mirror of
https://github.com/portainer/portainer.git
synced 2026-06-23 04:30:16 +00:00
nickl-portainer
122 lines
3.8 KiB
YAML
122 lines
3.8 KiB
YAML
version: '2'
|
|
|
|
run:
|
|
allow-parallel-runners: true
|
|
linters:
|
|
default: none
|
|
enable:
|
|
- gocritic
|
|
- bodyclose
|
|
- copyloopvar
|
|
- depguard
|
|
- errcheck
|
|
- errorlint
|
|
- forbidigo
|
|
- govet
|
|
- ineffassign
|
|
- intrange
|
|
- perfsprint
|
|
- staticcheck
|
|
- unused
|
|
- mirror
|
|
- durationcheck
|
|
- errorlint
|
|
- govet
|
|
- usetesting
|
|
- zerologlint
|
|
- testifylint
|
|
- modernize
|
|
- unconvert
|
|
- unused
|
|
- zerologlint
|
|
- exptostd
|
|
settings:
|
|
staticcheck:
|
|
checks: ['all', '-ST1003', '-ST1005', '-ST1016', '-SA1019', '-QF1003']
|
|
depguard:
|
|
rules:
|
|
main:
|
|
files:
|
|
- '!**/*_test.go'
|
|
- '!**/base.go'
|
|
- '!**/base_tx.go'
|
|
deny:
|
|
- pkg: encoding/json
|
|
desc: use github.com/segmentio/encoding/json
|
|
- pkg: golang.org/x/exp
|
|
desc: exp is not allowed
|
|
- pkg: github.com/portainer/libcrypto
|
|
desc: use github.com/portainer/portainer/pkg/libcrypto
|
|
- pkg: github.com/portainer/libhttp
|
|
desc: use github.com/portainer/portainer/pkg/libhttp
|
|
- pkg: golang.org/x/crypto
|
|
desc: golang.org/x/crypto is not allowed because of FIPS mode
|
|
- pkg: github.com/ProtonMail/go-crypto/openpgp
|
|
desc: github.com/ProtonMail/go-crypto/openpgp is not allowed because of FIPS mode
|
|
- pkg: github.com/cosi-project/runtime
|
|
desc: github.com/cosi-project/runtime is not allowed because of FIPS mode
|
|
- pkg: gopkg.in/yaml.v2
|
|
desc: use go.yaml.in/yaml/v3 instead
|
|
- pkg: gopkg.in/yaml.v3
|
|
desc: use go.yaml.in/yaml/v3 instead
|
|
- pkg: github.com/golang-jwt/jwt/v4
|
|
desc: use github.com/golang-jwt/jwt/v5 instead
|
|
- pkg: github.com/mitchellh/mapstructure
|
|
desc: use github.com/go-viper/mapstructure/v2 instead
|
|
- pkg: gopkg.in/alecthomas/kingpin.v2
|
|
desc: use github.com/alecthomas/kingpin/v2 instead
|
|
- pkg: github.com/jcmturner/gokrb5$
|
|
desc: use github.com/jcmturner/gokrb5/v8 instead
|
|
- pkg: github.com/gofrs/uuid
|
|
desc: use github.com/google/uuid
|
|
- pkg: github.com/Masterminds/semver$
|
|
desc: use github.com/Masterminds/semver/v3
|
|
- pkg: github.com/blang/semver
|
|
desc: use github.com/Masterminds/semver/v3
|
|
- pkg: github.com/coreos/go-semver
|
|
desc: use github.com/Masterminds/semver/v3
|
|
- pkg: github.com/hashicorp/go-version
|
|
desc: use github.com/Masterminds/semver/v3
|
|
gocritic:
|
|
disable-all: true
|
|
enabled-checks:
|
|
- ruleguard
|
|
settings:
|
|
ruleguard:
|
|
rules: './analysis/ssrf.go'
|
|
forbidigo:
|
|
forbid:
|
|
- pattern: ^tls\.Config$
|
|
msg: Use crypto.CreateTLSConfiguration() instead
|
|
- pattern: ^tls\.Config\.(InsecureSkipVerify|MinVersion|MaxVersion|CipherSuites|CurvePreferences)$
|
|
msg: Do not set this field directly, use crypto.CreateTLSConfiguration() instead
|
|
- pattern: ^object\.(Commit|Tag)\.Verify$
|
|
msg: 'Not allowed because of FIPS mode'
|
|
- pattern: ^(types\.SystemContext\.)?(DockerDaemonInsecureSkipTLSVerify|DockerInsecureSkipTLSVerify|OCIInsecureSkipTLSVerify)$
|
|
msg: 'Not allowed because of FIPS mode'
|
|
analyze-types: true
|
|
exclusions:
|
|
generated: lax
|
|
presets:
|
|
- comments
|
|
- common-false-positives
|
|
- legacy
|
|
rules:
|
|
- path: pkg/libhttp/ssrf
|
|
linters:
|
|
- gocritic
|
|
text: ruleguard
|
|
paths:
|
|
- third_party$
|
|
- builtin$
|
|
- examples$
|
|
formatters:
|
|
enable:
|
|
- gofmt
|
|
exclusions:
|
|
generated: lax
|
|
paths:
|
|
- third_party$
|
|
- builtin$
|
|
- examples$
|