64 lines
1.9 KiB
YAML
64 lines
1.9 KiB
YAML
linters:
|
|
disable-all: true
|
|
enable:
|
|
- errcheck
|
|
- gofmt
|
|
- gosec
|
|
- gosimple
|
|
- govet
|
|
- ineffassign
|
|
- misspell
|
|
- nolintlint
|
|
- sqlclosecheck
|
|
- typecheck
|
|
- unconvert
|
|
- unparam
|
|
- unused
|
|
- wastedassign
|
|
linters-settings:
|
|
errcheck:
|
|
exclude-functions:
|
|
- (net/http.ResponseWriter).Write
|
|
- (net.Conn).Write
|
|
- encoding/binary.Write
|
|
- io.Write
|
|
- net/http.Write
|
|
- os.Remove
|
|
- github.com/miekg/dns.WriteMsg
|
|
gosimple:
|
|
# S1029: Range over the string directly
|
|
checks: ["all", "-S1029"]
|
|
govet:
|
|
enable-all: true
|
|
disable:
|
|
- fieldalignment
|
|
- shadow
|
|
settings:
|
|
printf:
|
|
funcs:
|
|
- (github.com/letsencrypt/boulder/log.Logger).Errf
|
|
- (github.com/letsencrypt/boulder/log.Logger).Warningf
|
|
- (github.com/letsencrypt/boulder/log.Logger).Infof
|
|
- (github.com/letsencrypt/boulder/log.Logger).Debugf
|
|
- (github.com/letsencrypt/boulder/log.Logger).AuditInfof
|
|
- (github.com/letsencrypt/boulder/log.Logger).AuditErrf
|
|
- (github.com/letsencrypt/boulder/ocsp/responder).SampledError
|
|
- (github.com/letsencrypt/boulder/web.RequestEvent).AddError
|
|
gosec:
|
|
excludes:
|
|
# TODO: Identify, fix, and remove violations of most of these rules
|
|
- G101 # Potential hardcoded credentials
|
|
- G102 # Binds to all network interfaces
|
|
- G107 # Potential HTTP request made with variable url
|
|
- G201 # SQL string formatting
|
|
- G202 # SQL string concatenation
|
|
- G306 # Expect WriteFile permissions to be 0600 or less
|
|
- G401 # Use of weak cryptographic primitive
|
|
- G402 # TLS InsecureSkipVerify set true.
|
|
- G403 # RSA keys should be at least 2048 bits
|
|
- G404 # Use of weak random number generator (math/rand instead of crypto/rand)
|
|
nolintlint:
|
|
allow-unused: false
|
|
require-explanation: true
|
|
require-specific: true
|