gitea-mirror/sif
1
0
Fork 0
mirror of https://github.com/lunchcat/sif.git synced 2026-04-28 03:23:07 -07:00
Code Issues Packages Projects Releases Wiki Activity

ci: bump go toolchain to 1.25 and migrate golangci-lint to v2

Browse Source 
nuclei/v3 v3.8.0 (PR #97) requires go >= 1.25.7 in go.mod.
this breaks the existing CI pinned to go 1.24:

  - build: "go.mod requires go >= 1.25.7 (running go 1.24.13;
    GOTOOLCHAIN=local)"
  - lint:  "the Go language version (go1.24) used to build
    golangci-lint is lower than the targeted Go version (1.25.7)"

bumps setup-go to 1.25 across all workflows and moves the lint
job to golangci-lint-action v8 with golangci-lint v2.11.4 (built
with go 1.25). migrates .golangci.yml to the v2 schema:

  - version: "2"
  - linters-settings -> linters.settings
  - issues.exclude-rules -> linters.exclusions.rules
  - drop gosimple (merged into staticcheck in v2)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
vmfunc
2026-04-24 08:53:43 -07:00
parent 383e645d85
commit 84b0b81996
6 changed files with 54 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/code_quality.yml vendored
View File

@@ -26,7 +26,7 @@ jobs:
- name: set up go
uses: actions/setup-go@v5
with:
go-version: "1.24"
go-version: "1.25"
- name: initialize codeql
uses: github/codeql-action/init@v4
with:

8
.github/workflows/go.yml vendored
View File

@@ -21,17 +21,17 @@ jobs:
- name: set up go
uses: actions/setup-go@v6
with:
go-version: "1.24"
go-version: "1.25"
- name: golangci-lint
uses: golangci/golangci-lint-action@v6
uses: golangci/golangci-lint-action@v8
with:
version: latest
version: v2.11.4
build:
runs-on: ubuntu-latest
strategy:
matrix:
go-version: ["1.24"]
go-version: ["1.25"]
steps:
- uses: actions/checkout@v6
- name: set up go

2
.github/workflows/govulncheck.yml vendored
View File

@@ -19,7 +19,7 @@ jobs:
- name: set up go
uses: actions/setup-go@v5
with:
go-version: "1.24"
go-version: "1.25"
- name: install govulncheck
run: go install golang.org/x/vuln/cmd/govulncheck@v1.1.4
- name: run govulncheck

2
.github/workflows/release.yml vendored
View File

@@ -23,7 +23,7 @@ jobs:
- name: set up go
uses: actions/setup-go@v5
with:
go-version: "1.24"
go-version: "1.25"
- name: extract version
run: echo "VERSION=${GITHUB_REF_NAME#v}" >> $GITHUB_ENV

2
.github/workflows/runtest.yml vendored
View File

@@ -18,7 +18,7 @@ jobs:
- name: set up go
uses: actions/setup-go@v5
with:
go-version: "1.24"
go-version: "1.25"
- name: build sif
run: make
- name: run sif with features

89
.golangci.yml
View File

@@ -1,10 +1,15 @@
version: "2"
run:
timeout: 5m
issues-exit-code: 1
linters:
enable:
- errcheck # check error returns
- govet # suspicious constructs
- staticcheck # advanced static analysis
- staticcheck # advanced static analysis (absorbs gosimple in v2)
- unused # unused code
- gosimple # simplifications
- ineffassign # useless assignments
- misspell # spelling mistakes
- gocritic # opinionated lints
@@ -18,49 +23,47 @@ linters:
- wastedassign # assignments to variables never read
- usetesting # os.Setenv in tests instead of t.Setenv, etc.
linters-settings:
govet:
enable-all: true
disable:
- fieldalignment # too many structs to reorder, risks breaking serialization
- shadow # common Go pattern, too noisy
- unusedwrite # false positives on test data structs
errcheck:
check-blank: false
exclude-functions:
- github.com/dropalldatabases/sif/internal/logger.Write # log writes are best-effort
revive:
rules:
- name: exported
disabled: true # stuttering names (scan.ScanResult) require breaking API changes
gocritic:
enabled-tags:
- diagnostic
- style
- performance
disabled-checks:
- commentedOutCode # too opinionated for a project with TODO comments
- paramTypeCombine # style-only, not worth churn
- unnamedResult # style-only
- unnecessaryDefer # common pattern in tests
- nestingReduce # inverting conditions in scan logic hurts readability
gosec:
excludes:
- G104 # errcheck covers this
- G107 # pentesting tool -- variable URLs are the whole point
- G110 # nuclei template decompression, acceptable context
- G304 # sif reads user-supplied wordlist paths -- intentional
settings:
govet:
enable-all: true
disable:
- fieldalignment # too many structs to reorder, risks breaking serialization
- shadow # common Go pattern, too noisy
- unusedwrite # false positives on test data structs
errcheck:
check-blank: false
exclude-functions:
- github.com/dropalldatabases/sif/internal/logger.Write # log writes are best-effort
revive:
rules:
- name: exported
disabled: true # stuttering names (scan.ScanResult) require breaking API changes
gocritic:
enabled-tags:
- diagnostic
- style
- performance
disabled-checks:
- commentedOutCode # too opinionated for a project with TODO comments
- paramTypeCombine # style-only, not worth churn
- unnamedResult # style-only
- unnecessaryDefer # common pattern in tests
- nestingReduce # inverting conditions in scan logic hurts readability
gosec:
excludes:
- G104 # errcheck covers this
- G107 # pentesting tool -- variable URLs are the whole point
- G110 # nuclei template decompression, acceptable context
- G304 # sif reads user-supplied wordlist paths -- intentional
run:
timeout: 5m
issues-exit-code: 1
exclusions:
rules:
# test files get some slack
- path: _test\.go
linters:
- errcheck
- noctx
issues:
max-issues-per-linter: 50
max-same-issues: 50
exclude-rules:
# test files get some slack
- path: _test\.go
linters:
- errcheck
- noctx