* wip
more
add new files
run command fixes
more
* go.mod
* order
* same package
* review comment
* enable linter in .golangci.yml
* add testcase for default-signifies-exhaustive: true
* adjust runGoErrchk instead
* disable the linter
* cleanup
* more cleanup
* cleanup
* add ability to set issue severity for out formats that support it based on severity rules
* fix lint issues
* change log child name
* code climate omit severity if empty
* add tests for severity rules, add support for case sensitive rules, fix lint issues, better doc comments, share processor test
* deduplicated rule logic into a base rule that can be used by multiple rule types, moved severity config to it's own parent key named severity, reduced size of NewRunner function to make it easier to read
* put validate function under base rule struct
* better validation error wording
* add Fingerprint and Description methods to Issue struct, made codeclimate reporter easier to read, checkstyle output is now pretty printed
* build(deps): bump github.com/go-critic/go-critic from 0.4.1 to 0.4.3
Bumps [github.com/go-critic/go-critic](https://github.com/go-critic/go-critic) from 0.4.1 to 0.4.3.
- [Release notes](https://github.com/go-critic/go-critic/releases)
- [Commits](https://github.com/go-critic/go-critic/compare/v0.4.1...v0.4.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Disable unnecessaryDefer from go-critic due to false positive
* Disable by regex, not check
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Simon Sawert <simon@sawert.se>
* bump gomodguard version which adds a new feature to allow blocking modules based on version constraints
* add description why you may want to use gomodguard over depguard, updated example config and add a section the contributor doc page to remind people to update the example config
When raising #1062 I noted that the gosec dependency had been upgraded to v2,
but needed to be pulled from `master` due to some issues with the v2.2.0 tagged
release. That was tracked in https://github.com/securego/gosec/issues/470.
They've since cut v2.3.0, so let's update to that tagged release before we
release a new version of golangci-lint.
Ensure that `unused` is always the last
in execution order. It can speed up packages loading
a bit.
Refactor enabled linters set to remove extra logging.
Relates: #944
The primary improvement is in early clearing of
analyzed package's TypeInfo, facts, etc for
whole program analyzers (`unused`). Clear it when it
becomes unused and GC collects them early. Initially this
clearing was performed for all analyzers except `unused`.
Update staticcheck from v0.0.1-2019.2.3 to v0.0.1-2020.1.4
Also in this commit:
* speed up loading packages from export data (2.5s -> 2.1s for std)
by not using mutex for export data since it was allowed in
x/tools#07722704da13
* make an order of execution of linters stable
* update renameio and robustio
* use robustio in caching
Relates: #987, #994, #995, #1011
This change updates the `gosec` linter to its v2 version. It seems like v2
maintained API compatibility for the functionality we use, so we only needed to
update the dependency and imports.
Please note, this does not use a tagged version of `gosec` and instead is the
latest `master` commit due to this issue: https://github.com/securego/gosec/issues/470.
Once this issue is resolved we should update `gosec` to a tagged release.
This also adds a line to the `.gitignore` file, to ignore the `.test` output
files that get generated by `go test`. This could accidentally get left behind,
so no use committing binary files.
Fixes#1052
