From ddb6d9b1293b6935d4ee7c17b149fd34c3f6d874 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 7 Apr 2025 02:18:26 +0000 Subject: [PATCH 1/3] chore(deps): update all dependencies --- .github/workflows/ci.yml | 2 +- go.mod | 15 ++++++++------- go.sum | 36 ++++++++++++++++++++---------------- 3 files changed, 29 insertions(+), 24 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2b0bc2e04b..1c4c04504e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -28,7 +28,7 @@ jobs: restore-keys: | ${{ runner.os }}-go- - name: lint - uses: golangci/golangci-lint-action@v6 + uses: golangci/golangci-lint-action@v7 with: version: ${{ matrix.version.golangci }} - name: Run Gosec Security Scanner diff --git a/go.mod b/go.mod index f8417c0880..d05123bb93 100644 --- a/go.mod +++ b/go.mod @@ -7,11 +7,11 @@ require ( github.com/gookit/color v1.5.4 github.com/lib/pq v1.10.9 github.com/mozilla/tls-observatory v0.0.0-20210609171429-7bc42856d2e5 - github.com/onsi/ginkgo/v2 v2.23.3 - github.com/onsi/gomega v1.36.3 + github.com/onsi/ginkgo/v2 v2.23.4 + github.com/onsi/gomega v1.37.0 github.com/stretchr/testify v1.10.0 - golang.org/x/crypto v0.36.0 - golang.org/x/text v0.23.0 + golang.org/x/crypto v0.37.0 + golang.org/x/text v0.24.0 golang.org/x/tools v0.31.0 google.golang.org/api v0.228.0 gopkg.in/yaml.v3 v3.0.1 @@ -30,7 +30,7 @@ require ( github.com/go-logr/stdr v1.2.2 // indirect github.com/go-task/slim-sprig/v3 v3.0.0 // indirect github.com/google/go-cmp v0.7.0 // indirect - github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad // indirect + github.com/google/pprof v0.0.0-20250403155104-27863c87afa6 // indirect github.com/google/s2a-go v0.1.9 // indirect github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect github.com/googleapis/gax-go/v2 v2.14.1 // indirect @@ -43,11 +43,12 @@ require ( go.opentelemetry.io/otel v1.34.0 // indirect go.opentelemetry.io/otel/metric v1.34.0 // indirect go.opentelemetry.io/otel/trace v1.34.0 // indirect + go.uber.org/automaxprocs v1.6.0 // indirect golang.org/x/mod v0.24.0 // indirect golang.org/x/net v0.37.0 // indirect golang.org/x/oauth2 v0.28.0 // indirect - golang.org/x/sync v0.12.0 // indirect - golang.org/x/sys v0.31.0 // indirect + golang.org/x/sync v0.13.0 // indirect + golang.org/x/sys v0.32.0 // indirect golang.org/x/time v0.11.0 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20250106144421-5f5ef82da422 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20250313205543-e70fdf4c4cb4 // indirect diff --git a/go.sum b/go.sum index ecd5edfa97..97f3189306 100644 --- a/go.sum +++ b/go.sum @@ -179,8 +179,8 @@ github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200507031123-427632fa3b1c/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad h1:a6HEuzUHeKH6hwfN/ZoQgRgVIWFJljSWa/zetS2WTvg= -github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= +github.com/google/pprof v0.0.0-20250403155104-27863c87afa6 h1:BHT72Gu3keYf3ZEu2J0b1vyeLSOYI8bm5wbJM/8yDe8= +github.com/google/pprof v0.0.0-20250403155104-27863c87afa6/go.mod h1:boTsfXsheKC2y+lKOCMpSfarhxDeIzfZG1jqGcPl3cA= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/s2a-go v0.1.9 h1:LGD7gtMgezd8a/Xak7mEWL0PjoTQFvpRudN895yqKW0= github.com/google/s2a-go v0.1.9/go.mod h1:YA0Ei2ZQL3acow2O62kdp9UlnvMmU7kA6Eutn0dXayM= @@ -290,11 +290,11 @@ github.com/olekukonko/tablewriter v0.0.1/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXW github.com/olekukonko/tablewriter v0.0.2/go.mod h1:rSAaSIOAGT9odnlyGlUfAJaoc5w2fSBUmeGDbRWPxyQ= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo/v2 v2.23.3 h1:edHxnszytJ4lD9D5Jjc4tiDkPBZ3siDeJJkUZJJVkp0= -github.com/onsi/ginkgo/v2 v2.23.3/go.mod h1:zXTP6xIp3U8aVuXN8ENK9IXRaTjFnpVB9mGmaSRvxnM= +github.com/onsi/ginkgo/v2 v2.23.4 h1:ktYTpKJAVZnDT4VjxSbiBenUjmlL/5QkBEocaWXiQus= +github.com/onsi/ginkgo/v2 v2.23.4/go.mod h1:Bt66ApGPBFzHyR+JO10Zbt0Gsp4uWxu5mIOTusL46e8= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= -github.com/onsi/gomega v1.36.3 h1:hID7cr8t3Wp26+cYnfcjR6HpJ00fdogN6dqZ1t6IylU= -github.com/onsi/gomega v1.36.3/go.mod h1:8D9+Txp43QWKhM24yyOBEdpkzN8FvJyAwecBgsU4KU0= +github.com/onsi/gomega v1.37.0 h1:CdEG8g0S133B4OswTDC/5XPSzE1OeP29QOioj2PID2Y= +github.com/onsi/gomega v1.37.0/go.mod h1:8D9+Txp43QWKhM24yyOBEdpkzN8FvJyAwecBgsU4KU0= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= @@ -304,6 +304,8 @@ github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prashantv/gostub v1.1.0 h1:BTyx3RfQjRHnUWaGF9oQos79AlQ5k8WNktv7VGvVH4g= +github.com/prashantv/gostub v1.1.0/go.mod h1:A5zLQHz7ieHGG7is6LLXLz7I8+3LZzsrV0P1IAHhP5U= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= @@ -398,6 +400,8 @@ go.opentelemetry.io/otel/trace v1.34.0/go.mod h1:Svm7lSjQD7kG7KJ/MUHPVXSDGz2OX4h go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= +go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs= +go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4= go.uber.org/multierr v1.4.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4= @@ -413,8 +417,8 @@ golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= -golang.org/x/crypto v0.36.0 h1:AnAEvhDddvBdpY+uR+MyHmuZzzNqXSe/GvuDeob5L34= -golang.org/x/crypto v0.36.0/go.mod h1:Y4J0ReaxCR1IMaabaSMugxJES1EpwhBHhv2bDHklZvc= +golang.org/x/crypto v0.37.0 h1:kJNSjF/Xp7kU0iB2Z+9viTPMW4EqqsrywMXLJOOsXSE= +golang.org/x/crypto v0.37.0/go.mod h1:vg+k43peMZ0pUMhYmVAWysMK35e6ioLh3wB8ZCAfbVc= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -498,8 +502,8 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.12.0 h1:MHc5BpPuC30uJk597Ri8TV3CNZcTLu6B6z4lJy+g6Jw= -golang.org/x/sync v0.12.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= +golang.org/x/sync v0.13.0 h1:AauUjRAJ9OSnvULf/ARrrVywoJDy0YS2AwQ98I37610= +golang.org/x/sync v0.13.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -540,18 +544,18 @@ golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik= -golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= +golang.org/x/sys v0.32.0 h1:s77OFDvIQeibCmezSnk/q6iAfkdiQaJi4VzroCFrN20= +golang.org/x/sys v0.32.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= -golang.org/x/term v0.30.0 h1:PQ39fJZ+mfadBm0y5WlL4vlM7Sx1Hgf13sMIY2+QS9Y= -golang.org/x/term v0.30.0/go.mod h1:NYYFdzHoI5wRh/h5tDMdMqCqPJZEuNqVR5xJLd/n67g= +golang.org/x/term v0.31.0 h1:erwDkOK1Msy6offm1mOgvspSkslFnIGsFnxOKoufg3o= +golang.org/x/term v0.31.0/go.mod h1:R4BeIy7D95HzImkxGkTW1UQTtP54tio2RyHz7PwK0aw= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY= -golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4= +golang.org/x/text v0.24.0 h1:dd5Bzh4yt5KYA8f9CJHCP4FB4D51c2c6JvN37xJJkJ0= +golang.org/x/text v0.24.0/go.mod h1:L8rBsPeo2pSS+xqN0d5u2ikmjtmoJbDBT1b7nHvFCdU= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= From 495e49904bba5c3659606c5c594d0cede15af400 Mon Sep 17 00:00:00 2001 From: Cosmin Cojocar Date: Mon, 7 Apr 2025 11:04:29 +0000 Subject: [PATCH 2/3] Fix all lint warnings after upgrading golangci-lint action Change-Id: I7b4162307ae0d6a1c9ec00b7127469c64ed93f64 Signed-off-by: Cosmin Cojocar --- .golangci.bck.yml | 54 +++++++++++++++++++++++++++ .golangci.yml | 76 +++++++++++++++++++++----------------- analyzer_test.go | 3 +- autofix/ai.go | 10 ++--- cmd/gosec/main.go | 16 ++++---- cmd/tlsconfig/tlsconfig.go | 2 +- config.go | 2 +- helpers.go | 8 ++-- report/formatter_test.go | 6 +-- 9 files changed, 120 insertions(+), 57 deletions(-) create mode 100644 .golangci.bck.yml diff --git a/.golangci.bck.yml b/.golangci.bck.yml new file mode 100644 index 0000000000..c11694cc14 --- /dev/null +++ b/.golangci.bck.yml @@ -0,0 +1,54 @@ +linters: + enable: + - asciicheck + - bodyclose + - copyloopvar + - dogsled + - durationcheck + - errcheck + - errorlint + - gci + - ginkgolinter + - gochecknoinits + - gofmt + - gofumpt + - goimports + - gosec + - gosimple + - govet + - importas + - ineffassign + - misspell + - nakedret + - nolintlint + - revive + - staticcheck + - testifylint + - typecheck + - unconvert + - unparam + - unused + - wastedassign + +linters-settings: + gci: + sections: + - standard + - default + - prefix(github.com/securego) + staticcheck: + checks: + - all + - '-SA1019' + + testifylint: + enable-all: true + + revive: + rules: + - name: dot-imports + disabled: true + - name: redefines-builtin-id + +run: + timeout: 5m diff --git a/.golangci.yml b/.golangci.yml index c11694cc14..171d33765d 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,3 +1,4 @@ +version: "2" linters: enable: - asciicheck @@ -5,50 +6,57 @@ linters: - copyloopvar - dogsled - durationcheck - - errcheck - errorlint - - gci - ginkgolinter - gochecknoinits - - gofmt - - gofumpt - - goimports - gosec - - gosimple - - govet - importas - - ineffassign - misspell - nakedret - nolintlint - revive - - staticcheck - testifylint - - typecheck - unconvert - unparam - - unused - wastedassign - -linters-settings: - gci: - sections: - - standard - - default - - prefix(github.com/securego) - staticcheck: - checks: - - all - - '-SA1019' - - testifylint: - enable-all: true - - revive: - rules: - - name: dot-imports - disabled: true - - name: redefines-builtin-id - -run: - timeout: 5m + settings: + revive: + rules: + - name: dot-imports + disabled: true + - name: redefines-builtin-id + staticcheck: + checks: + - all + - -SA1019 + testifylint: + enable-all: true + exclusions: + generated: lax + presets: + - comments + - common-false-positives + - legacy + - std-error-handling + paths: + - third_party$ + - builtin$ + - examples$ +formatters: + enable: + - gci + - gofmt + - gofumpt + - goimports + settings: + gci: + sections: + - standard + - default + - prefix(github.com/securego) + exclusions: + generated: lax + paths: + - third_party$ + - builtin$ + - examples$ diff --git a/analyzer_test.go b/analyzer_test.go index 3bec511c77..62a2361ba7 100644 --- a/analyzer_test.go +++ b/analyzer_test.go @@ -23,11 +23,12 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "golang.org/x/tools/go/packages" + "github.com/securego/gosec/v2" "github.com/securego/gosec/v2/analyzers" "github.com/securego/gosec/v2/rules" "github.com/securego/gosec/v2/testutils" - "golang.org/x/tools/go/packages" ) var _ = Describe("Analyzer", func() { diff --git a/autofix/ai.go b/autofix/ai.go index 875946c932..3535f7e2df 100644 --- a/autofix/ai.go +++ b/autofix/ai.go @@ -76,8 +76,8 @@ func (w *genAIGenerativeModelWrapper) GenerateContent(ctx context.Context, promp } // NewGenAIClient creates a new gemini API client. -func NewGenAIClient(ctx context.Context, aiApiKey, endpoint string) (GenAIClient, error) { - clientOptions := []option.ClientOption{option.WithAPIKey(aiApiKey)} +func NewGenAIClient(ctx context.Context, aiAPIKey, endpoint string) (GenAIClient, error) { + clientOptions := []option.ClientOption{option.WithAPIKey(aiAPIKey)} if endpoint != "" { clientOptions = append(clientOptions, option.WithEndpoint(endpoint)) } @@ -119,16 +119,16 @@ func generateSolutionByGemini(client GenAIClient, issues []*issue.Issue) error { } // GenerateSolution generates a solution for the given issues using the specified AI provider -func GenerateSolution(aiApiProvider, aiApiKey, endpoint string, issues []*issue.Issue) error { +func GenerateSolution(aiAPIProvider, aiAPIKey, endpoint string, issues []*issue.Issue) error { ctx, cancel := context.WithTimeout(context.Background(), timeout) defer cancel() var client GenAIClient - switch aiApiProvider { + switch aiAPIProvider { case GeminiProvider: var err error - client, err = NewGenAIClient(ctx, aiApiKey, endpoint) + client, err = NewGenAIClient(ctx, aiAPIKey, endpoint) if err != nil { return fmt.Errorf("generating autofix: %w", err) } diff --git a/cmd/gosec/main.go b/cmd/gosec/main.go index 211cff02b3..2753ea429a 100644 --- a/cmd/gosec/main.go +++ b/cmd/gosec/main.go @@ -61,7 +61,7 @@ USAGE: ` // Environment variable for AI API key. - aiApiKeyEnv = "GOSEC_AI_API_KEY" // #nosec G101 + aiAPIKeyEnv = "GOSEC_AI_API_KEY" // #nosec G101 ) type arrayFlags []string @@ -154,10 +154,10 @@ var ( flagTerse = flag.Bool("terse", false, "Shows only the results and summary") // AI platform provider to generate solutions to issues - flagAiApiProvider = flag.String("ai-api-provider", "", "AI API provider to generate auto fixes to issues.\nValid options are: gemini") + flagAiAPIProvider = flag.String("ai-api-provider", "", "AI API provider to generate auto fixes to issues.\nValid options are: gemini") // key to implementing AI provider services - flagAiApiKey = flag.String("ai-api-key", "", "Key to access the AI API") + flagAiAPIKey = flag.String("ai-api-key", "", "Key to access the AI API") // endpoint to the AI provider flagAiEndpoint = flag.String("ai-endpoint", "", "Endpoint AI API.\nThis is optional, the default API endpoint will be used when not provided.") @@ -504,12 +504,12 @@ func main() { reportInfo := gosec.NewReportInfo(issues, metrics, errors).WithVersion(Version) // Call AI request to solve the issues - aiApiKey := os.Getenv(aiApiKeyEnv) - if aiApiKeyEnv == "" { - aiApiKey = *flagAiApiKey + aiAPIKey := os.Getenv(aiAPIKeyEnv) + if aiAPIKeyEnv == "" { + aiAPIKey = *flagAiAPIKey } - if *flagAiApiProvider != "" && aiApiKey != "" { - err := autofix.GenerateSolution(*flagAiApiProvider, aiApiKey, *flagAiEndpoint, issues) + if *flagAiAPIProvider != "" && aiAPIKey != "" { + err := autofix.GenerateSolution(*flagAiAPIProvider, aiAPIKey, *flagAiEndpoint, issues) if err != nil { logger.Print(err) } diff --git a/cmd/tlsconfig/tlsconfig.go b/cmd/tlsconfig/tlsconfig.go index 096fecd2d4..16c7189a07 100644 --- a/cmd/tlsconfig/tlsconfig.go +++ b/cmd/tlsconfig/tlsconfig.go @@ -108,7 +108,7 @@ func getGoCipherConfig(name string, sstls ServerSideTLSJson) (goCipherConfigurat cipherConf.MinVersion = fmt.Sprintf("0x%04x", versions[0]) cipherConf.MaxVersion = fmt.Sprintf("0x%04x", versions[len(versions)-1]) } else { - return cipherConf, fmt.Errorf("No TLS versions found for configuration '%s'", name) + return cipherConf, fmt.Errorf("no TLS versions found for configuration '%s'", name) } return cipherConf, nil } diff --git a/config.go b/config.go index 9cbb7a7134..fc355d8ff3 100644 --- a/config.go +++ b/config.go @@ -95,7 +95,7 @@ func (c Config) WriteTo(w io.Writer) (int64, error) { func (c Config) Get(section string) (interface{}, error) { settings, found := c[section] if !found { - return nil, fmt.Errorf("Section %s not in configuration", section) + return nil, fmt.Errorf("section %s not in configuration", section) } return settings, nil } diff --git a/helpers.go b/helpers.go index 1089f52c0f..33e2b4a0d8 100644 --- a/helpers.go +++ b/helpers.go @@ -83,7 +83,7 @@ func GetInt(n ast.Node) (int64, error) { if node, ok := n.(*ast.BasicLit); ok && node.Kind == token.INT { return strconv.ParseInt(node.Value, 0, 64) } - return 0, fmt.Errorf("Unexpected AST node type: %T", n) + return 0, fmt.Errorf("unexpected AST node type: %T", n) } // GetFloat will read and return a float value from an ast.BasicLit @@ -91,7 +91,7 @@ func GetFloat(n ast.Node) (float64, error) { if node, ok := n.(*ast.BasicLit); ok && node.Kind == token.FLOAT { return strconv.ParseFloat(node.Value, 64) } - return 0.0, fmt.Errorf("Unexpected AST node type: %T", n) + return 0.0, fmt.Errorf("unexpected AST node type: %T", n) } // GetChar will read and return a char value from an ast.BasicLit @@ -99,7 +99,7 @@ func GetChar(n ast.Node) (byte, error) { if node, ok := n.(*ast.BasicLit); ok && node.Kind == token.CHAR { return node.Value[0], nil } - return 0, fmt.Errorf("Unexpected AST node type: %T", n) + return 0, fmt.Errorf("unexpected AST node type: %T", n) } // GetStringRecursive will recursively walk down a tree of *ast.BinaryExpr. It will then concat the results, and return. @@ -142,7 +142,7 @@ func GetString(n ast.Node) (string, error) { return strconv.Unquote(node.Value) } - return "", fmt.Errorf("Unexpected AST node type: %T", n) + return "", fmt.Errorf("unexpected AST node type: %T", n) } // GetCallObject returns the object and call expression and associated diff --git a/report/formatter_test.go b/report/formatter_test.go index ada971990f..ad4d9fc8ab 100644 --- a/report/formatter_test.go +++ b/report/formatter_test.go @@ -51,9 +51,9 @@ func createReportInfo(rule string, weakness *cwe.Weakness) gosec.ReportInfo { } func stripString(str string) string { - ret := strings.Replace(str, "\n", "", -1) - ret = strings.Replace(ret, " ", "", -1) - ret = strings.Replace(ret, "\t", "", -1) + ret := strings.ReplaceAll(str, "\n", "") + ret = strings.ReplaceAll(ret, " ", "") + ret = strings.ReplaceAll(ret, "\t", "") return ret } From 32788909c734b73b60922b3923628499610f54c9 Mon Sep 17 00:00:00 2001 From: Cosmin Cojocar Date: Mon, 7 Apr 2025 11:05:50 +0000 Subject: [PATCH 3/3] Remove the backup file Change-Id: I37ce06a6e2f4d5dd20d3cee554ac1d3041e34a8d Signed-off-by: Cosmin Cojocar --- .golangci.bck.yml | 54 ----------------------------------------------- 1 file changed, 54 deletions(-) delete mode 100644 .golangci.bck.yml diff --git a/.golangci.bck.yml b/.golangci.bck.yml deleted file mode 100644 index c11694cc14..0000000000 --- a/.golangci.bck.yml +++ /dev/null @@ -1,54 +0,0 @@ -linters: - enable: - - asciicheck - - bodyclose - - copyloopvar - - dogsled - - durationcheck - - errcheck - - errorlint - - gci - - ginkgolinter - - gochecknoinits - - gofmt - - gofumpt - - goimports - - gosec - - gosimple - - govet - - importas - - ineffassign - - misspell - - nakedret - - nolintlint - - revive - - staticcheck - - testifylint - - typecheck - - unconvert - - unparam - - unused - - wastedassign - -linters-settings: - gci: - sections: - - standard - - default - - prefix(github.com/securego) - staticcheck: - checks: - - all - - '-SA1019' - - testifylint: - enable-all: true - - revive: - rules: - - name: dot-imports - disabled: true - - name: redefines-builtin-id - -run: - timeout: 5m