golangci-lint: update to v1.49.0 for compatibilty with go1.19

Remove the "deadcode", "structcheck", and "varcheck" linters, as they are deprecated: WARN [runner] The linter 'deadcode' is deprecated (since v1.49.0) due to: The owner seems to have abandoned the linter. Replaced by unused. WARN [runner] The linter 'structcheck' is deprecated (since v1.49.0) due to: The owner seems to have abandoned the linter. Replaced by unused. WARN [runner] The linter 'varcheck' is deprecated (since v1.49.0) due to: The owner seems to have abandoned the linter. Replaced by unused. WARN [linters context] structcheck is disabled because of generics. You can track the evolution of the generics support by following the golangci/golangci-lint#2649. And ignore gosec G113, which only affects gp < 1.16.14. and go < 1.17.7 opts/opts.go:398:13: G113: Potential uncontrolled memory consumption in Rat.SetString (CVE-2022-23772) (gosec) cpu, ok := new(big.Rat).SetString(value) ^ Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit 0dd2c18) Signed-off-by: Cory Snider <csnider@mirantis.com>
corhere · Mar 1, 2023 · 48151d4 · 48151d4
1 parent 2d955cb
commit 48151d4
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 5 deletions.
diff --git a/.golangci.yml b/.golangci.yml
@@ -1,7 +1,6 @@
 linters:
   enable:
     - bodyclose
-    - deadcode
     - dogsled
     - gocyclo
     - goimports
@@ -13,14 +12,12 @@ linters:
     - megacheck
     - misspell
     - nakedret
+    - revive
     - staticcheck
-    - structcheck
     - typecheck
     - unconvert
     - unparam
     - unused
-    - revive
-    - varcheck
 
   disable:
     - errcheck
@@ -93,6 +90,12 @@ issues:
       linters:
         - gosec
 
+    # G113 Potential uncontrolled memory consumption in Rat.SetString (CVE-2022-23772)
+    # only affects gp < 1.16.14. and go < 1.17.7
+    - text: "(G113)"
+      linters:
+        - gosec
+
     # Looks like the match in "EXC0007" above doesn't catch this one
     # TODO: consider upstreaming this to golangci-lint's default exclusion rules
     - text: "G204: Subprocess launched with a potential tainted input or cmd arguments"
@@ -104,6 +107,11 @@ issues:
       linters:
         - gosec
 
+    # TODO: make sure all packages have a description. Currently, there's 67 packages without.
+    - text: "package-comments: should have a package comment"
+      linters:
+        - revive
+
     # Exclude some linters from running on tests files.
     - path: _test\.go
       linters:

diff --git a/dockerfiles/Dockerfile.lint b/dockerfiles/Dockerfile.lint
@@ -2,7 +2,7 @@
 
 ARG GO_VERSION=1.18.10
 ARG ALPINE_VERSION=3.16
-ARG GOLANGCI_LINT_VERSION=v1.45.2
+ARG GOLANGCI_LINT_VERSION=v1.49.0
 
 FROM    golang:${GO_VERSION}-alpine${ALPINE_VERSION} AS build
 ENV     CGO_ENABLED=0