chore: update golangci-lint to v2.3.0 [IDE-1377]

.golangci.yaml

@@ -1,92 +1,83 @@
+version: '2'
 run:
   build-tags:
     - integration
   concurrency: 4
   issues-exit-code: 1
-  skip-dirs: []
   tests: true
-  timeout: 5m
-
-linters-settings:
-  errcheck:
-    check-blank: true
-    check-type-assertions: true
-  exhaustive:
-    default-signifies-exhaustive: true
-  goconst:
-    ignore-calls: false
-  gocritic:
-    enabled-tags:
-      - diagnostic
-      - experimental
-      - opinionated
-      - performance
-      - style
-  gocyclo:
-    min-complexity: 15
-  gofumpt:
-    module-path: github.com/snyk/go-application-framework
-    extra-rules: true
-  goimports:
-    local-prefixes: github.com/snyk/go-application-framework
-  gosimple:
-    checks: ['all']
-  govet:
-    enable-all: true
-    disable:
-      - fieldalignment
-  lll:
-    line-length: 160
-  misspell:
-    locale: US
-  nolintlint:
-    allow-unused: false
-    require-explanation: true
-    require-specific: true
-  prealloc:
-    simple: true
-    range-loops: true
-    for-loops: true
-  promlinter:
-    strict: true
-  revive:
-    rules:
-      - name: blank-imports
-        disabled: true
-      - name: context-as-argument
-      - name: context-keys-type
-      - name: dot-imports
-      - name: error-return
-      - name: error-strings
-      - name: error-naming
-      - name: exported
-        disable-stuttering-check: true
-      - name: if-return
-      - name: increment-decrement
-      - name: var-naming
-      - name: var-declaration
-        disabled: true
-      - name: package-comments
-      - name: range
-      - name: receiver-naming
-      - name: time-naming
-      - name: unexported-return
-      - name: indent-error-flow
-      - name: errorf
-      - name: empty-block
-      - name: superfluous-else
-      - name: unused-parameter
-      - name: unreachable-code
-      - name: redefines-builtin-id
-  staticcheck:
-    checks: ['all']
-  stylecheck:
-    checks: ['all']
-    http-status-code-whitelist: []
-  varcheck:
-    exported-fields: true
-
 linters:
+  settings:
+    errcheck:
+      check-blank: true
+      check-type-assertions: true
+    exhaustive:
+      default-signifies-exhaustive: true
+    goconst:
+      ignore-calls: false
+    gocritic:
+      enabled-tags:
+        - diagnostic
+        - experimental
+        - opinionated
+        - performance
+        - style
+    gocyclo:
+      min-complexity: 15
+    govet:
+      enable-all: true
+      disable:
+        - fieldalignment
+    lll:
+      line-length: 160
+    misspell:
+      locale: US
+    nolintlint:
+      allow-unused: false
+      require-explanation: true
+      require-specific: true
+    prealloc:
+      simple: true
+      range-loops: true
+      for-loops: true
+    promlinter:
+      strict: true
+    revive:
+      rules:
+        - name: blank-imports
+          disabled: true
+        - name: context-as-argument
+        - name: context-keys-type
+        - name: dot-imports
+        - name: error-return
+        - name: error-strings
+        - name: error-naming
+        - name: exported
+        - name: if-return
+        - name: increment-decrement
+        - name: var-naming
+        - name: var-declaration
+          disabled: true
+        - name: package-comments
+        - name: range
+        - name: receiver-naming
+        - name: time-naming
+        - name: unexported-return
+        - name: indent-error-flow
+        - name: errorf
+        - name: empty-block
+        - name: superfluous-else
+        - name: unused-parameter
+        - name: unreachable-code
+        - name: redefines-builtin-id
+    staticcheck:
+      checks:
+        - all
+        - -ST1000 # Disable package comment enforcement
+        - -ST1003 # Disable naming convention checks (e.g. myId -> myID)
+        - -SA1019 # Disable deprecated usage checks
+      http-status-code-whitelist: [] # Flag ALL hard-coded HTTP status codes
+    unused:
+      exported-fields-are-used: false # Check unused exported fields
   enable:
     - asasalint
     - asciicheck
@@ -111,10 +102,6 @@ linters:
     - gocyclo
     # TODO(godot): revisit
     #- godot
-    # TODO(gofumpt): revisit
-    #- gofumpt
-    # TODO(goimports): revisit
-    #- goimports
     - goprintffuncname
     # TODO(gosec): revisit; consequences of revoking non-owner file permissions?
     #- gosec
@@ -141,8 +128,7 @@ linters:
     #- revive
     - rowserrcheck
     - sqlclosecheck
-    # TODO(stylecheck): revisit in a followup; some breaking API changes
-    #- stylecheck
+    - staticcheck
     # NOTE: removed tagliatelle as it conflicts too much with existing API wireformats
     # - TODO(usetesting)
     # TODO(testpackage): improve open vs closed-box testing in a followup
@@ -151,26 +137,33 @@ linters:
     - tparallel
     - unconvert
     - unparam
+    - unused
     - usestdlibvars
     - wastedassign
     - whitespace
     # TODO(wrapcheck): wrap errors in a followup
     #- wrapcheck
-
-issues:
-  exclude-rules:
-    - linters:
-        - staticcheck
-      text: "SA1019"
-    - path: _test\.go
-      linters:
-        - bodyclose
-        - forcetypeassert
-        - goconst
-        - ireturn
-    - path: test/
-      linters:
-        - testpackage
-  include:
-    - EXC0012
-    - EXC0014
+  exclusions:
+    rules:
+      - path: _test\.go
+        linters:
+          - bodyclose
+          - forcetypeassert
+          - goconst
+          - ireturn
+      - path: test/
+        linters:
+          - testpackage
+formatters:
+  enable: []
+    # TODO(gofumpt): revisit
+    #- gofumpt
+    # TODO(goimports): revisit
+    #- goimports
+  settings:
+    gofumpt:
+      module-path: github.com/snyk/go-application-framework
+      extra-rules: true
+    goimports:
+      local-prefixes:
+        - github.com/snyk/go-application-framework

Makefile

@@ -3,7 +3,10 @@ GOOS = $(shell go env GOOS)
 GOARCH = $(shell go env GOARCH)
 
 GO_BIN := $(shell pwd)/.bin
-OVERRIDE_GOCI_LINT_V := v1.64.8
+
+GOCI_LINT_V := v2.3.0
+GOCI_LINT_TARGETS := $(GO_BIN)/golangci-lint $(GO_BIN)/.golangci-lint_$(GOCI_LINT_V)
+
 SHELL := env PATH=$(GO_BIN):$(shell go env GOROOT)/bin:$(PATH) $(SHELL)
 
 .PHONY: format
@@ -12,10 +15,10 @@ format:
 	@gofmt -w -l -e .
 
 .PHONY: lint
-lint: $(GO_BIN)/golangci-lint
+lint: $(GOCI_LINT_TARGETS)
 	@echo "Linting..."
 	@./scripts/lint.sh
-	$(GO_BIN)/golangci-lint run ./...
+	$(GO_BIN)/golangci-lint run --timeout=10m ./...
 
 .PHONY: build
 build:
@@ -44,10 +47,12 @@ generate:
 	@make format
 
 .PHONY: tools
-tools: $(GO_BIN)/golangci-lint
+tools: $(GOCI_LINT_TARGETS)
 
-$(GO_BIN)/golangci-lint:
-	curl -sSfL 'https://raw.githubusercontent.com/golangci/golangci-lint/${OVERRIDE_GOCI_LINT_V}/install.sh' | sh -s -- -b ${GO_BIN} ${OVERRIDE_GOCI_LINT_V}
+$(GOCI_LINT_TARGETS):
+	@rm -f $(GO_BIN)/.golangci-lint_*
+	@curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/$(GOCI_LINT_V)/install.sh | sh -s -- -b $(GO_BIN) $(GOCI_LINT_V)
+	@touch $(GO_BIN)/.golangci-lint_$(GOCI_LINT_V)
 
 .PHONY: update-dragonfly
 update-dragonfly:

internal/api/api.go

@@ -184,8 +184,7 @@ func (a *snykApiClient) GetFeatureFlag(flagname string, orgId string) (bool, err
 	if err != nil {
 		return defaultResult, fmt.Errorf("unable to retrieve feature flag: %w", err)
 	}
-	//goland:noinspection GoUnhandledErrorResult
-	defer res.Body.Close()
+	defer func() { _ = res.Body.Close() }() //nolint:errcheck // Ignore lack of error handling
 
 	body, err := io.ReadAll(res.Body)
 	if err != nil {
@@ -232,8 +231,7 @@ func (a *snykApiClient) GetSastSettings(orgId string) (*sast_contract.SastRespon
 	if err != nil {
 		return nil, fmt.Errorf("unable to retrieve settings: %w", err)
 	}
-	//goland:noinspection GoUnhandledErrorResult
-	defer res.Body.Close()
+	defer func() { _ = res.Body.Close() }() //nolint:errcheck // Ignore lack of error handling
 
 	body, err := io.ReadAll(res.Body)
 	if err != nil {
@@ -255,8 +253,7 @@ func (a *snykApiClient) GetOrgSettings(orgId string) (*contract.OrgSettingsRespo
 	if err != nil {
 		return nil, fmt.Errorf("unable to retrieve org settings: %w", err)
 	}
-	//goland:noinspection GoUnhandledErrorResult
-	defer res.Body.Close()
+	defer func() { _ = res.Body.Close() }() //nolint:errcheck // Ignore lack of error handling
 
 	body, err := io.ReadAll(res.Body)
 	if err != nil {
@@ -291,7 +288,7 @@ func (a *snykApiClient) GetOrgSettings(orgId string) (*contract.OrgSettingsRespo
 // apiVersion := "2022-01-12"
 // response, err := clientGet(myApiClient, "/organizations", &apiVersion, "limit", "50")
 func clientGet(a *snykApiClient, endpoint string, version *string, queryParams ...string) ([]byte, error) {
-	var apiVersion string = constants.SNYK_DEFAULT_API_VERSION
+	apiVersion := constants.SNYK_DEFAULT_API_VERSION
 	if version != nil && *version != "" {
 		apiVersion = *version
 	}
@@ -316,7 +313,7 @@ func clientGet(a *snykApiClient, endpoint string, version *string, queryParams .
 		return nil, fmt.Errorf("failed to read response body: %w", err)
 	}
 
-	defer res.Body.Close()
+	defer func() { _ = res.Body.Close() }() //nolint:errcheck // Ignore lack of error handling
 	return body, nil
 }
 

internal/presenters/funcs.go

@@ -330,7 +330,7 @@ func mustReverse(v interface{}) ([]interface{}, error) {
 
 		return nl, nil
 	default:
-		return nil, fmt.Errorf("Cannot find reverse on type %s", tp)
+		return nil, fmt.Errorf("cannot find reverse on type %s", tp)
 	}
 }
 

internal/presenters/html.go

@@ -70,7 +70,7 @@ func (p *HTMLpresenter) Present(htmlString string) (string, error) {
 		if n.Type == html.ElementNode {
 			tagName := n.Data
 			var cssClass string
-			var hasClassAttribute bool = false
+			hasClassAttribute := false
 
 			for _, attr := range n.Attr {
 				if attr.Key == "class" {

internal/presenters/jsonwriter.go

@@ -11,9 +11,7 @@ type JsonWriter struct {
 	stripWhiteSpaces bool
 }
 
-/*
- * This Writer can be used to strip away whitespaces from json content to reduce the final size
- */
+// NewJsonWriter creates a Writer that can be used to strip away whitespaces from json content to reduce the final size
 func NewJsonWriter(next io.Writer, stripWhitespaces bool) io.Writer {
 	return &JsonWriter{
 		next:             next,

pkg/analytics/analytics.go

@@ -2,8 +2,6 @@ package analytics
 
 import (
 	"bytes"
-	"github.com/snyk/go-application-framework/pkg/logging"
-
 	//nolint:gosec // insecure sha1 used for legacy identifier
 	"crypto/sha1"
 	"encoding/json"
@@ -22,6 +20,7 @@ import (
 
 	"github.com/snyk/go-application-framework/internal/api"
 	utils2 "github.com/snyk/go-application-framework/internal/utils"
+	"github.com/snyk/go-application-framework/pkg/logging"
 )
 
 // Analytics is an interface for managing analytics.
@@ -319,7 +318,7 @@ func (a *AnalyticsImpl) SetInstrumentation(ic InstrumentationCollector) {
 	a.instrumentor = ic
 }
 
-var DisabledInFedrampErr = errors.New("analytics are disabled in FedRAMP environments") //nolint:errname // breaking API change
+var DisabledInFedrampErr = errors.New("analytics are disabled in FedRAMP environments") //nolint:errname,staticcheck // breaking API change
 
 // This method sanitizes the given content by searching for key-value mappings. It thereby replaces all keys defined in keysToFilter by the replacement string
 // Supported patterns are:

pkg/apiclients/testapi/mock_server_test.go

@@ -109,7 +109,10 @@ func handleCreateTestRequest(t *testing.T, w http.ResponseWriter, r *http.Reques
 	if config.ExpectedCreateTestBody != nil {
 		bodyBytes, bodyErr := io.ReadAll(r.Body)
 		require.NoError(t, bodyErr)
-		defer r.Body.Close()
+		defer func() {
+			closeErr := r.Body.Close()
+			assert.NoError(t, closeErr)
+		}()
 		expectedBodyBytes, err := json.Marshal(config.ExpectedCreateTestBody)
 		require.NoError(t, err)
 		assert.JSONEq(t, string(expectedBodyBytes), string(bodyBytes))