github.com/letsencrypt/boulder@v0.20251208.0/.golangci.yml

github.com/letsencrypt/boulder@v0.20251208.0/.golangci.yml (about)

     1  version: "2"
     2  linters:
     3    default: none
     4    enable:
     5      - asciicheck
     6      - bidichk
     7      - errcheck
     8      - gosec
     9      - govet
    10      - ineffassign
    11      - misspell
    12      - nolintlint
    13      - spancheck
    14      - sqlclosecheck
    15      - staticcheck
    16      - unconvert
    17      - unparam
    18      - unused
    19      - wastedassign
    20    settings:
    21      errcheck:
    22        exclude-functions:
    23          - (net/http.ResponseWriter).Write
    24          - (net.Conn).Write
    25          - encoding/binary.Write
    26          - io.Write
    27          - net/http.Write
    28          - os.Remove
    29          - github.com/miekg/dns.WriteMsg
    30      govet:
    31        disable:
    32          - fieldalignment
    33          - shadow
    34        enable-all: true
    35        settings:
    36          printf:
    37            funcs:
    38              - (github.com/letsencrypt/boulder/log.Logger).Errf
    39              - (github.com/letsencrypt/boulder/log.Logger).Warningf
    40              - (github.com/letsencrypt/boulder/log.Logger).Infof
    41              - (github.com/letsencrypt/boulder/log.Logger).Debugf
    42              - (github.com/letsencrypt/boulder/log.Logger).AuditInfof
    43              - (github.com/letsencrypt/boulder/log.Logger).AuditErrf
    44              - (github.com/letsencrypt/boulder/ocsp/responder).SampledError
    45              - (github.com/letsencrypt/boulder/web.RequestEvent).AddError
    46      gosec:
    47        excludes:
    48          # TODO: Identify, fix, and remove violations of most of these rules
    49          - G101 # Potential hardcoded credentials
    50          - G102 # Binds to all network interfaces
    51          - G104 # Errors unhandled
    52          - G107 # Potential HTTP request made with variable url
    53          - G201 # SQL string formatting
    54          - G202 # SQL string concatenation
    55          - G204 # Subprocess launched with variable
    56          - G302 # Expect file permissions to be 0600 or less
    57          - G306 # Expect WriteFile permissions to be 0600 or less
    58          - G304 # Potential file inclusion via variable
    59          - G401 # Use of weak cryptographic primitive
    60          - G402 # TLS InsecureSkipVerify set true.
    61          - G403 # RSA keys should be at least 2048 bits
    62          - G404 # Use of weak random number generator
    63      nolintlint:
    64        require-explanation: true
    65        require-specific: true
    66        allow-unused: false
    67      staticcheck:
    68        checks:
    69          - all
    70          # TODO: Identify, fix, and remove violations of most of these rules
    71          - -S1029  # Range over the string directly
    72          - -SA1019 # Using a deprecated function, variable, constant or field
    73          - -SA6003 # Converting a string to a slice of runes before ranging over it
    74          - -ST1000 # Incorrect or missing package comment
    75          - -ST1003 # Poorly chosen identifier
    76          - -ST1005 # Incorrectly formatted error string
    77          - -QF1001 # Could apply De Morgan's law
    78          - -QF1003 # Could use tagged switch
    79          - -QF1004 # Could use strings.Split instead
    80          - -QF1007 # Could merge conditional assignment into variable declaration
    81          - -QF1008 # Could remove embedded field from selector
    82          - -QF1009 # Probably want to use time.Time.Equal
    83          - -QF1012 # Use fmt.Fprintf(...) instead of Write(fmt.Sprintf(...))
    84    exclusions:
    85      presets:
    86        - std-error-handling
    87  formatters:
    88    enable:
    89      - gofmt