* build(deps): bump github.com/go-critic/go-critic from 0.4.1 to 0.4.3
Bumps [github.com/go-critic/go-critic](https://github.com/go-critic/go-critic) from 0.4.1 to 0.4.3.
- [Release notes](https://github.com/go-critic/go-critic/releases)
- [Commits](https://github.com/go-critic/go-critic/compare/v0.4.1...v0.4.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Disable unnecessaryDefer from go-critic due to false positive
* Disable by regex, not check
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Simon Sawert <simon@sawert.se>
* bump gomodguard version which adds a new feature to allow blocking modules based on version constraints
* add description why you may want to use gomodguard over depguard, updated example config and add a section the contributor doc page to remind people to update the example config
When raising #1062 I noted that the gosec dependency had been upgraded to v2,
but needed to be pulled from `master` due to some issues with the v2.2.0 tagged
release. That was tracked in https://github.com/securego/gosec/issues/470.
They've since cut v2.3.0, so let's update to that tagged release before we
release a new version of golangci-lint.
Ensure that `unused` is always the last
in execution order. It can speed up packages loading
a bit.
Refactor enabled linters set to remove extra logging.
Relates: #944
The primary improvement is in early clearing of
analyzed package's TypeInfo, facts, etc for
whole program analyzers (`unused`). Clear it when it
becomes unused and GC collects them early. Initially this
clearing was performed for all analyzers except `unused`.
Update staticcheck from v0.0.1-2019.2.3 to v0.0.1-2020.1.4
Also in this commit:
* speed up loading packages from export data (2.5s -> 2.1s for std)
by not using mutex for export data since it was allowed in
x/tools#07722704da13
* make an order of execution of linters stable
* update renameio and robustio
* use robustio in caching
Relates: #987, #994, #995, #1011
This change updates the `gosec` linter to its v2 version. It seems like v2
maintained API compatibility for the functionality we use, so we only needed to
update the dependency and imports.
Please note, this does not use a tagged version of `gosec` and instead is the
latest `master` commit due to this issue: https://github.com/securego/gosec/issues/470.
Once this issue is resolved we should update `gosec` to a tagged release.
This also adds a line to the `.gitignore` file, to ignore the `.test` output
files that get generated by `go test`. This could accidentally get left behind,
so no use committing binary files.
Fixes#1052
full diff: https://github.com/dominikh/go-tools/compare/2019.2.3...2020.1.3
Also updates tests to accomodate updated rules:
--- FAIL: TestSourcesFromTestdataWithIssuesDir/staticcheck.go (0.43s)
linters_test.go:137: [run --disable-all --print-issued-lines=false --print-linter-name=false --out-format=line-number --max-same-issues=10 -Estaticcheck --no-config testdata/staticcheck.go]
linters_test.go:33:
Error Trace: linters_test.go:33
linters_test.go:138
linters_test.go:53
Error: Received unexpected error:
staticcheck.go:11: no match for `self-assignment of x to x` vs ["SA4006: this value of `x` is never used"] in:
staticcheck.go:11:2: SA4006: this value of `x` is never used
unmatched errors
staticcheck.go:11:2: SA4006: this value of `x` is never used
Test: TestSourcesFromTestdataWithIssuesDir/staticcheck.go
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Update to latest x/tools (2020/01/19).
Fixes#893
* Initialize vet analyzers as unexportd global vars.
Fixes#915
* Support testing Go 1.14beta1.
* ci: reset go.mod and go.sum before generated diff check
* Update to latest x/tools (2020/02/04)
Co-authored-by: Aleksandr Razumov <ar@gortc.io>
