Enable gosec linter for golangci-lint #6669
Conversation
|
Hi @henry118. Thanks for your PR. I'm waiting for a containerd member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
Build succeeded.
|
| disable: | ||
| - errcheck | ||
|
|
||
| issues: |
There was a problem hiding this comment.
- How about putting them in the gosec section? We don't have to rely on the textual representation of the errors. https://golangci-lint.run/usage/linters/#gosec
- Are they all irrelevant for this project, or should be addressed later? It would be better to add some context.
There was a problem hiding this comment.
Good point. I made suggested changes in the new version.
As to the excluded issues, they are not related to G601: Implicit memory aliasing in for loop.
Can we cut new tickets to address them separately one by one? as there are many of them. I am happy to take the ownership of it :)
|
Build succeeded.
|
kzys
left a comment
kzys
left a comment
There was a problem hiding this comment.
Looks good to me. Can you include the pull request description (or its excerpt) in the commit message itself?
`gosec` linter is able to identify issues described in containerd#6584 e.g. $ git revert 54e95e6 [gosec dfc8ca1ec] Revert "fix Implicit memory aliasing in for loop" 2 files changed, 2 deletions(-) $ make check + proto-fmt + check GOGC=75 golangci-lint run containerstore.go:192:54: G601: Implicit memory aliasing in for loop. (gosec) containers = append(containers, containerFromProto(&container)) ^ image_store.go:132:42: G601: Implicit memory aliasing in for loop. (gosec) images = append(images, imageFromProto(&image)) ^ make: *** [check] Error 1 I also disabled following two settings which prevent the linter to show a complete list of issues. * max-issues-per-linter (default 50) * max-same-issues (default 3) Furthermore enabling gosec revealed many other issues. For now I blacklisted the ones except G601. Will create separate tasks to address them one by one moving next. Signed-off-by: Henry Wang <[email protected]>
Updated |
|
Build succeeded.
|
4 participants
Fixes: #6584
goseclinter is able to identify issues described in #6584e.g.
I also disabled following two settings which prevents the linter to show a complete list of issues.
max-issues-per-linter (default 50)max-same-issues (default 3)Furthermore enabling
gosecreveals many other issues. For now I blacklisted the ones exceptG601. Maybe we can create tasks to address them one by one moving forward?Signed-off-by: Henry Wang [email protected]