chore: bump golangci-lint to v2 (#2042)

2026-02-03 12:10:32 +00:00 · 2025-04-01 09:08:02 +02:00
parent ab1775afee
commit 1d91fa5d9b
8 changed files with 67 additions and 73 deletions
@@ -11,7 +11,7 @@ jobs:
  lint:
    runs-on: ubuntu-latest
    env:
-      GOLANGCI_LINT_VERSION: v1.61.0
+      GOLANGCI_LINT_VERSION: v2.0.2
    steps:
      - uses: actions/checkout@v4
@@ -21,7 +21,7 @@ jobs:
          go-version-file: 'go.mod'
          cache: true
      - name: Lint code
-        uses: golangci/golangci-lint-action@v6
+        uses: golangci/golangci-lint-action@v7
        with:
          version: ${{ env.GOLANGCI_LINT_VERSION }}
@@ -1,86 +1,86 @@
 version: "2"
 run:
  tests: false
  timeout: 5m
-linters-settings:
+formatters:
-  cyclop:
+  enable:
-    max-complexity: 12
+    - gci
-    skip-tests: true
+    - gofmt
-  errcheck:
+    - gofumpt
-    exclude-functions:
+    - goimports
-      - (*go.etcd.io/etcd/client/v3/concurrency.Mutex).Unlock
+  settings:
-      - (*go.etcd.io/etcd/client/v3/concurrency.Session).Close
+    gofumpt:
-  gofumpt:
+      extra-rules: true
-    extra-rules: true
+  exclusions:
    generated: lax
 linters:
-  enable-all: true
+  default: all
  disable:
-    - perfsprint # new
+    - cyclop
-    - testifylint # new
+    - depguard
-    - spancheck # new
+    - err113
-    - rowserrcheck # new
+    - errcheck
    - mnd # new
    - intrange # new
    - depguard # new
    - revive # new
    - errcheck # new
    - errchkjson
    - exhaustive
    - exhaustruct
-    - execinquery # deprecated
+    - forbidigo
    - exportloopref # deprecated
    - forcetypeassert
    - funlen
    - gochecknoglobals
    - gochecknoinits
    - gocognit
    - goconst
    - godox
-    - err113
+    - intrange
    - gomnd
    - ireturn
    - lll
    - mnd
    - musttag
    - nilnil
    - nlreturn
    - nonamedreturns
    - perfsprint
    - recvcheck
    - revive
    - rowserrcheck
    - spancheck
    - tagliatelle
    - testifylint
    - varnamelen
    - wrapcheck
    - wsl
-    - cyclop # TODO: turn this back on later
+  settings:
-    - gocognit # TODO: turn this back on later
+    cyclop:
-    - forbidigo # TODO: turn this back on later
+      max-complexity: 12
-
+    gosec:
-issues:
+      excludes:
-  exclude-use-default: false
+        - G204
-  exclude:
+        - G402
-    - "package-comments: should have a package comment"
+  exclusions:
-    - "ST1000: at least one file in a package should have a package comment"
+    generated: lax
-    - "G204: Subprocess launched with a potential tainted input or cmd arguments"
+    rules:
-    - "G204: Subprocess launched with variable"
+      - path: cmd/proxy/main.go
-    - "G402: TLS MinVersion too low."
+        text: 'G108: Profiling endpoint is automatically exposed on /debug/pprof'
-    - "const `op` is unused"
+      - linters:
-    - "G115: integer overflow conversion int -> int32"
+          - contextcheck
-  exclude-rules:
+        path: pkg/stash/stasher.go
-    - path: cmd/proxy/main.go
+      - linters:
-      text: "G108: Profiling endpoint is automatically exposed on /debug/pprof"
+          - bodyclose
-    - path: pkg/stash/stasher.go
+        path: pkg/stash/with_azureblob.go
-      linters:
+      - linters:
-        - contextcheck
+          - bodyclose
-    - path: pkg/stash/with_azureblob.go # False positive
+        path: pkg/storage/azureblob/azureblob.go
-      linters:
+      - linters:
-        - bodyclose
+          - gosec
-    - path: pkg/storage/azureblob/azureblob.go # False positive
+          - thelper
-      linters:
+        path: pkg/storage/compliance/*
-        - bodyclose
+      - linters:
-    - path: pkg/storage/compliance/*
+          - thelper
-      linters:
+        path: pkg/index/compliance/*
-        - thelper
+      - path: (.+)\.go$
-        - gosec
+        text: 'package-comments: should have a package comment'
-        - errcheck
+      - path: (.+)\.go$
-    - path: pkg/index/compliance/*
+        text: 'ST1000: at least one file in a package should have a package comment'
-      linters:
+      - path: (.+)\.go$
-        - thelper
+        text: 'G115: integer overflow conversion int -> int32'
        - gosec
        - errcheck
@@ -100,7 +100,6 @@ func (el *EnvList) Add(key, value string) {
 // See the below link for more information:
 // https://github.com/gomods/athens/issues/1404
 func (el *EnvList) Decode(value string) error {
 	const op errors.Op = "envList.Decode"
 	if value == "" {
 		return nil
 	}
@@ -20,7 +20,7 @@ type indexer struct {
 	lines []*index.Line
 }
-func (i *indexer) Index(ctx context.Context, mod, ver string) error {
+func (i *indexer) Index(_ context.Context, mod, ver string) error {
 	const op errors.Op = "mem.Index"
 	i.mu.Lock()
 	defer i.mu.Unlock()
@@ -37,8 +37,7 @@ func (i *indexer) Index(ctx context.Context, mod, ver string) error {
 	return nil
 }
-func (i *indexer) Lines(ctx context.Context, since time.Time, limit int) ([]*index.Line, error) {
+func (i *indexer) Lines(_ context.Context, since time.Time, limit int) ([]*index.Line, error) {
 	const op errors.Op = "mem.Lines"
 	lines := []*index.Line{}
 	var count int
 	i.mu.RLock()
@@ -5,7 +5,6 @@ import (
 	"net/url"
 	"strings"
 	"github.com/gomods/athens/pkg/errors"
 	"github.com/gomods/athens/pkg/module"
 	"github.com/gomods/athens/pkg/paths"
 	"github.com/gorilla/mux"
@@ -14,7 +13,6 @@ import (
 // NewFilterMiddleware builds a middleware function that implements the
 // filters configured in the filter file.
 func NewFilterMiddleware(mf *module.Filter, upstreamEndpoint string) mux.MiddlewareFunc {
 	const op errors.Op = "actions.NewFilterMiddleware"
 	return func(h http.Handler) http.Handler {
 		f := func(w http.ResponseWriter, r *http.Request) {
 			mod, err := paths.GetModule(r)
@@ -16,7 +16,6 @@ import (
 // NewValidationMiddleware builds a middleware function that performs validation checks by calling
 // an external webhook.
 func NewValidationMiddleware(client *http.Client, validatorHook string) mux.MiddlewareFunc {
 	const op errors.Op = "actions.NewValidationMiddleware"
 	return func(h http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			mod, err := paths.GetModule(r)
@@ -26,7 +26,6 @@ type checker struct {
 }
 func (c *checker) Exists(ctx context.Context, module, version string) (bool, error) {
 	const op errors.Op = "checker.Exists"
 	_, err := c.strg.Info(ctx, module, version)
 	if err != nil {
 		if errors.Is(err, errors.KindNotFound) {
@@ -156,8 +156,8 @@ func (s *Storage) upload(ctx context.Context, path string, stream io.Reader, fir
 	// We set this metadata only for the first of the three files uploaded,
 	// for use as a singleflight lock.
 	if first {
-		wc.ObjectAttrs.Metadata = make(map[string]string)
+		wc.Metadata = make(map[string]string)
-		wc.ObjectAttrs.Metadata["in_progress"] = "true"
+		wc.Metadata["in_progress"] = "true"
 	}
 	// NOTE: content type is auto detected on GCP side and ACL defaults to public