mirror of
https://github.com/ossf/scorecard.git
synced 2024-08-15 11:20:30 +03:00
* add basic probe registration function Signed-off-by: Spencer Schrock <sschrock@google.com> * ignore probes which call init to register the probe Signed-off-by: Spencer Schrock <sschrock@google.com> * redefine probeimpl to avoid circular imports Signed-off-by: Spencer Schrock <sschrock@google.com> * register all probes Signed-off-by: Spencer Schrock <sschrock@google.com> * experiment with a probe struct Signed-off-by: Spencer Schrock <sschrock@google.com> * make check name constants Signed-off-by: Spencer Schrock <sschrock@google.com> * convert branch protection probes Signed-off-by: Spencer Schrock <sschrock@google.com> * convert binary artifact probes Signed-off-by: Spencer Schrock <sschrock@google.com> * convert cii probe Signed-off-by: Spencer Schrock <sschrock@google.com> * convert ci test probe Signed-off-by: Spencer Schrock <sschrock@google.com> * convert code review probes Signed-off-by: Spencer Schrock <sschrock@google.com> * convert contributor probe Signed-off-by: Spencer Schrock <sschrock@google.com> * convert dangerous workflow probe Signed-off-by: Spencer Schrock <sschrock@google.com> * convert dep update tool probes Signed-off-by: Spencer Schrock <sschrock@google.com> * convert fuzzing probes Signed-off-by: Spencer Schrock <sschrock@google.com> * convert license probes Signed-off-by: Spencer Schrock <sschrock@google.com> * convert maintained probes Signed-off-by: Spencer Schrock <sschrock@google.com> * convert packaging probe Signed-off-by: Spencer Schrock <sschrock@google.com> * convert sast probes Signed-off-by: Spencer Schrock <sschrock@google.com> * convert security policy probes Signed-off-by: Spencer Schrock <sschrock@google.com> * convert signed releases probes Signed-off-by: Spencer Schrock <sschrock@google.com> * convert vuln probe Signed-off-by: Spencer Schrock <sschrock@google.com> * try using probe registration data Signed-off-by: Spencer Schrock <sschrock@google.com> * blank import unused probe Signed-off-by: Spencer Schrock <sschrock@google.com> * add uncategorized group Signed-off-by: Spencer Schrock <sschrock@google.com> * ensure All list is up-to-date Signed-off-by: Spencer Schrock <sschrock@google.com> * add reason behind uncategorized group Signed-off-by: Spencer Schrock <sschrock@google.com> * fix linter yaml parse error Signed-off-by: Spencer Schrock <sschrock@google.com> * fix linter Signed-off-by: Spencer Schrock <sschrock@google.com> * add webhook data Signed-off-by: Spencer Schrock <sschrock@google.com> * convert probe registration to Must pattern Signed-off-by: Spencer Schrock <sschrock@google.com> * add registration for new probes Signed-off-by: Spencer Schrock <sschrock@google.com> * add missing license header Signed-off-by: Spencer Schrock <sschrock@google.com> * revert changing wrapcheck linter config Signed-off-by: Spencer Schrock <sschrock@google.com> * use error func which doesnt need wrapped Signed-off-by: Spencer Schrock <sschrock@google.com> * add test for probe registration Signed-off-by: Spencer Schrock <sschrock@google.com> * restore trailing newline Signed-off-by: Spencer Schrock <sschrock@google.com> * order probe category list Signed-off-by: Spencer Schrock <sschrock@google.com> --------- Signed-off-by: Spencer Schrock <sschrock@google.com>
169 lines
3.5 KiB
YAML
169 lines
3.5 KiB
YAML
---
|
|
run:
|
|
concurrency: 6
|
|
timeout: 5m
|
|
issues:
|
|
# Maximum issues count per one linter.
|
|
# Set to 0 to disable.
|
|
# Default: 50
|
|
max-issues-per-linter: 0
|
|
# Maximum count of issues with the same text.
|
|
# Set to 0 to disable.
|
|
# Default: 3
|
|
max-same-issues: 0
|
|
new-from-rev: ""
|
|
exclude-rules:
|
|
- path: '(.+)_test\.go'
|
|
linters:
|
|
- funlen
|
|
- goconst
|
|
- gocyclo
|
|
- goerr113
|
|
- lll
|
|
- wrapcheck
|
|
# probes must register via init
|
|
- path: 'probes/.+/impl.go'
|
|
linters:
|
|
- gochecknoinits
|
|
skip-files:
|
|
- cron/data/request.pb.go # autogenerated
|
|
linters:
|
|
enable:
|
|
- asciicheck
|
|
- dogsled
|
|
- errcheck
|
|
- errname
|
|
- errorlint
|
|
- exhaustive
|
|
- exportloopref
|
|
- forbidigo
|
|
- gci
|
|
- gochecknoinits
|
|
- gocognit
|
|
- goconst
|
|
- gocritic
|
|
- gocyclo
|
|
- godot
|
|
- godox
|
|
- goerr113
|
|
- gofmt
|
|
- gofumpt
|
|
- goheader
|
|
- goimports
|
|
# manage use of replace, retract and exclude directives (see https://github.com/ossf/scorecard/pull/3440#issuecomment-1708904830)
|
|
# https://golangci-lint.run/usage/linters/#gomoddirectives
|
|
- gomoddirectives
|
|
- gomodguard
|
|
- goprintffuncname
|
|
- gosec
|
|
- gosimple
|
|
- govet
|
|
- ineffassign
|
|
- lll
|
|
- makezero
|
|
- mirror
|
|
- misspell
|
|
- nakedret
|
|
- nestif
|
|
- nolintlint
|
|
- predeclared
|
|
- staticcheck
|
|
- stylecheck
|
|
- tenv
|
|
- thelper
|
|
- typecheck
|
|
- unconvert
|
|
- unused
|
|
- usestdlibvars
|
|
- whitespace
|
|
- wrapcheck
|
|
disable:
|
|
- exhaustruct # initializing every struct makes tests longer without much benefit (spencerschrock)
|
|
- testpackage # tests don't need their own package (spencerschrock)
|
|
presets:
|
|
- bugs
|
|
- test
|
|
linters-settings:
|
|
errcheck:
|
|
check-type-assertions: true
|
|
check-blank: true
|
|
exhaustive:
|
|
# https://golangci-lint.run/usage/linters/#exhaustive
|
|
default-signifies-exhaustive: true
|
|
forbidigo:
|
|
forbid:
|
|
- p: "^fmt\\.Print.*$"
|
|
msg: "Do not commit print statements. Output to stdout interferes with users who redirect JSON results to files."
|
|
govet:
|
|
enable:
|
|
- fieldalignment
|
|
godox:
|
|
keywords:
|
|
- BUG
|
|
- FIXME
|
|
- HACK
|
|
gci:
|
|
sections:
|
|
- standard
|
|
- default
|
|
- prefix(github.com/ossf/scorecard)
|
|
gocritic:
|
|
enabled-checks:
|
|
# Diagnostic
|
|
- appendAssign
|
|
- badCond
|
|
- caseOrder
|
|
- codegenComment
|
|
- commentedOutCode
|
|
- deprecatedComment
|
|
- dupBranchBody
|
|
- dupCase
|
|
- dupSubExpr
|
|
- exitAfterDefer
|
|
- flagName
|
|
- nilValReturn
|
|
- weakCond
|
|
- octalLiteral
|
|
|
|
# Performance
|
|
- appendCombine
|
|
- hugeParam
|
|
- rangeExprCopy
|
|
- rangeValCopy
|
|
|
|
# Style
|
|
- boolExprSimplify
|
|
- captLocal
|
|
- commentFormatting
|
|
- commentedOutImport
|
|
- defaultCaseOrder
|
|
- docStub
|
|
- elseif
|
|
- emptyFallthrough
|
|
- hexLiteral
|
|
- ifElseChain
|
|
- methodExprCall
|
|
- singleCaseSwitch
|
|
- typeAssertChain
|
|
- typeSwitchVar
|
|
- underef
|
|
- unlabelStmt
|
|
- unlambda
|
|
|
|
# Opinionated
|
|
- builtinShadow
|
|
- importShadow
|
|
- initClause
|
|
- nestingReduce
|
|
- paramTypeCombine
|
|
- ptrToRefParam
|
|
- typeUnparen
|
|
- unnecessaryBlock
|
|
nolintlint:
|
|
# `//nolint` should mention specific linter such as `//nolint:my-linter`
|
|
# Overly broad directives can hide unrelated issues
|
|
require-specific: true
|
|
wrapcheck:
|
|
ignorePackageGlobs:
|
|
- github.com/ossf/scorecard/v4/checks/fileparser
|