Add golangci config file and fix linter issues #108
Conversation
PanGan21
requested review from
jimthematrix,
peterbroadhurst,
vdamle and
nguyer
as code owners
|
@PanGan21 Looks like this is on the right track! Now it's just a matter of working through all of the issues that the linter is catching. |
Signed-off-by: PanGan21 <[email protected]>
Signed-off-by: PanGan21 <[email protected]>
Signed-off-by: PanGan21 <[email protected]>
Signed-off-by: PanGan21 <[email protected]>
PanGan21
force-pushed
the
106-add-linter-rules
branch
from
6040c5f to
03725d3
Compare
Signed-off-by: PanGan21 <[email protected]>
Signed-off-by: PanGan21 <[email protected]>
| @@ -133,7 +133,7 @@ func (g *RESTGateway) ValidateConf() error { | |||
| } | |||
|
|
|||
| // Start kicks off the HTTP listener and router | |||
| func (g *RESTGateway) Start() error { | |||
There was a problem hiding this comment.
It seems that I need to add a ReadHeaderTimeout because of the following error from gosec:
G112: Potential Slowloris Attack because ReadHeaderTimeout is not configured in the http.Server (gosec)
Should I add that in RESTGatewayConf ? What is recommended?
There was a problem hiding this comment.
I ignored the linter on those places for now
There was a problem hiding this comment.
That's fine for now. Can you put a // TODO: comment in the code explaining that please?
|
@PanGan21 Apologies that I didn't realize this one was ready for re-review. Your comment brought it back up in my inbox and I'll take another look now. Thanks! |
| @@ -158,7 +158,7 @@ const ( | |||
| // LevelDBFailedRetriveOriginalKey problem retrieving entry - original key | |||
| LevelDBFailedRetriveOriginalKey = "Failed to retrieve the entry for the original key: %s. %s" | |||
| // LevelDBFailedRetriveGeneratedID problem retrieving entry - generated ID | |||
| LevelDBFailedRetriveGeneratedID = "Failed to retrieve the entry for the generated ID: %s. %s" | |||
| LevelDBFailedRetriveGeneratedID = "failed to retrieve the entry for the generated ID: %s. %s" | |||
There was a problem hiding this comment.
Just curious why this one was lowercased but not the others?
There was a problem hiding this comment.
That's because I am getting this:
internal/rest/receipt/leveldb.go:227:15: ST1005: error strings should not be capitalized (stylecheck)
return nil, fmt.Errorf(errors.LevelDBFailedRetriveGeneratedID, requestID, err)
| @@ -44,7 +44,7 @@ type levelDBReceipts struct { | |||
| func newLevelDBReceipts(conf *conf.ReceiptsDBConf) *levelDBReceipts { | |||
| store := kvstore.NewLDBKeyValueStore(conf.LevelDB.Path) | |||
| t := time.Unix(1000000, 0) | |||
| entropy := ulid.Monotonic(rand.New(rand.NewSource(t.UnixNano())), 0) | |||
| entropy := ulid.Monotonic(rand.New(rand.NewSource(t.UnixNano())), 0) // #nosec | |||
There was a problem hiding this comment.
I'm curious why the #nosec on this one?
There was a problem hiding this comment.
It actually throws this error:
internal/rest/receipt/leveldb.go:47:28: G404: Use of weak random number generator (math/rand instead of crypto/rand) (gosec)
entropy := ulid.Monotonic(rand.New(rand.NewSource(t.UnixNano())), 0)
| @@ -61,11 +61,11 @@ func CreateTLSConfiguration(tlsConfig *conf.TLSConfig) (t *tls.Config, err error | |||
| caCertPool = x509.NewCertPool() | |||
| caCertPool.AppendCertsFromPEM(caCert) | |||
| } | |||
|
|
|||
| // #nosec G402 | |||
There was a problem hiding this comment.
Do you mind putting a comment here as to why this is required also please?
There was a problem hiding this comment.
added todo as well
.golangci.yml
Outdated
| disable: | ||
| - structcheck | ||
| enable: | ||
| # - depguard |
There was a problem hiding this comment.
I had to disable this linter because it throws error for many packages being used. Maybe another issue is required to upgrade those packages which might require more fixes.
There was a problem hiding this comment.
I actually removed the depguard linter because I saw that it is also removed here: https://github.com/hyperledger/firefly/blob/main/.golangci.yml
No worries, i also have forgotten to submit my comments so i did it now😅 |
Codecov Report
@@ Coverage Diff @@
## main #108 +/- ##
==========================================
+ Coverage 68.56% 68.67% +0.11%
==========================================
Files 47 47
Lines 4504 4482 -22
==========================================
- Hits 3088 3078 -10
+ Misses 1215 1209 -6
+ Partials 201 195 -6
|
|
The code looks good. You will need to amend your commit history to satisfy the DCO requirement though. The bot has linked to a page that explains how to do that, and which commits need to be updated: https://github.com/hyperledger/firefly-fabconnect/pull/108/checks?check_run_id=16863753560 |
Signed-off-by: PanGan21 <[email protected]>
Signed-off-by: PanGan21 <[email protected]>
Signed-off-by: PanGan21 <[email protected]>
Signed-off-by: PanGan21 <[email protected]>
Signed-off-by: PanGan21 <[email protected]>
Signed-off-by: PanGan21 <[email protected]>
PanGan21
force-pushed
the
106-add-linter-rules
branch
from
6385858 to
d86d6ba
Compare
I think I fixed it but I didn't sign the merge commit because it was double signing older commits. Could you please rerun the pipeline to see if everything is in place? |
#106