Update golangci-lint to latest version & tweaks

The latest golangci-lint version comes with two new detected issues, both of which we choose to silence here: 1) staticcheck: Deprecation of (crypto/x509).CertPool.Subjects(): This is still useful to us in the tests and there seems to be no good alternative (we use it merely to count the number of certs). 2) gosec: Potential integer overflow: This is a potentially useful check, but I didn't want to address this as part of this PR. https://github.com/ccoVeille/go-safecast might be useful for this (in fact it looks like it was inspired by the recent addition of this gosec rule). Additionally, change the Makefile to tell golangci-lint to emit all lints, as opposed to imposing its default limits. Those limits could actually be misleading, as it could e.g. lead to someone disabling lints without having seen all the reported issues. Signed-off-by: Carlo Teubner <[email protected]>
spiffe · Dec 20, 2024 · b7e4761 · b7e4761
1 parent 6928ff1
commit b7e4761
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 3 deletions.
diff --git a/.golangci.yml b/.golangci.yml
@@ -7,7 +7,11 @@ issues:
     - testdata$
     - test/mock
   exclude-files:
-    - ".*\\.pb\\.go"
+    - ".*\\.pb\\.go$"
+  exclude-rules:
+    - linters: [ staticcheck ]
+      path: ".*_test\\.go$"
+      text: "Subjects has been deprecated since Go 1\\.18.*Subjects will not include the system roots"
 
 linters:
   enable:
@@ -32,3 +36,6 @@ linters-settings:
     rules:
       - name: unused-parameter
         disabled: true
+  gosec:
+    excludes:
+      - G115 # "Potential integer overflow when converting between integer types"; TODO re-enable eventually
diff --git a/.spire-tool-versions b/.spire-tool-versions
@@ -1,3 +1,3 @@
-golangci_lint v1.60.1
+golangci_lint v1.62.2
 markdown_lint v0.37.0
 protoc 24.4
diff --git a/Makefile b/Makefile
@@ -403,7 +403,7 @@ endif
 lint: lint-code lint-md
 
 lint-code: $(golangci_lint_bin)
-	$(E)PATH="$(go_bin_dir):$(PATH)" GOLANGCI_LINT_CACHE="$(golangci_lint_cache)" $(golangci_lint_bin) run ./...
+	$(E)PATH="$(go_bin_dir):$(PATH)" GOLANGCI_LINT_CACHE="$(golangci_lint_cache)" $(golangci_lint_bin) run --max-issues-per-linter=0 --max-same-issues=0 ./...
 
 lint-md:
 	$(E)docker run --rm -v "$(DIR):/workdir" $(markdown_lint_image) "**/*.md"