github.com/yogeshkumararora/slsa-github-generator@v1.10.1-0.20240520161934-11278bd5afb4/.golangci.yml (about) 1 # Copyright 2023 SLSA Authors 2 # 3 # Licensed under the Apache License, Version 2.0 (the "License"); 4 # you may not use this file except in compliance with the License. 5 # You may obtain a copy of the License at 6 # 7 # http://www.apache.org/licenses/LICENSE-2.0 8 # 9 # Unless required by applicable law or agreed to in writing, software 10 # distributed under the License is distributed on an "AS IS" BASIS, 11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 # See the License for the specific language governing permissions and 13 # limitations under the License. 14 15 --- 16 run: 17 concurrency: 2 18 deadline: 5m 19 timeout: 5m 20 issues: 21 # TODO(github.com/yogeshkumararora/slsa-github-generator/issues/450): revive `package-comments` and `exported` rules. 22 include: 23 - EXC0012 24 - EXC0013 25 - EXC0014 26 # - EXC0015 27 # Maximum issues count per one linter. 28 # Set to 0 to disable. 29 # Default: 50 30 max-issues-per-linter: 0 31 # Maximum count of issues with the same text. 32 # Set to 0 to disable. 33 # Default: 3 34 max-same-issues: 0 35 new-from-rev: "" 36 linters: 37 disable-all: true 38 enable: 39 # Some linters have been removed because of the go 1.18 issues. 40 # https://github.com/golangci/golangci-lint/issues/2649 41 - asciicheck 42 - depguard 43 - dogsled 44 - errcheck 45 # TODO(github.com/yogeshkumararora/slsa-github-generator/issues/450): enable errorlint 46 # - errorlint 47 - exhaustive 48 - exportloopref 49 # TODO(github.com/yogeshkumararora/slsa-github-generator/issues/450): enable gci 50 # - gci 51 - gochecknoinits 52 - gocognit 53 - goconst 54 - gocritic 55 - gocyclo 56 - godot 57 # TODO(github.com/yogeshkumararora/slsa-github-generator/issues/450): enable godox 58 # - godox 59 # TODO(github.com/yogeshkumararora/slsa-github-generator/issues/450): enable goerr113 60 # - goerr113 61 - gofmt 62 - gofumpt 63 - goheader 64 - goimports 65 - gomodguard 66 - goprintffuncname 67 - gosec 68 - gosimple 69 - govet 70 - ineffassign 71 - lll 72 - makezero 73 - misspell 74 - nakedret 75 # TODO(github.com/yogeshkumararora/slsa-github-generator/issues/450): enable nestif 76 # - nestif 77 - nolintlint 78 # TODO(github.com/yogeshkumararora/slsa-github-generator/issues/450): enable paralleltest 79 # - paralleltest 80 - predeclared 81 - revive 82 - staticcheck 83 # TODO(github.com/yogeshkumararora/slsa-github-generator/issues/450): enable stylecheck 84 # - stylecheck 85 # TODO(github.com/yogeshkumararora/slsa-github-generator/issues/450): enable thelper 86 # - thelper 87 - typecheck 88 - unconvert 89 - unused 90 - whitespace 91 # TODO(github.com/yogeshkumararora/slsa-github-generator/issues/450): enable thelper 92 # - wrapcheck 93 linters-settings: 94 depguard: 95 rules: 96 all: 97 files: 98 - $all 99 allow: 100 - $gostd 101 102 # Approved orgs. 103 - "github.com/slsa-framework" 104 - "github.com/in-toto" 105 - "github.com/google" 106 - "github.com/sigstore" 107 - "github.com/secure-systems-lab" 108 - "github.com/go-openapi" 109 110 # Approved packages. 111 - "github.com/spf13/cobra" # For CLI 112 - "github.com/coreos/go-oidc" # For verifying OIDC tokens. 113 114 # Allowed packages in container-based builder. 115 - "github.com/pelletier/go-toml" # For container-based builder config. 116 deny: 117 - pkg: "reflect" 118 desc: Please don't use reflect package 119 - pkg: "unsafe" 120 desc: Please don't use unsafe package 121 122 main: 123 files: 124 - $all 125 # This is an exception for the container-based builder to allow it to use go-cmp. 126 # TODO(#2247): Don't allow go-cmp in non-test code. 127 - "!**/internal/builders/docker/commands.go" 128 # NOTE: test code is allowed to use github.com/google/go-cmp (there is no 129 # deny for it) but non-test code is not. 130 - "!$test" 131 deny: 132 - pkg: "github.com/google/go-cmp" 133 desc: Please don't use go-cmp for non-test code. 134 135 errcheck: 136 check-type-assertions: true 137 check-blank: true 138 gocognit: 139 # Minimal code complexity to report 140 # Increased beyond default to support table-driven tests. 141 min-complexity: 35 142 govet: 143 enable: 144 - fieldalignment 145 godox: 146 keywords: 147 - BUG 148 - FIXME 149 - HACK 150 gci: 151 sections: 152 - standard 153 - default 154 - prefix(github.com/yogeshkumararora/slsa-github-generator) 155 gocritic: 156 enabled-checks: 157 # Diagnostic 158 - appendAssign 159 - argOrder 160 - badCond 161 - caseOrder 162 - codegenComment 163 - commentedOutCode 164 - deprecatedComment 165 - dupArg 166 - dupBranchBody 167 - dupCase 168 - dupSubExpr 169 - exitAfterDefer 170 - flagDeref 171 - flagName 172 - nilValReturn 173 - offBy1 174 - sloppyReassign 175 - weakCond 176 - octalLiteral 177 178 # Performance 179 - appendCombine 180 - equalFold 181 - hugeParam 182 - indexAlloc 183 - rangeExprCopy 184 - rangeValCopy 185 186 # Style 187 - assignOp 188 - boolExprSimplify 189 - captLocal 190 - commentFormatting 191 - commentedOutImport 192 - defaultCaseOrder 193 - docStub 194 - elseif 195 - emptyFallthrough 196 - emptyStringTest 197 - hexLiteral 198 - ifElseChain 199 - methodExprCall 200 - regexpMust 201 - singleCaseSwitch 202 - sloppyLen 203 - stringXbytes 204 - switchTrue 205 - typeAssertChain 206 - typeSwitchVar 207 - underef 208 - unlabelStmt 209 - unlambda 210 - unslice 211 - valSwap 212 - wrapperFunc 213 - yodaStyleExpr 214 215 # Opinionated 216 - builtinShadow 217 - importShadow 218 - initClause 219 - nestingReduce 220 - paramTypeCombine 221 - ptrToRefParam 222 - typeUnparen 223 - unnecessaryBlock