Integrate GolangCI-Lint #658
Labels
Comments
hanzei
added
Help Wanted
|
Hi again! Then can I do this one? |
|
All yours 👍 |
hanzei
removed
the
Up For Grabs
|
Hey @carantunes, I just want to check how you are doing with the ticket. Do you have any questions? |
hanzei
added
the
Up For Grabs
|
Making this available for the public agian |
|
I'm sorry for my absence, I've been quite busy with work. I did however start a PR (just pushed it), there's are quite a lot of fixes to be done still. I'm working on it, and will ask you some question about the more tricky ones. |
|
There are a lot of gosec warning which I believe will be the more tricky. Should I just #nosec? A sample: server/expvar/endpoint_test.go:67:7: G404: Use of weak random number generator (math/rand instead of crypto/rand) (gosec)
r := rand.New(rand.NewSource(time.Now().UnixNano()))
^
server/utils/kvstore/hashed_key.go:7:2: G501: Blocklisted import crypto/md5: weak cryptographic primitive (gosec)
"crypto/md5"
^
server/utils/kvstore/hashed_key.go:76:7: G401: Use of weak cryptographic primitive (gosec)
h := md5.New()
^
server/http.go:47:2: G101: Potential hardcoded credentials (gosec)
routeACUserRedirectWithToken = "/ac/user_redirect.html"
^
server/kv.go:7:2: G501: Blocklisted import crypto/md5: weak cryptographic primitive (gosec)
"crypto/md5"
^
server/kv.go:89:7: G401: Use of weak cryptographic primitive (gosec)
h := md5.New()
^
server/kv.go:95:7: G401: Use of weak cryptographic primitive (gosec)
h := md5.New()
^
server/kv.go:370:20: G403: RSA keys should be at least 2048 bits (gosec)
newRSAKey, err = rsa.GenerateKey(rand.Reader, 1024)
^
server/stats.go:4:2: G501: Blocklisted import crypto/md5: weak cryptographic primitive (gosec)
"crypto/md5"
^
server/stats.go:96:8: G404: Use of weak random number generator (math/rand instead of crypto/rand) (gosec)
r := rand.New(rand.NewSource(time.Now().UnixNano()))
^
server/command_test.go:299:22: G403: RSA keys should be at least 2048 bits (gosec)
conf.rsaKey, _ = rsa.GenerateKey(rand.Reader, 1024)
^
server/http_test.go:104:18: G601: Implicit memory aliasing in for loop. (gosec)
foundSub = &savedSub
^
server/jira_test_util_test.go:29:19: G601: Implicit memory aliasing in for loop. (gosec)
ret.Channel.add(&sub)
^
|
hanzei
removed
the
Up For Grabs
|
@carantunes Awesome, thanks for pushing that PR 👍 Yes, the |
hanzei
added a commit
that referenced
this issue
Feb 1, 2021
Co-authored-by: Hanzei <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Mattermost is currently in the process of using
golangci-lintas the default linter for all go projects. mattermost-community/mattermost-plugin-autolink#108 serves as an example of how the migration should look like:.golangci.ymlfrom https://github.com/mattermost/mattermost-plugin-autolink/ into this repository.Makefilefrom https://github.com/mattermost/mattermost-plugin-autolink/ into this repository.build/from https://github.com/mattermost/mattermost-plugin-autolink/ into this repository.go mod tidyandmake distto ensure the build system works fine.linters-settings.goimports.local-prefixesto the go module path i.e. github.com/mattermost/mattermost-plugin-aws-SNS.make golangci-lintand fix all issues that arise.Fixing an linter issue is sometimes trivial but can also be quite complicated. There might be cases, where ignoring an issue using
issues.exclude-rulesis needed. If you don't know how to resolve an error, please reach out to@hanzeion the Mattermost Community Server or ask the question here.The text was updated successfully, but these errors were encountered: