For #13715, this:
- Upgrades the Go version to `1.21.1`, infrastructure changes are
addressed separately at https://github.com/fleetdm/fleet/pull/13878
- Upgrades the linter version, as the current version doesn't work well
after the Go upgrade
- Fixes new linting errors (we now get errors for memory aliasing in
loops! 🎉 )
After this is merged people will need to:
1. Update their Go version. I use `gvm` and I did it like:
```
$ gvm install go1.21.1
$ gvm use go1.21.1 --default
```
2. Update the local version of `golangci-lint`:
```
$ go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.54.2
```
3. (optional) depending on your setup, you might need to re-install some
packages, for example:
```
# goimports to automatically import libraries
$ go install golang.org/x/tools/cmd/goimports@latest
# gopls for the language server
$ go install golang.org/x/tools/gopls@latest
# etc...
```
* Do not use golangci action for better reproducibility
* Add fix to trigger build
* Fix all reported issues
* fix more lint errors
* Add missing import
* Remove unused method
* Remove change not necessary
This solves #5679 , and also implements #5515, #5509 and lays the ground for #5516
With the introduction of Wrap, Is and As in the standard library, we've now got built-in support for wrapping.
On top of that, a common pattern in the community is to define errors tailored to the context of each project while still conforming to the error and Unwrap interfaces (see Upspin, Chromium)
The output now includes stack traces and additional info
* Adding gosec linter
Adding gosec (Static application security testing) linter.
* Testing gosec exclusion in golangci-lint
G110 is being triggered - testing if exclude works, then will revert and leave the excludes section there for future needs.
Also adding some tests to exclude rules
* Update .golangci.yml
Testing gosec allow list of rules
* Update .golangci.yml
Trying gosec deny list of rules
* Update .golangci.yml
Reconfiguring G306 alert to use 644, less stringent, and adding every file with current warnings to exclusions. Once this is all buttoned up and running on NEW files, we will go back and address all issues or put a comment stating why the file is excluded here.
* Update .golangci.yml
Removing exclusion to see if lint now fails
* Update .golangci.yml
Removing most exclusions to test
* Update .golangci.yml
Removing 100% of exclusions for more testing
* Update .golangci.yml
Re-adding exclusions slowly and testing to be sure we only exclude what is needed
* Update .golangci.yml
Adding all exclusions and comments per category pointing to github issues for investigating and cleaning up over time.
Add a relatively minimal set of linters that raise safe and
mostly un-opinionated issues with the code. It runs
automatically on CI via a github action.
