diff --git a/CHANGELOG.md b/CHANGELOG.md index 556c6f52e36a..767022665b42 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,15 @@ If you value it, consider supporting us, we appreciate it! ❤️ [![Open Collective backers and sponsors](https://img.shields.io/badge/OpenCollective-Donate-blue?logo=opencollective&style=for-the-badge)](https://opencollective.com/golangci-lint) [![GitHub Sponsors](https://img.shields.io/badge/GitHub-Donate-blue?logo=github&style=for-the-badge)](https://github.com/sponsors/golangci) +### v1.64.5 + +1. Bug fixes + * Add missing flag `new-from-merge-base-flag` +2. Linters bug fixes + * `asciicheck`: from 0.3.0 to 0.4.0 + * `forcetypeassert`: from 0.1.0 to 0.2.0 + * `gosec`: from 2.22.0 to 2.22.1 + ### v1.64.4 1. Linters bug fixes diff --git a/assets/cli-help.json b/assets/cli-help.json index 9e8866944e58..4850452aa773 100644 --- a/assets/cli-help.json +++ b/assets/cli-help.json @@ -1,4 +1,4 @@ { "enable": "Enabled by default linters:\nerrcheck: Errcheck is a program for checking for unchecked errors in Go code. These unchecked errors can be critical bugs in some cases.\ngosimple: Linter for Go source code that specializes in simplifying code. [auto-fix]\ngovet: Vet examines Go source code and reports suspicious constructs. It is roughly the same as 'go vet' and uses its passes. [auto-fix]\nineffassign: Detects when assignments to existing variables are not used. [fast]\nstaticcheck: It's a set of rules from staticcheck. It's not the same thing as the staticcheck binary. The author of staticcheck doesn't support or approve the use of staticcheck as a library inside golangci-lint. [auto-fix]\nunused: Checks Go code for unused constants, variables, functions and types.", - "help": "Usage:\n golangci-lint run [flags]\n\nFlags:\n -c, --config PATH Read config from file path PATH\n --no-config Don't read config file\n -D, --disable strings Disable specific linter\n --disable-all Disable all linters\n -E, --enable strings Enable specific linter\n --enable-all Enable all linters\n --fast Enable only fast linters from enabled linters set (first run won't be fast)\n -p, --presets strings Enable presets of linters:\n - bugs\n - comment\n - complexity\n - error\n - format\n - import\n - metalinter\n - module\n - performance\n - sql\n - style\n - test\n - unused\n Run 'golangci-lint help linters' to see them.\n This option implies option --disable-all\n --enable-only strings Override linters configuration section to only run the specific linter(s)\n -j, --concurrency int Number of CPUs to use (Default: number of logical CPUs) (default 8)\n --modules-download-mode string Modules download mode. If not empty, passed as -mod=\u003cmode\u003e to go tools\n --issues-exit-code int Exit code when issues were found (default 1)\n --go string Targeted Go version\n --build-tags strings Build tags\n --timeout duration Timeout for total work. If \u003c= 0, the timeout is disabled (default 1m0s)\n --tests Analyze tests (*_test.go) (default true)\n --allow-parallel-runners Allow multiple parallel golangci-lint instances running.\n If false (default) - golangci-lint acquires file lock on start.\n --allow-serial-runners Allow multiple golangci-lint instances running, but serialize them around a lock.\n If false (default) - golangci-lint exits with an error if it fails to acquire file lock on start.\n --out-format string Formats of output:\n - json\n - line-number\n - colored-line-number\n - tab\n - colored-tab\n - checkstyle\n - code-climate\n - html\n - junit-xml\n - junit-xml-extended\n - github-actions\n - teamcity\n - sarif\n (default \"colored-line-number\")\n --print-issued-lines Print lines of code with issue (default true)\n --print-linter-name Print linter name in issue line (default true)\n --sort-results Sort linter results\n --sort-order strings Sort order of linter results\n --path-prefix string Path prefix to add to output\n --show-stats Show statistics per linter\n -e, --exclude strings Exclude issue by regexp\n --exclude-use-default Use or not use default excludes:\n - EXC0001 (errcheck): Almost all programs ignore errors on these functions and in most cases it's ok.\n Pattern: 'Error return value of .((os\\.)?std(out|err)\\..*|.*Close|.*Flush|os\\.Remove(All)?|.*print(f|ln)?|os\\.(Un)?Setenv). is not checked'\n - EXC0002 (golint): Annoying issue about not having a comment. The rare codebase has such comments.\n Pattern: '(comment on exported (method|function|type|const)|should have( a package)? comment|comment should be of the form)'\n - EXC0003 (golint): False positive when tests are defined in package 'test'.\n Pattern: 'func name will be used as test\\.Test.* by other packages, and that stutters; consider calling this'\n - EXC0004 (govet): Common false positives.\n Pattern: '(possible misuse of unsafe.Pointer|should have signature)'\n - EXC0005 (staticcheck): Developers tend to write in C-style with an explicit 'break' in a 'switch', so it's ok to ignore.\n Pattern: 'SA4011'\n - EXC0006 (gosec): Too many false-positives on 'unsafe' usage.\n Pattern: 'G103: Use of unsafe calls should be audited'\n - EXC0007 (gosec): Too many false-positives for parametrized shell calls.\n Pattern: 'G204: Subprocess launched with variable'\n - EXC0008 (gosec): Duplicated errcheck checks.\n Pattern: 'G104'\n - EXC0009 (gosec): Too many issues in popular repos.\n Pattern: '(G301|G302|G307): Expect (directory permissions to be 0750|file permissions to be 0600) or less'\n - EXC0010 (gosec): False positive is triggered by 'src, err := ioutil.ReadFile(filename)'.\n Pattern: 'G304: Potential file inclusion via variable'\n - EXC0011 (stylecheck): Annoying issue about not having a comment. The rare codebase has such comments.\n Pattern: '(ST1000|ST1020|ST1021|ST1022)'\n - EXC0012 (revive): Annoying issue about not having a comment. The rare codebase has such comments.\n Pattern: 'exported (.+) should have comment( \\(or a comment on this block\\))? or be unexported'\n - EXC0013 (revive): Annoying issue about not having a comment. The rare codebase has such comments.\n Pattern: 'package comment should be of the form \"(.+)...\"'\n - EXC0014 (revive): Annoying issue about not having a comment. The rare codebase has such comments.\n Pattern: 'comment on exported (.+) should be of the form \"(.+)...\"'\n - EXC0015 (revive): Annoying issue about not having a comment. The rare codebase has such comments.\n Pattern: 'should have a package comment' (default true)\n --exclude-case-sensitive If set to true exclude and exclude rules regular expressions are case-sensitive\n --max-issues-per-linter int Maximum issues count per one linter. Set to 0 to disable (default 50)\n --max-same-issues int Maximum count of issues with the same text. Set to 0 to disable (default 3)\n --uniq-by-line Make issues output unique by line (default true)\n --exclude-files strings Regexps of files to exclude\n --exclude-dirs strings Regexps of directories to exclude\n --exclude-dirs-use-default Use or not use default excluded directories:\n - (^|/)vendor($|/)\n - (^|/)third_party($|/)\n - (^|/)testdata($|/)\n - (^|/)examples($|/)\n - (^|/)Godeps($|/)\n - (^|/)builtin($|/)\n (default true)\n --exclude-generated string Mode of the generated files analysis (default \"lax\")\n -n, --new Show only new issues: if there are unstaged changes or untracked files, only those changes are analyzed, else only changes in HEAD~ are analyzed.\n It's a super-useful option for integration of golangci-lint into existing large codebase.\n It's not practical to fix all existing issues at the moment of integration: much better to not allow issues in new code.\n For CI setups, prefer --new-from-rev=HEAD~, as --new can skip linting the current patch if any scripts generate unstaged files before golangci-lint runs.\n --new-from-rev REV Show only new issues created after git revision REV\n --new-from-patch PATH Show only new issues created in git patch with file path PATH\n --whole-files Show issues in any part of update files (requires new-from-rev or new-from-patch)\n --fix Fix found issues (if it's supported by the linter)\n --cpu-profile-path string Path to CPU profile output file\n --mem-profile-path string Path to memory profile output file\n --print-resources-usage Print avg and max memory usage of golangci-lint and total time\n --trace-path string Path to trace output file\n\nGlobal Flags:\n --color string Use color when printing; can be 'always', 'auto', or 'never' (default \"auto\")\n -h, --help Help for a command\n -v, --verbose Verbose output\n" + "help": "Usage:\n golangci-lint run [flags]\n\nFlags:\n -c, --config PATH Read config from file path PATH\n --no-config Don't read config file\n -D, --disable strings Disable specific linter\n --disable-all Disable all linters\n -E, --enable strings Enable specific linter\n --enable-all Enable all linters\n --fast Enable only fast linters from enabled linters set (first run won't be fast)\n -p, --presets strings Enable presets of linters:\n - bugs\n - comment\n - complexity\n - error\n - format\n - import\n - metalinter\n - module\n - performance\n - sql\n - style\n - test\n - unused\n Run 'golangci-lint help linters' to see them.\n This option implies option --disable-all\n --enable-only strings Override linters configuration section to only run the specific linter(s)\n -j, --concurrency int Number of CPUs to use (Default: number of logical CPUs) (default 8)\n --modules-download-mode string Modules download mode. If not empty, passed as -mod=\u003cmode\u003e to go tools\n --issues-exit-code int Exit code when issues were found (default 1)\n --go string Targeted Go version\n --build-tags strings Build tags\n --timeout duration Timeout for total work. If \u003c= 0, the timeout is disabled (default 1m0s)\n --tests Analyze tests (*_test.go) (default true)\n --allow-parallel-runners Allow multiple parallel golangci-lint instances running.\n If false (default) - golangci-lint acquires file lock on start.\n --allow-serial-runners Allow multiple golangci-lint instances running, but serialize them around a lock.\n If false (default) - golangci-lint exits with an error if it fails to acquire file lock on start.\n --out-format string Formats of output:\n - json\n - line-number\n - colored-line-number\n - tab\n - colored-tab\n - checkstyle\n - code-climate\n - html\n - junit-xml\n - junit-xml-extended\n - github-actions\n - teamcity\n - sarif\n (default \"colored-line-number\")\n --print-issued-lines Print lines of code with issue (default true)\n --print-linter-name Print linter name in issue line (default true)\n --sort-results Sort linter results\n --sort-order strings Sort order of linter results\n --path-prefix string Path prefix to add to output\n --show-stats Show statistics per linter\n -e, --exclude strings Exclude issue by regexp\n --exclude-use-default Use or not use default excludes:\n - EXC0001 (errcheck): Almost all programs ignore errors on these functions and in most cases it's ok.\n Pattern: 'Error return value of .((os\\.)?std(out|err)\\..*|.*Close|.*Flush|os\\.Remove(All)?|.*print(f|ln)?|os\\.(Un)?Setenv). is not checked'\n - EXC0002 (golint): Annoying issue about not having a comment. The rare codebase has such comments.\n Pattern: '(comment on exported (method|function|type|const)|should have( a package)? comment|comment should be of the form)'\n - EXC0003 (golint): False positive when tests are defined in package 'test'.\n Pattern: 'func name will be used as test\\.Test.* by other packages, and that stutters; consider calling this'\n - EXC0004 (govet): Common false positives.\n Pattern: '(possible misuse of unsafe.Pointer|should have signature)'\n - EXC0005 (staticcheck): Developers tend to write in C-style with an explicit 'break' in a 'switch', so it's ok to ignore.\n Pattern: 'SA4011'\n - EXC0006 (gosec): Too many false-positives on 'unsafe' usage.\n Pattern: 'G103: Use of unsafe calls should be audited'\n - EXC0007 (gosec): Too many false-positives for parametrized shell calls.\n Pattern: 'G204: Subprocess launched with variable'\n - EXC0008 (gosec): Duplicated errcheck checks.\n Pattern: 'G104'\n - EXC0009 (gosec): Too many issues in popular repos.\n Pattern: '(G301|G302|G307): Expect (directory permissions to be 0750|file permissions to be 0600) or less'\n - EXC0010 (gosec): False positive is triggered by 'src, err := ioutil.ReadFile(filename)'.\n Pattern: 'G304: Potential file inclusion via variable'\n - EXC0011 (stylecheck): Annoying issue about not having a comment. The rare codebase has such comments.\n Pattern: '(ST1000|ST1020|ST1021|ST1022)'\n - EXC0012 (revive): Annoying issue about not having a comment. The rare codebase has such comments.\n Pattern: 'exported (.+) should have comment( \\(or a comment on this block\\))? or be unexported'\n - EXC0013 (revive): Annoying issue about not having a comment. The rare codebase has such comments.\n Pattern: 'package comment should be of the form \"(.+)...\"'\n - EXC0014 (revive): Annoying issue about not having a comment. The rare codebase has such comments.\n Pattern: 'comment on exported (.+) should be of the form \"(.+)...\"'\n - EXC0015 (revive): Annoying issue about not having a comment. The rare codebase has such comments.\n Pattern: 'should have a package comment' (default true)\n --exclude-case-sensitive If set to true exclude and exclude rules regular expressions are case-sensitive\n --max-issues-per-linter int Maximum issues count per one linter. Set to 0 to disable (default 50)\n --max-same-issues int Maximum count of issues with the same text. Set to 0 to disable (default 3)\n --uniq-by-line Make issues output unique by line (default true)\n --exclude-files strings Regexps of files to exclude\n --exclude-dirs strings Regexps of directories to exclude\n --exclude-dirs-use-default Use or not use default excluded directories:\n - (^|/)vendor($|/)\n - (^|/)third_party($|/)\n - (^|/)testdata($|/)\n - (^|/)examples($|/)\n - (^|/)Godeps($|/)\n - (^|/)builtin($|/)\n (default true)\n --exclude-generated string Mode of the generated files analysis (default \"lax\")\n -n, --new Show only new issues: if there are unstaged changes or untracked files, only those changes are analyzed, else only changes in HEAD~ are analyzed.\n It's a super-useful option for integration of golangci-lint into existing large codebase.\n It's not practical to fix all existing issues at the moment of integration: much better to not allow issues in new code.\n For CI setups, prefer --new-from-rev=HEAD~, as --new can skip linting the current patch if any scripts generate unstaged files before golangci-lint runs.\n --new-from-rev REV Show only new issues created after git revision REV\n --new-from-patch PATH Show only new issues created in git patch with file path PATH\n --new-from-merge-base string Show only new issues created after the best common ancestor (merge-base against HEAD)\n --whole-files Show issues in any part of update files (requires new-from-rev or new-from-patch)\n --fix Fix found issues (if it's supported by the linter)\n --cpu-profile-path string Path to CPU profile output file\n --mem-profile-path string Path to memory profile output file\n --print-resources-usage Print avg and max memory usage of golangci-lint and total time\n --trace-path string Path to trace output file\n\nGlobal Flags:\n --color string Use color when printing; can be 'always', 'auto', or 'never' (default \"auto\")\n -h, --help Help for a command\n -v, --verbose Verbose output\n" } diff --git a/assets/linters-info.json b/assets/linters-info.json index a8961480bcc5..a6bdba3f629b 100644 --- a/assets/linters-info.json +++ b/assets/linters-info.json @@ -291,13 +291,13 @@ { "name": "forcetypeassert", "desc": "finds forced type assertions", - "loadMode": 8199, + "loadMode": 8767, "inPresets": [ "style" ], "originalURL": "https://github.com/gostaticanalysis/forcetypeassert", "internal": false, - "isSlow": false, + "isSlow": true, "since": "v1.38.0" }, {