Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump golangci to get the latest lints & fix lints #984

Merged
merged 2 commits into from
Aug 26, 2021
Merged

Bump golangci to get the latest lints & fix lints #984

merged 2 commits into from
Aug 26, 2021

Conversation

shhdgit
Copy link
Member

@shhdgit shhdgit commented Aug 23, 2021
edited
Loading

According to exclude-use-default at golangci-lint, I re-include EXC0006, EXC0007, EXC0008, EXC0009, EXC0010.

@ti-chi-bot
Copy link
Member

ti-chi-bot commented Aug 23, 2021
edited
Loading

[REVIEW NOTIFICATION]

This pull request has been approved by:

  • breeswish

To complete the pull request process, please ask the reviewers in the list to review by filling /cc @reviewer in the comment.
After your PR has acquired the required number of LGTMs, you can assign this pull request to the committer in the list by filling /assign @committer in the comment to help you merge this pull request.

The full list of commands accepted by this bot can be found here.

Reviewer can indicate their review by submitting an approval review.
Reviewer can cancel approval by submitting a request changes review.

breezewish
breezewish reviewed Aug 23, 2021
View reviewed changes
Copy link
Member

@breezewish breezewish left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Generally great!

.golangci.yml
@@ -10,6 +10,14 @@ linters-settings:
golint:
min-confidence: 0

issues:
include:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it possible to always include all?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it still makes sense for some low risk issues to be excluded. Is it possible to get the security team to audit low risk issues instead of add gosec tag?

pkg/apiserver/diagnose/report.go
@@ -2150,11 +2150,7 @@ func GetClusterHardwareInfoTable(startTime, endTime string, db *gorm.DB) (TableD
if !ok {
m[s] = &hardWare{s, map[string]int{row[1]: 1}, make(map[string]int), 0, make(map[string]float64), ""}
}
if _, ok := m[s].Type[row[1]]; ok {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Smart linter...

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

すげー😲

pkg/apiserver/logsearch/task.go Show resolved Hide resolved
pkg/apiserver/logsearch/task.go
@@ -260,7 +261,7 @@ func (t *Task) searchLog(client diagnosticspb.DiagnosticsClient, targetType diag
}
for _, msg := range res.Messages {
line := logMessageToString(msg)
_, err := bufWriter.Write(*(*[]byte)(unsafe.Pointer(&line)))
_, err := bufWriter.Write(*(*[]byte)(unsafe.Pointer(&line))) // #nosec
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ditto, this error is checked and why do we need nosec?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Every unsafe api invoke should use nosec tag... I'm wondering whether we need to turn on all gosec rules. Obviously, we know what we are doing when we use a specific api.

@shhdgit shhdgit requested a review from breezewish August 26, 2021 02:22
@breezewish
Copy link
Member

/merge

@ti-chi-bot
Copy link
Member

This pull request has been accepted and is ready to merge.

Commit hash: b1dc59c

@ti-chi-bot ti-chi-bot merged commit 95bf3b8 into pingcap:master Aug 26, 2021
shhdgit added a commit to shhdgit/tidb-dashboard that referenced this pull request Sep 2, 2021
@shhdgit
Bump golangci to get the latest lints & fix lints (pingcap#984)
44073a6
shhdgit added a commit that referenced this pull request Sep 2, 2021
@shhdgit @LINKIWI @dependabot
Release 2021.09.02.1 (#998) [skip pd_pr]
4bef8fa 
* feat(ui): add timezone information (#974)

* Fix endpoint scheme detection for TLS origination to PD (#977)

* build(deps): bump path-parse from 1.0.6 to 1.0.7 in /ui (#978)

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump path-parse from 1.0.6 to 1.0.7 in /ui/tests (#981)

* Bump golangci to get the latest lints & fix lints (#984)

* Ci cherry pick version (#989)

* chore: add distro translation (#995)

* chore: add distro translation

* fix: lowercase

* update: release version

Co-authored-by: LINKIWI <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@unbyte unbyte unbyte left review comments

@breezewish breezewish breezewish approved these changes

Assignees
No one assigned
Labels
status/can-merge status/LGT1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@shhdgit @ti-chi-bot @breezewish @unbyte