chore: use os.MkdirTemp instead of ioutil.TempDir

.github/workflows/build.yml

@@ -18,6 +18,9 @@ jobs:
         stable: 'false'
         go-version: '1.20.0' # The Go version to download (if necessary) and use.
     - run: go version
-
+
+    - name: Lint
+      run: make quality
+
     - name: Run test
       run: make test

.golangci.yml

@@ -0,0 +1,91 @@
+run:
+  timeout: 3m
+  go: 1.20
+  modules-download-mode: vendor
+
+linters:
+  disable-all: true
+  enable:
+    - asciicheck
+    - bidichk
+    - errcheck
+    - errchkjson
+    - gocritic
+    - gofmt
+    - goimports
+    - gosimple
+    - govet
+    - ineffassign
+    - nakedret
+    - misspell
+    - nolintlint
+    # - nlreturn
+    - reassign
+    - staticcheck
+    - typecheck
+    - unused
+    - unconvert
+    - unparam
+    - vet
+    - vetshadow
+    - wastedassign
+
+linters-settings:
+  gocritic:
+    # Disable all checks.
+    # Default: false
+    disable-all: true
+    # Which checks should be enabled in addition to default checks; can't be combined with 'disabled-checks'.
+    # By default, list of stable checks is used (https://go-critic.github.io/overview#checks-overview).
+    # To see which checks are enabled run `GL_DEBUG=gocritic golangci-lint run --enable=gocritic`.
+    enabled-checks:
+      # diagnostic
+      - appendCombine
+      - argOrder
+      - badCall
+      - badCond
+      - badLock
+      - badRegexp
+      - badSorting
+      - builtinShadowDecl
+      - caseOrder
+      - codegenComment
+      # - commentedOutCode
+      # - deferInLoop
+      - deprecatedComment
+      - dupArg
+      - dupBranchBody
+      - dupCase
+      - dupSubExpr
+      - dynamicFmtString
+      - emptyDecl
+      - equalFold
+      - evalOrder
+      - exitAfterDefer
+      - externalErrorReassign
+      - filepathJoin
+      - flagName
+      - hugeParam
+      - indexAlloc
+      - mapKey
+      - nilValReturn
+      - offBy1
+      - preferDecodeRune
+      - preferFprint
+      - preferStringWriter
+      - preferWriteByte
+      - rangeExprCopy
+      # - rangeValCopy
+      - regexpPattern
+      - sliceClear
+      - sloppyLen
+      # - sloppyReassign
+      - sloppyTypeAssert
+      - sortSlice
+      - sprintfQuotedString
+      - sqlQuery
+      - stringXbytes
+      - syncMapLoadAndDelete
+      - truncateCmp
+      - unnecessaryDefer
+      - weakCond

cmd/squealer/main.go

@@ -1,9 +1,10 @@
 package main
 
 import (
+	"os"
+
 	"github.com/owenrumney/squealer/internal/app/squealer/cmd"
 	log "github.com/sirupsen/logrus"
-	"os"
 )
 
 func main() {

internal/app/squealer/cmd/root.go

@@ -78,7 +78,7 @@ func squeal(_ *cobra.Command, args []string) error {
 
 func getScanner(cfg *config.Config, basePath string) (squealer.Scanner, error) {
 	scanner, err := squealer.New(
-		squealer.OptionWithConfig(*cfg),
+		squealer.OptionWithConfig(cfg),
 		squealer.OptionRedactedSecrets(redacted),
 		squealer.OptionNoGitScan(noGit),
 		squealer.OptionWithBasePath(basePath),

internal/pkg/match/matchers.go

@@ -112,7 +112,7 @@ func (mc *MatcherController) addTransgression(content *string, name string, matc
 		if matcher.entropy != "" {
 			inBounds, err := entropyCheck(m, matcher.entropy)
 			if err != nil {
-				log.Errorf("an error occured checking the entropy %s", err.Error())
+				log.Errorf("an error occurred checking the entropy %s", err.Error())
 				return
 			}
 			if !inBounds {

internal/pkg/match/transgression.go

@@ -22,7 +22,7 @@ type Transgression struct {
 	LineNo           int
 }
 
-func newTransgression(lineNo int, lineContent, filename, match, matchDescription, hash string, commit *object.Commit) Transgression {
+func newTransgression(lineNo int, lineContent, filename, match, matchDescription, hash string, commit *object.Commit) *Transgression {
 	content := strings.TrimSpace(lineContent)
 
 	commitHash := "-- not applicable --"
@@ -36,7 +36,7 @@ func newTransgression(lineNo int, lineContent, filename, match, matchDescription
 		when = commit.Committer.When.String()
 	}
 
-	return Transgression{
+	return &Transgression{
 		LineNo:           lineNo,
 		LineContent:      content,
 		Filename:         filename,
@@ -52,7 +52,7 @@ func newTransgression(lineNo int, lineContent, filename, match, matchDescription
 	}
 }
 
-func (t *Transgression) update(t2 Transgression) {
+func (t *Transgression) update(t2 *Transgression) {
 	t.Committer = t2.Committer
 	t.CommitterEmail = t2.CommitterEmail
 	t.CommitHash = t2.CommitHash

internal/pkg/match/transgression_map.go

@@ -16,11 +16,11 @@ func newTransgressions() *transgressionMap {
 	}
 }
 
-func (t *transgressionMap) add(key string, transgression Transgression) {
+func (t *transgressionMap) add(key string, transgression *Transgression) {
 	t.Lock()
 	existing := t.internal[key]
 	if existing == nil {
-		t.internal[key] = &transgression
+		t.internal[key] = transgression
 		t.counter += 1
 	} else {
 		existing.update(transgression)

internal/pkg/match/transgression_map_test.go

@@ -1,8 +1,9 @@
 package match
 
 import (
-	"github.com/stretchr/testify/assert"
 	"testing"
+
+	"github.com/stretchr/testify/assert"
 )
 
 func TestCreateTransgressionMap(t *testing.T) {
@@ -18,15 +19,15 @@ func TestAddItemToTransgressionMap(t *testing.T) {
 	assert.NotNil(t, tm)
 	assert.Equal(t, 0, tm.count())
 
-	tm.add("test1", Transgression{
+	tm.add("test1", &Transgression{
 		LineContent:     "testing",
 		Filename:        "",
 		Hash:            "",
 		Match:           "",
 		RedactedContent: "",
 	})
 
-	tm.add("test1", Transgression{
+	tm.add("test1", &Transgression{
 		LineContent:     "testing2",
 		Filename:        "",
 		Hash:            "",

internal/pkg/match/transgression_test.go

@@ -1,8 +1,9 @@
 package match
 
 import (
-	"github.com/stretchr/testify/assert"
 	"testing"
+
+	"github.com/stretchr/testify/assert"
 )
 
 func TestTransgressionUpdate(t *testing.T) {
@@ -14,7 +15,7 @@ func TestTransgressionUpdate(t *testing.T) {
 	assert.Equal(t, "2001-01-01", t1.Committed)
 	assert.Equal(t, "abcd", t1.CommitHash)
 
-	t1.update(t2)
+	t1.update(&t2)
 
 	assert.Equal(t, "Thom Thumb", t1.Committer)
 	assert.Equal(t, "[email protected]", t1.CommitterEmail)

internal/pkg/metrics/metrics_test.go

@@ -1,9 +1,10 @@
 package metrics
 
 import (
-	"github.com/stretchr/testify/assert"
 	"sync"
 	"testing"
+
+	"github.com/stretchr/testify/assert"
 )
 
 func TestConcurrentMetricUpdatesProcessed(t *testing.T) {

internal/pkg/scan/directory_scanner.go

@@ -16,11 +16,11 @@ type directoryScanner struct {
 	ignoreExtensions []string
 }
 
-func (d directoryScanner) GetType() ScannerType {
+func (d *directoryScanner) GetType() ScannerType {
 	return DirectoryScanner
 }
 
-func newDirectoryScanner(sc ScannerConfig) (*directoryScanner, error) {
+func newDirectoryScanner(sc *ScannerConfig) (*directoryScanner, error) {
 	if _, err := os.Stat(sc.Basepath); err != nil {
 		return nil, err
 	}
@@ -36,7 +36,7 @@ func newDirectoryScanner(sc ScannerConfig) (*directoryScanner, error) {
 	return scanner, nil
 }
 
-func (d directoryScanner) Scan() ([]match.Transgression, error) {
+func (d *directoryScanner) Scan() ([]match.Transgression, error) {
 	if err := filepath.Walk(d.workingDirectory, func(path string, info os.FileInfo, err error) error {
 		if err != nil {
 			return err
@@ -56,6 +56,6 @@ func (d directoryScanner) Scan() ([]match.Transgression, error) {
 	return d.mc.Transgressions(), nil
 }
 
-func (d directoryScanner) GetMetrics() *metrics.Metrics {
+func (d *directoryScanner) GetMetrics() *metrics.Metrics {
 	return d.metrics
 }

internal/pkg/scan/git_scanner.go

@@ -44,7 +44,7 @@ func (s *gitScanner) GetType() ScannerType {
 	return GitScanner
 }
 
-func newGitScanner(sc ScannerConfig) (*gitScanner, error) {
+func newGitScanner(sc *ScannerConfig) (*gitScanner, error) {
 	if strings.HasPrefix(sc.Basepath, "git@") || strings.HasPrefix(sc.Basepath, "https:") {
 	} else if _, err := os.Stat(sc.Basepath); err != nil {
 		return nil, err

internal/pkg/scan/scanner.go

@@ -38,7 +38,7 @@ type Scanner interface {
 	GetType() ScannerType
 }
 
-func NewScanner(sc ScannerConfig) (Scanner, error) {
+func NewScanner(sc *ScannerConfig) (Scanner, error) {
 	if sc.NoGit || notGit(sc.Basepath) {
 		log.Infof("Using a directory scanner to process %s\n", sc.Basepath)
 		return newDirectoryScanner(sc)

internal/pkg/scan/scanner_test.go

@@ -17,7 +17,7 @@ func TestNewScannerIsGitScanner(t *testing.T) {
 	dir := fmt.Sprintf("%s/.git", tempdir)
 	err := os.MkdirAll(dir, 0600)
 	require.NoError(t, err)
-	sc := ScannerConfig{
+	sc := &ScannerConfig{
 		Cfg:      config.DefaultConfig(),
 		Basepath: tempdir,
 	}
@@ -27,7 +27,7 @@ func TestNewScannerIsGitScanner(t *testing.T) {
 }
 
 func TestNewScannerIsDirectoryScanner(t *testing.T) {
-	sc := ScannerConfig{
+	sc := &ScannerConfig{
 		Cfg:      config.DefaultConfig(),
 		Basepath: "../../../test_resources",
 	}

pkg/config/default.go

@@ -3,7 +3,7 @@ package config
 func DefaultConfig() *Config {
 	return &Config{
 		Rules: []MatchRule{
-		{
+			{
 				Rule:        `(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}`,
 				Description: "Check for AWS Access Key Id",
 			},
@@ -20,7 +20,7 @@ func DefaultConfig() *Config {
 				Description: "Check for new Github Token",
 			},
 			{
-				Rule:        `xox[baprs]-([0-9a-zA-Z]{10,48})?`,
+				Rule: `xox[baprs]-([0-9a-zA-Z]{10,48})?`,
 			},
 			{
 				Rule:        `-----BEGIN ((EC|PGP|DSA|RSA|OPENSSH) )?PRIVATE KEY( BLOCK)?-----`,

pkg/squealer/option.go

@@ -4,9 +4,9 @@ import "github.com/owenrumney/squealer/pkg/config"
 
 type Option func(s *Scanner)
 
-func OptionWithConfig(config config.Config) Option {
+func OptionWithConfig(config *config.Config) Option {
 	return func(s *Scanner) {
-		s.config = &config
+		s.config = config
 	}
 }
 

pkg/squealer/scanner.go

@@ -34,7 +34,7 @@ func New(options ...Option) (*Scanner, error) {
 		opt(scanner)
 	}
 
-	s, err := scan.NewScanner(scan.ScannerConfig{
+	s, err := scan.NewScanner(&scan.ScannerConfig{
 		Cfg:            scanner.config,
 		Basepath:       scanner.basePath,
 		Redacted:       scanner.redacted,
@@ -52,10 +52,10 @@ func New(options ...Option) (*Scanner, error) {
 	return scanner, nil
 }
 
-func (s Scanner) Scan() ([]match.Transgression, error) {
+func (s *Scanner) Scan() ([]match.Transgression, error) {
 	return s.scanner.Scan()
 }
 
-func (s Scanner) GetMetrics() *metrics.Metrics {
+func (s *Scanner) GetMetrics() *metrics.Metrics {
 	return s.scanner.GetMetrics()
 }

tests/repo_test.go

@@ -3,14 +3,14 @@ package tests
 import (
 	"testing"
 
-	"github.com/stretchr/testify/require"
 	"github.com/owenrumney/squealer/internal/pkg/scan"
 	"github.com/owenrumney/squealer/pkg/config"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestRepoEndToEnd(t *testing.T) {
-	scanner, err := scan.NewScanner(scan.ScannerConfig{
+	scanner, err := scan.NewScanner(&scan.ScannerConfig{
 		Cfg:      config.DefaultConfig(),
 		Basepath: gitTestPath,
 		Redacted: true,
@@ -28,7 +28,7 @@ func TestRepoEndToEnd(t *testing.T) {
 }
 
 func TestDirEndToEnd(t *testing.T) {
-	scanner, err := scan.NewScanner(scan.ScannerConfig{
+	scanner, err := scan.NewScanner(&scan.ScannerConfig{
 		Cfg:      config.DefaultConfig(),
 		Basepath: dirTestPath,
 		Redacted: true,
@@ -46,7 +46,7 @@ func TestDirEndToEnd(t *testing.T) {
 }
 
 func TestRepoEndToEndWithEverything(t *testing.T) {
-	scanner, err := scan.NewScanner(scan.ScannerConfig{
+	scanner, err := scan.NewScanner(&scan.ScannerConfig{
 		Cfg:        config.DefaultConfig(),
 		Basepath:   gitTestPath,
 		Redacted:   true,