deferring unsafe method "Close" on type "\*os.File"
- G108 # Profiling endpoint is automatically exposed on /debug/pprof
# TODO(vincepri): The following should be looked at and removed in future iterations.
- G401 # Use of weak cryptographic primitive (replace sha1 usage)
- G505 # crypto/sha1: weak cryptographic primitive
- G402 # TLS MinVersion too low (set MinVersion in TLSClientConfig)
- G404 # Use of weak random number generator (use crypto/rand)
- G101 # Potential hardcoded credentials (returns false positives)
- G306 # Expect WriteFile permissions to be 0600 or less
gocritic:
enabled-tags:
- diagnostic
- experimental
- performance
disabled-checks:
- appendAssign
- dupImport # https://github.com/go-critic/go-critic/issues/845
- evalOrder
- ifElseChain
- octalLiteral
- regexpSimplify
- sloppyReassign
- truncateCmp
- typeDefFirst
- unnamedResult
- unnecessaryDefer
- whyNoLint
- wrapperFunc
- unnecessaryBlock
- rangeValCopy
- hugeParam
- commentedOutCode
# TODO(vincepri): potentially enable the following?
- emptyStringTest
- singleCaseSwitch
- nestingReduce
- filepathJoin
- tooManyResultsChecker
issues:
max-same-issues: 0
max-issues-per-linter: 0
exclude-rules:
- linters:
- unparam
text: always receives
- linters:
- gosec
path: _test\.go
text: "G112: Potential Slowloris Attack because ReadHeaderTimeout is not configured in the http.Server"
- linters:
- gosec
path: test/e2e/*