# see https://github.com/golangci/golangci-lint/blob/master/.golangci.example.yml linters-settings: gci: sections: - standard - default - prefix(github.com/crowdsecurity) - prefix(github.com/crowdsecurity/crowdsec) - prefix(github.com/crowdsecurity/cs-firewall-bouncer) govet: enable-all: true disable: - reflectvaluecompare - fieldalignment misspell: locale: US nlreturn: block-size: 4 nolintlint: allow-unused: false # report any unused nolint directives require-explanation: false # don't require an explanation for nolint directives require-specific: false # don't require nolint directives to be specific about which linter is being skipped depguard: rules: main: deny: - pkg: "github.com/pkg/errors" desc: "errors.Wrap() is deprecated in favor of fmt.Errorf()" stylecheck: checks: - all - -ST1003 # should not use underscores in Go names; ... - -ST1005 # error strings should not be capitalized - -ST1012 # error var ... should have name of the form ErrFoo - -ST1016 # methods on the same type should have the same receiver name - -ST1022 # comment on exported var ... should be of the form ... revive: ignore-generated-header: true severity: error enable-all-rules: true rules: - name: add-constant disabled: true - name: cognitive-complexity disabled: true - name: comment-spacings disabled: true - name: confusing-results disabled: true - name: cyclomatic disabled: true - name: empty-lines disabled: true - name: flag-parameter disabled: true - name: function-length disabled: true - name: if-return disabled: true - name: import-alias-naming disabled: true - name: import-shadowing disabled: true - name: line-length-limit disabled: true - name: nested-structs disabled: true - name: var-declaration disabled: true - name: exported disabled: true - name: unexported-naming disabled: true - name: unexported-return disabled: true - name: unhandled-error disabled: true arguments: - "fmt.Print" - "fmt.Printf" - "fmt.Println" - name: unused-receiver disabled: true - name: function-result-limit arguments: - 5 wsl: # Allow blocks to end with comments allow-trailing-comment: true linters: enable-all: true disable: # # DEPRECATED by golangi-lint # - execinquery # # Redundant # - gocyclo # revive - cyclop # revive - lll # revive - funlen # revive - gocognit # revive # # Disabled # - gci # Gci control golang package import order and make it always deterministic. # # Enabled # # - asasalint # check for pass []any as any in variadic func(...any) # - asciicheck # checks that all code identifiers does not have non-ASCII symbols in the name # - bidichk # Checks for dangerous unicode character sequences # - bodyclose # checks whether HTTP response body is closed successfully # - containedctx # containedctx is a linter that detects struct contained context.Context field # - contextcheck # check the function whether use a non-inherited context # - decorder # check declaration order and count of types, constants, variables and functions # - depguard # Go linter that checks if package imports are in a list of acceptable packages # - dupword # checks for duplicate words in the source code # - durationcheck # check for two durations multiplied together # - errcheck # errcheck is a program for checking for unchecked errors in Go code. These unchecked errors can be critical bugs in some cases # - errchkjson # Checks types passed to the json encoding functions. Reports unsupported types and optionally reports occations, where the check for the returned error can be omitted. # - errname # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`. # - errorlint # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13. # - execinquery # execinquery is a linter about query string checker in Query function which reads your Go src files and warning it finds # - exhaustive # check exhaustiveness of enum switch statements # - exportloopref # checks for pointers to enclosing loop variables # - forcetypeassert # finds forced type assertions # - ginkgolinter # enforces standards of using ginkgo and gomega # - gocheckcompilerdirectives # Checks that go compiler directive comments (//go:) are valid. # - gochecknoinits # Checks that no init functions are present in Go code # - gochecksumtype # Run exhaustiveness checks on Go "sum types" # - gocritic # Provides diagnostics that check for bugs, performance and style issues. # - godot # Check if comments end in a period # - gofmt # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification # - goheader # Checks is file header matches to pattern # - goimports # In addition to fixing imports, goimports also formats your code in the same style as gofmt. # - gomoddirectives # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod. # - gomodguard # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations. # - goprintffuncname # Checks that printf-like functions are named with `f` at the end # - gosimple # (megacheck): Linter for Go source code that specializes in simplifying a code # - gosmopolitan # Report certain i18n/l10n anti-patterns in your Go codebase # - govet # (vet, vetshadow): Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string # - grouper # Analyze expression groups. # - importas # Enforces consistent import aliases # - ineffassign # Detects when assignments to existing variables are not used # - interfacebloat # A linter that checks the number of methods inside an interface. # - loggercheck # (logrlint): Checks key value pairs for common logger libraries (kitlog,klog,logr,zap). # - logrlint # Check logr arguments. # - maintidx # maintidx measures the maintainability index of each function. # - makezero # Finds slice declarations with non-zero initial length # - mirror # reports wrong mirror patterns of bytes/strings usage # - misspell # Finds commonly misspelled English words # - nakedret # Checks that functions with naked returns are not longer than a maximum size (can be zero). # - nilerr # Finds the code that returns nil even if it checks that the error is not nil. # - nilnil # Checks that there is no simultaneous return of `nil` error and an invalid value. # - noctx # noctx finds sending http request without context.Context # - nolintlint # Reports ill-formed or insufficient nolint directives # - nonamedreturns # Reports all named returns # - nosprintfhostport # Checks for misuse of Sprintf to construct a host with port in a URL. # - perfsprint # Checks that fmt.Sprintf can be replaced with a faster alternative. # - prealloc # Finds slice declarations that could potentially be preallocated # - predeclared # find code that shadows one of Go's predeclared identifiers # - promlinter # Check Prometheus metrics naming via promlint # - reassign # Checks that package variables are not reassigned # - revive # Fast, configurable, extensible, flexible, and beautiful linter for Go. Drop-in replacement of golint. # - rowserrcheck # checks whether Err of rows is checked successfully # - sloglint # ensure consistent code style when using log/slog # - spancheck # Checks for mistakes with OpenTelemetry/Census spans. # - sqlclosecheck # Checks that sql.Rows, sql.Stmt, sqlx.NamedStmt, pgx.Query are closed. # - staticcheck # (megacheck): It's a set of rules from staticcheck. It's not the same thing as the staticcheck binary. The author of staticcheck doesn't support or approve the use of staticcheck as a library inside golangci-lint. # - stylecheck # Stylecheck is a replacement for golint # - tenv # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17 # - testableexamples # linter checks if examples are testable (have an expected output) # - testifylint # Checks usage of github.com/stretchr/testify. # - thelper # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers # - tparallel # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes # - typecheck # Like the front-end of a Go compiler, parses and type-checks Go code # - unconvert # Remove unnecessary type conversions # - unused # (megacheck): Checks Go code for unused constants, variables, functions and types # - usestdlibvars # A linter that detect the possibility to use variables/constants from the Go standard library. # - wastedassign # Finds wasted assignment statements # - zerologlint # Detects the wrong usage of `zerolog` that a user forgets to dispatch with `Send` or `Msg` # # Recommended? (easy) # - gocritic # Provides diagnostics that check for bugs, performance and style issues. - gosec # (gas): Inspects source code for security problems - wrapcheck # Checks that errors returned from external packages are wrapped # # Recommended? (requires some work) # - gomnd # An analyzer to detect magic numbers. - ireturn # Accept Interfaces, Return Concrete Types - mnd # An analyzer to detect magic numbers. - unparam # Reports unused function parameters # # Formatting only, useful in IDE but should not be forced on CI? # - gofumpt # Gofumpt checks whether code was gofumpt-ed. - nlreturn # nlreturn checks for a new line before return and branch statements to increase code clarity - whitespace # Whitespace is a linter that checks for unnecessary newlines at the start and end of functions, if, for, etc. - wsl # add or remove empty lines # # Well intended, but not ready for this # - dupl # Tool for code clone detection - godox # Tool for detection of FIXME, TODO and other comment keywords - err113 # Golang linter to check the errors handling expressions - maintidx # maintidx measures the maintainability index of each function. - nestif # Reports deeply nested if statements - paralleltest # paralleltest detects missing usage of t.Parallel() method in your Go test - testpackage # linter that makes you use a separate _test package # # Too strict / too many false positives (for now?) # - exhaustruct # Checks if all structure fields are initialized - forbidigo # Forbids identifiers - gochecknoglobals # Check that no global variables exist. - goconst # Finds repeated strings that could be replaced by a constant - tagliatelle # Checks the struct tags. - varnamelen # checks that the length of a variable's name matches its scope issues: exclude-generated: strict max-issues-per-linter: 0 max-same-issues: 0 exclude-rules: # `err` is often shadowed, we may continue to do it - linters: - govet text: "shadow: declaration of \"err\" shadows declaration" - linters: - errcheck text: "Error return value of `.*` is not checked" - linters: - perfsprint text: "fmt.Sprintf can be replaced .*"