Merge pull request #258 from cerberauth/upgrade-golangci-lint

Upgrade golangci lint

Author: emmanuelgautier

.github/workflows/ci.yml

@@ -34,7 +34,7 @@ jobs:
           go-version: ${{ env.GO_VERSION }}
 
       - name: Lint
-        uses: golangci/golangci-lint-action@v6
+        uses: golangci/golangci-lint-action@v7
 
       - name: Build
         run: go build -v ./...

.golangci.yml

@@ -1,26 +1,34 @@
+version: "2"
 linters:
   enable:
-    - errcheck
     - goconst
     - gocritic
+    - gosec
+  settings:
+    gosec:
+      excludes:
+        - G101
+        - G107
+  exclusions:
+    generated: lax
+    presets:
+      - comments
+      - common-false-positives
+      - legacy
+      - std-error-handling
+    paths:
+      - .+_test.go
+      - third_party$
+      - builtin$
+      - examples$
+formatters:
+  enable:
     - gofmt
     - goimports
-    - gosec
-    - gosimple
-    - govet
-    - ineffassign
-    - staticcheck
-    - typecheck
-    - unused
-
-linters-settings:
-  gosec:
-    excludes:
-      - G101
-      - G107
-
-issues:
-  exclude-files:
-    - ".+_test.go"
-
-
+  exclusions:
+    generated: lax
+    paths:
+      - .+_test.go
+      - third_party$
+      - builtin$
+      - examples$

internal/operation/operation.go

@@ -114,7 +114,7 @@ func (operation *Operation) IsReachable() error {
 		}
 	}
 
-	_, err := net.DialTimeout("tcp", host, operation.Client.Timeout)
+	_, err := net.DialTimeout("tcp", host, operation.Timeout)
 	return err
 }
 

openapi/operation.go

@@ -71,9 +71,10 @@ func (openapi *OpenAPI) Operations(client *request.Client, securitySchemes auth.
 				name := h.Value.Name
 				value := getParameterValue(h.Value)
 
-				if h.Value.In == "header" {
+				switch h.Value.In {
+				case "header":
 					header.Add(name, value)
-				} else if h.Value.In == "cookie" {
+				case "cookie":
 					cookies = append(cookies, &http.Cookie{
 						Name:  name,
 						Value: value,

report/issue_report.go

@@ -96,9 +96,9 @@ func (vr *IssueReport) WithBooleanStatus(status bool) *IssueReport {
 
 func (vr *IssueReport) Fail() *IssueReport {
 	_, span := tracer.Start(context.Background(), "Issue.Failed", trace.WithAttributes(
-		attribute.String("id", vr.Issue.ID),
-		attribute.String("name", vr.Issue.Name),
-		attribute.Float64("CVSS", vr.Issue.CVSS.Score),
+		attribute.String("id", vr.ID),
+		attribute.String("name", vr.Name),
+		attribute.Float64("CVSS", vr.CVSS.Score),
 		attribute.String("securityScheme", auth.GetSecuritySchemeUniqueName(vr.SecurityScheme)),
 	))
 	span.End()

report/reporter.go

@@ -146,7 +146,7 @@ func (rr *Reporter) HasHighRiskOrHigherSeverityIssue() bool {
 
 func (rr *Reporter) HasHigherThanSeverityThresholdIssue(threshold float64) bool {
 	for _, r := range rr.GetFailedIssueReports() {
-		if r.Issue.CVSS.Score >= threshold {
+		if r.CVSS.Score >= threshold {
 			return true
 		}
 	}

scan/broken_authentication/jwt/weak_secret/weak_secret.go

@@ -35,7 +35,7 @@ var issue = report.Issue{
 }
 
 func ShouldBeScanned(securityScheme *auth.SecurityScheme) bool {
-	if !(securityScheme != nil && securityScheme.GetType() != auth.None && securityScheme.GetTokenFormat() != nil && *securityScheme.GetTokenFormat() == auth.JWTTokenFormat) {
+	if securityScheme == nil || securityScheme.GetType() == auth.None || securityScheme.GetTokenFormat() == nil || *securityScheme.GetTokenFormat() != auth.JWTTokenFormat {
 		return false
 	}