github.com/crowdsecurity/crowdsec@v1.6.1/.golangci.yml (about) 1 # https://github.com/golangci/golangci-lint/blob/master/.golangci.reference.yml 2 3 linters-settings: 4 cyclop: 5 # lower this after refactoring 6 max-complexity: 53 7 8 gci: 9 sections: 10 - standard 11 - default 12 - prefix(github.com/crowdsecurity) 13 - prefix(github.com/crowdsecurity/crowdsec) 14 15 gomoddirectives: 16 replace-allow-list: 17 - golang.org/x/time/rate 18 19 gocognit: 20 # lower this after refactoring 21 min-complexity: 145 22 23 gocyclo: 24 # lower this after refactoring 25 min-complexity: 49 26 27 funlen: 28 # Checks the number of lines in a function. 29 # If lower than 0, disable the check. 30 # Default: 60 31 # lower this after refactoring 32 lines: 437 33 # Checks the number of statements in a function. 34 # If lower than 0, disable the check. 35 # Default: 40 36 # lower this after refactoring 37 statements: 122 38 39 govet: 40 enable: 41 - atomicalign 42 - deepequalerrors 43 # TODO: - fieldalignment 44 - findcall 45 - nilness 46 # TODO: - reflectvaluecompare 47 - shadow 48 - sortslice 49 - timeformat 50 - unusedwrite 51 52 lll: 53 # lower this after refactoring 54 line-length: 2607 55 56 maintidx: 57 # raise this after refactoring 58 under: 11 59 60 misspell: 61 locale: US 62 63 nestif: 64 # lower this after refactoring 65 min-complexity: 28 66 67 nlreturn: 68 block-size: 4 69 70 nolintlint: 71 allow-unused: false # report any unused nolint directives 72 require-explanation: false # don't require an explanation for nolint directives 73 require-specific: false # don't require nolint directives to be specific about which linter is being skipped 74 75 interfacebloat: 76 max: 12 77 78 depguard: 79 rules: 80 wrap: 81 deny: 82 - pkg: "github.com/pkg/errors" 83 desc: "errors.Wrap() is deprecated in favor of fmt.Errorf()" 84 files: 85 - "!**/pkg/database/*.go" 86 - "!**/pkg/exprhelpers/*.go" 87 - "!**/pkg/acquisition/modules/appsec/appsec.go" 88 - "!**/pkg/acquisition/modules/loki/internal/lokiclient/loki_client.go" 89 - "!**/pkg/apiserver/controllers/v1/errors.go" 90 yaml: 91 files: 92 - "!**/cmd/crowdsec-cli/alerts.go" 93 - "!**/cmd/crowdsec-cli/capi.go" 94 - "!**/cmd/crowdsec-cli/config_show.go" 95 - "!**/cmd/crowdsec-cli/hubtest.go" 96 - "!**/cmd/crowdsec-cli/lapi.go" 97 - "!**/cmd/crowdsec-cli/simulation.go" 98 - "!**/cmd/crowdsec/crowdsec.go" 99 - "!**/cmd/notification-dummy/main.go" 100 - "!**/cmd/notification-email/main.go" 101 - "!**/cmd/notification-http/main.go" 102 - "!**/cmd/notification-slack/main.go" 103 - "!**/cmd/notification-splunk/main.go" 104 - "!**/pkg/acquisition/acquisition.go" 105 - "!**/pkg/acquisition/acquisition_test.go" 106 - "!**/pkg/acquisition/modules/appsec/appsec.go" 107 - "!**/pkg/acquisition/modules/cloudwatch/cloudwatch.go" 108 - "!**/pkg/acquisition/modules/docker/docker.go" 109 - "!**/pkg/acquisition/modules/file/file.go" 110 - "!**/pkg/acquisition/modules/journalctl/journalctl.go" 111 - "!**/pkg/acquisition/modules/kafka/kafka.go" 112 - "!**/pkg/acquisition/modules/kinesis/kinesis.go" 113 - "!**/pkg/acquisition/modules/kubernetesaudit/k8s_audit.go" 114 - "!**/pkg/acquisition/modules/loki/loki.go" 115 - "!**/pkg/acquisition/modules/loki/timestamp_test.go" 116 - "!**/pkg/acquisition/modules/s3/s3.go" 117 - "!**/pkg/acquisition/modules/syslog/syslog.go" 118 - "!**/pkg/acquisition/modules/wineventlog/wineventlog_windows.go" 119 - "!**/pkg/appsec/appsec.go" 120 - "!**/pkg/appsec/loader.go" 121 - "!**/pkg/csplugin/broker.go" 122 - "!**/pkg/csplugin/broker_test.go" 123 - "!**/pkg/dumps/bucket_dump.go" 124 - "!**/pkg/dumps/parser_dump.go" 125 - "!**/pkg/hubtest/coverage.go" 126 - "!**/pkg/hubtest/hubtest_item.go" 127 - "!**/pkg/hubtest/parser_assert.go" 128 - "!**/pkg/hubtest/scenario_assert.go" 129 - "!**/pkg/leakybucket/buckets_test.go" 130 - "!**/pkg/leakybucket/manager_load.go" 131 - "!**/pkg/metabase/metabase.go" 132 - "!**/pkg/parser/node.go" 133 - "!**/pkg/parser/node_test.go" 134 - "!**/pkg/parser/parsing_test.go" 135 - "!**/pkg/parser/stage.go" 136 deny: 137 - pkg: "gopkg.in/yaml.v2" 138 desc: "yaml.v2 is deprecated for new code in favor of yaml.v3" 139 140 wsl: 141 # Allow blocks to end with comments 142 allow-trailing-comment: true 143 144 linters: 145 enable-all: true 146 disable: 147 # 148 # DEPRECATED by golangi-lint 149 # 150 - deadcode # The owner seems to have abandoned the linter. Replaced by unused. 151 - exhaustivestruct # The owner seems to have abandoned the linter. Replaced by exhaustruct. 152 - golint # Golint differs from gofmt. Gofmt reformats Go source code, whereas golint prints out style mistakes 153 - ifshort # Checks that your code uses short syntax for if-statements whenever possible 154 - interfacer # Linter that suggests narrower interface types 155 - maligned # Tool to detect Go structs that would take less memory if their fields were sorted 156 - nosnakecase # nosnakecase is a linter that detects snake case of variable naming and function name. 157 - scopelint # Scopelint checks for unpinned variables in go programs 158 - structcheck # The owner seems to have abandoned the linter. Replaced by unused. 159 - varcheck # The owner seems to have abandoned the linter. Replaced by unused. 160 161 # 162 # Enabled 163 # 164 165 # - asasalint # check for pass []any as any in variadic func(...any) 166 # - asciicheck # Simple linter to check that your code does not contain non-ASCII identifiers 167 # - bidichk # Checks for dangerous unicode character sequences 168 # - bodyclose # checks whether HTTP response body is closed successfully 169 # - cyclop # checks function and package cyclomatic complexity 170 # - decorder # check declaration order and count of types, constants, variables and functions 171 # - depguard # Go linter that checks if package imports are in a list of acceptable packages 172 # - dupword # checks for duplicate words in the source code 173 # - durationcheck # check for two durations multiplied together 174 # - errcheck # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases 175 # - errorlint # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13. 176 # - execinquery # execinquery is a linter about query string checker in Query function which reads your Go src files and warning it finds 177 # - exportloopref # checks for pointers to enclosing loop variables 178 # - funlen # Tool for detection of long functions 179 # - ginkgolinter # enforces standards of using ginkgo and gomega 180 # - gochecknoinits # Checks that no init functions are present in Go code 181 # - gocognit # Computes and checks the cognitive complexity of functions 182 # - gocritic # Provides diagnostics that check for bugs, performance and style issues. 183 # - gocyclo # Computes and checks the cyclomatic complexity of functions 184 # - goheader # Checks is file header matches to pattern 185 # - gomoddirectives # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod. 186 # - gomodguard # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations. 187 # - goprintffuncname # Checks that printf-like functions are named with `f` at the end 188 # - gosimple # (megacheck): Linter for Go source code that specializes in simplifying a code 189 # - govet # (vet, vetshadow): Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string 190 # - grouper # An analyzer to analyze expression groups. 191 # - importas # Enforces consistent import aliases 192 # - ineffassign # Detects when assignments to existing variables are not used 193 # - interfacebloat # A linter that checks the number of methods inside an interface. 194 # - lll # Reports long lines 195 # - logrlint # Check logr arguments. 196 # - maintidx # maintidx measures the maintainability index of each function. 197 # - makezero # Finds slice declarations with non-zero initial length 198 # - misspell # Finds commonly misspelled English words in comments 199 # - nakedret # Finds naked returns in functions greater than a specified function length 200 # - nestif # Reports deeply nested if statements 201 # - nilerr # Finds the code that returns nil even if it checks that the error is not nil. 202 # - nolintlint # Reports ill-formed or insufficient nolint directives 203 # - nonamedreturns # Reports all named returns 204 # - nosprintfhostport # Checks for misuse of Sprintf to construct a host with port in a URL. 205 # - predeclared # find code that shadows one of Go's predeclared identifiers 206 # - reassign # Checks that package variables are not reassigned 207 # - rowserrcheck # checks whether Err of rows is checked successfully 208 # - sqlclosecheck # Checks that sql.Rows and sql.Stmt are closed. 209 # - staticcheck # (megacheck): Staticcheck is a go vet on steroids, applying a ton of static analysis checks 210 # - testableexamples # linter checks if examples are testable (have an expected output) 211 # - tenv # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17 212 # - tparallel # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes 213 # - typecheck # Like the front-end of a Go compiler, parses and type-checks Go code 214 # - unconvert # Remove unnecessary type conversions 215 # - unused # (megacheck): Checks Go code for unused constants, variables, functions and types 216 # - usestdlibvars # A linter that detect the possibility to use variables/constants from the Go standard library. 217 # - wastedassign # wastedassign finds wasted assignment statements. 218 219 # 220 # Recommended? (easy) 221 # 222 223 - dogsled # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f()) 224 - errchkjson # Checks types passed to the json encoding functions. Reports unsupported types and optionally reports occations, where the check for the returned error can be omitted. 225 - exhaustive # check exhaustiveness of enum switch statements 226 - gci # Gci control golang package import order and make it always deterministic. 227 - godot # Check if comments end in a period 228 - gofmt # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification 229 - goimports # In addition to fixing imports, goimports also formats your code in the same style as gofmt. 230 - gosec # (gas): Inspects source code for security problems 231 - inamedparam # reports interfaces with unnamed method parameters 232 - musttag # enforce field tags in (un)marshaled structs 233 - promlinter # Check Prometheus metrics naming via promlint 234 - protogetter # Reports direct reads from proto message fields when getters should be used 235 - revive # Fast, configurable, extensible, flexible, and beautiful linter for Go. Drop-in replacement of golint. 236 - tagalign # check that struct tags are well aligned 237 - thelper # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers 238 - wrapcheck # Checks that errors returned from external packages are wrapped 239 240 # 241 # Recommended? (requires some work) 242 # 243 244 - containedctx # containedctx is a linter that detects struct contained context.Context field 245 - contextcheck # check the function whether use a non-inherited context 246 - errname # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`. 247 - gomnd # An analyzer to detect magic numbers. 248 - ireturn # Accept Interfaces, Return Concrete Types 249 - nilnil # Checks that there is no simultaneous return of `nil` error and an invalid value. 250 - noctx # noctx finds sending http request without context.Context 251 - unparam # Reports unused function parameters 252 253 # 254 # Formatting only, useful in IDE but should not be forced on CI? 255 # 256 257 - gofumpt # Gofumpt checks whether code was gofumpt-ed. 258 - nlreturn # nlreturn checks for a new line before return and branch statements to increase code clarity 259 - whitespace # Tool for detection of leading and trailing whitespace 260 - wsl # Whitespace Linter - Forces you to use empty lines! 261 262 # 263 # Well intended, but not ready for this 264 # 265 - dupl # Tool for code clone detection 266 - forcetypeassert # finds forced type assertions 267 - godox # Tool for detection of FIXME, TODO and other comment keywords 268 - goerr113 # Golang linter to check the errors handling expressions 269 - paralleltest # paralleltest detects missing usage of t.Parallel() method in your Go test 270 - testpackage # linter that makes you use a separate _test package 271 272 # 273 # Too strict / too many false positives (for now?) 274 # 275 - exhaustruct # Checks if all structure fields are initialized 276 - forbidigo # Forbids identifiers 277 - gochecknoglobals # check that no global variables exist 278 - goconst # Finds repeated strings that could be replaced by a constant 279 - stylecheck # Stylecheck is a replacement for golint 280 - tagliatelle # Checks the struct tags. 281 - varnamelen # checks that the length of a variable's name matches its scope 282 283 # 284 # Under evaluation 285 # 286 287 - prealloc # Finds slice declarations that could potentially be preallocated 288 289 290 issues: 291 # “Look, that’s why there’s rules, understand? So that you think before you 292 # break ‘em.” ― Terry Pratchett 293 294 exclude-dirs: 295 - pkg/time/rate 296 297 exclude-files: 298 - pkg/yamlpatch/merge.go 299 - pkg/yamlpatch/merge_test.go 300 301 exclude-generated-strict: true 302 303 max-issues-per-linter: 0 304 max-same-issues: 0 305 exclude-rules: 306 307 # Won't fix: 308 309 # `err` is often shadowed, we may continue to do it 310 - linters: 311 - govet 312 text: "shadow: declaration of \"err\" shadows declaration" 313 314 - linters: 315 - errcheck 316 text: "Error return value of `.*` is not checked" 317 318 - linters: 319 - gocritic 320 text: "ifElseChain: rewrite if-else to switch statement" 321 322 - linters: 323 - gocritic 324 text: "captLocal: `.*' should not be capitalized" 325 326 - linters: 327 - gocritic 328 text: "appendAssign: append result not assigned to the same slice" 329 330 - linters: 331 - gocritic 332 text: "commentFormatting: put a space between `//` and comment text" 333 334 # Will fix, trivial - just beware of merge conflicts 335 336 - linters: 337 - perfsprint 338 text: "fmt.Sprintf can be replaced .*" 339 340 - linters: 341 - perfsprint 342 text: "fmt.Errorf can be replaced with errors.New" 343 344 # 345 # Will fix, easy but some neurons required 346 # 347 348 - linters: 349 - errorlint 350 text: "non-wrapping format verb for fmt.Errorf. Use `%w` to format errors" 351 352 - linters: 353 - errorlint 354 text: "type assertion on error will fail on wrapped errors. Use errors.As to check for specific errors" 355 356 - linters: 357 - errorlint 358 text: "type switch on error will fail on wrapped errors. Use errors.As to check for specific errors" 359 360 - linters: 361 - errorlint 362 text: "type assertion on error will fail on wrapped errors. Use errors.Is to check for specific errors" 363 364 - linters: 365 - errorlint 366 text: "comparing with .* will fail on wrapped errors. Use errors.Is to check for a specific error" 367 368 - linters: 369 - errorlint 370 text: "switch on an error will fail on wrapped errors. Use errors.Is to check for specific errors" 371 372 - linters: 373 - nosprintfhostport 374 text: "host:port in url should be constructed with net.JoinHostPort and not directly with fmt.Sprintf" 375 376 # https://github.com/timakin/bodyclose 377 - linters: 378 - bodyclose 379 text: "response body must be closed" 380 381 # named/naked returns are evil, with a single exception 382 # https://go.dev/wiki/CodeReviewComments#named-result-parameters 383 - linters: 384 - nonamedreturns 385 text: "named return .* with type .* found"