diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2ff1a1e..ec4011f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,16 +14,16 @@ jobs: name: Lint runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version: "1.23" - name: golangci-lint - uses: golangci/golangci-lint-action@v6 + uses: golangci/golangci-lint-action@v9 with: - version: v1.62 + version: v2.11 - name: Check formatting run: | @@ -39,9 +39,9 @@ jobs: runs-on: ubuntu-22.04 needs: lint steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version: "1.23" @@ -49,7 +49,7 @@ jobs: run: go test -short -race -coverprofile=coverage.out ./... - name: Upload coverage - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: coverage path: coverage.out @@ -59,9 +59,9 @@ jobs: runs-on: ubuntu-22.04 needs: unit-tests steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version: "1.23" @@ -80,9 +80,9 @@ jobs: - goos: linux goarch: arm64 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version: "1.23" @@ -94,7 +94,7 @@ jobs: run: go build -ldflags="-s -w" -o bin/paude-proxy-${{ matrix.goos }}-${{ matrix.goarch }} ./cmd/paude-proxy/ - name: Upload binary - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: paude-proxy-${{ matrix.goos }}-${{ matrix.goarch }} path: bin/paude-proxy-${{ matrix.goos }}-${{ matrix.goarch }} @@ -104,7 +104,7 @@ jobs: runs-on: ubuntu-22.04 needs: lint steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Build container image run: podman build -t paude-proxy:test . diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b8282ee..4bc3b94 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -12,25 +12,25 @@ jobs: name: Lint runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version: "1.23" - name: golangci-lint - uses: golangci/golangci-lint-action@v6 + uses: golangci/golangci-lint-action@v9 with: - version: v1.62 + version: v2.11 test: name: Test runs-on: ubuntu-22.04 needs: lint steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version: "1.23" @@ -53,9 +53,9 @@ jobs: - goos: darwin goarch: arm64 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version: "1.23" @@ -69,7 +69,7 @@ jobs: go build -ldflags="-s -w" -o dist/paude-proxy-${{ matrix.goos }}-${{ matrix.goarch }} ./cmd/paude-proxy/ - name: Upload artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: paude-proxy-${{ matrix.goos }}-${{ matrix.goarch }} path: dist/paude-proxy-${{ matrix.goos }}-${{ matrix.goarch }} @@ -79,7 +79,7 @@ jobs: runs-on: ubuntu-22.04 needs: test steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up QEMU for multi-arch builds run: sudo apt-get update && sudo apt-get install -y qemu-user-static @@ -124,12 +124,12 @@ jobs: runs-on: ubuntu-22.04 needs: [build-binaries, publish-containers] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 - name: Download all artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: path: dist merge-multiple: true diff --git a/.golangci.yml b/.golangci.yml index 264e642..f864719 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,3 +1,5 @@ +version: "2" + run: timeout: 5m go: "1.23" @@ -8,18 +10,30 @@ linters: - govet - staticcheck - unused - - gosimple - ineffassign - - typecheck - - gofmt - - goimports - misspell - gosec - unconvert + settings: + gosec: + excludes: + - G101 # False positive: dummy/placeholder credentials are intentional + - G104 # Unhandled errors in deferred Close() calls + - G117 # False positive: dummy token fields are intentional + - G301 # Directory permissions 0755 is appropriate for CA dir + - G302 # File permissions 0644 is appropriate for log files + - G703 # False positive: file paths from config, not user input + - G706 # False positive: logging config values, not user input + exclusions: + presets: + - comments + - std-error-handling + - common-false-positives -linters-settings: - gofmt: - simplify: true - -issues: - exclude-use-default: true +formatters: + enable: + - gofmt + - goimports + settings: + gofmt: + simplify: true diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 6667f18..49f326d 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -15,6 +15,6 @@ repos: pass_filenames: false - repo: https://github.com/golangci/golangci-lint - rev: v1.62.2 + rev: v2.11.4 hooks: - id: golangci-lint