6bc3079c00
This PR follows #21535 (and replace #22592) ## Review without space diff https://github.com/go-gitea/gitea/pull/22678/files?diff=split&w=1 ## Purpose of this PR 1. Make git module command completely safe (risky user inputs won't be passed as argument option anymore) 2. Avoid low-level mistakes like https://github.com/go-gitea/gitea/pull/22098#discussion_r1045234918 3. Remove deprecated and dirty `CmdArgCheck` function, hide the `CmdArg` type 4. Simplify code when using git command ## The main idea of this PR * Move the `git.CmdArg` to the `internal` package, then no other package except `git` could use it. Then developers could never do `AddArguments(git.CmdArg(userInput))` any more. * Introduce `git.ToTrustedCmdArgs`, it's for user-provided and already trusted arguments. It's only used in a few cases, for example: use git arguments from config file, help unit test with some arguments. * Introduce `AddOptionValues` and `AddOptionFormat`, they make code more clear and simple: * Before: `AddArguments("-m").AddDynamicArguments(message)` * After: `AddOptionValues("-m", message)` * - * Before: `AddArguments(git.CmdArg(fmt.Sprintf("--author='%s <%s>'", sig.Name, sig.Email)))` * After: `AddOptionFormat("--author='%s <%s>'", sig.Name, sig.Email)` ## FAQ ### Why these changes were not done in #21535 ? #21535 is mainly a search&replace, it did its best to not change too much logic. Making the framework better needs a lot of changes, so this separate PR is needed as the second step. ### The naming of `AddOptionXxx` According to git's manual, the `--xxx` part is called `option`. ### How can it guarantee that `internal.CmdArg` won't be not misused? Go's specification guarantees that. Trying to access other package's internal package causes compilation error. And, `golangci-lint` also denies the git/internal package. Only the `git/command.go` can use it carefully. ### There is still a `ToTrustedCmdArgs`, will it still allow developers to make mistakes and pass untrusted arguments? Generally speaking, no. Because when using `ToTrustedCmdArgs`, the code will be very complex (see the changes for examples). Then developers and reviewers can know that something might be unreasonable. ### Why there was a `CmdArgCheck` and why it's removed? At the moment of #21535, to reduce unnecessary changes, `CmdArgCheck` was introduced as a hacky patch. Now, almost all code could be written as `cmd := NewCommand(); cmd.AddXxx(...)`, then there is no need for `CmdArgCheck` anymore. ### Why many codes for `signArg == ""` is deleted? Because in the old code, `signArg` could never be empty string, it's either `-S[key-id]` or `--no-gpg-sign`. So the `signArg == ""` is just dead code. --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
177 lines
4.6 KiB
YAML
177 lines
4.6 KiB
YAML
linters:
|
|
enable:
|
|
- bidichk
|
|
# - deadcode # deprecated - https://github.com/golangci/golangci-lint/issues/1841
|
|
- depguard
|
|
- dupl
|
|
- errcheck
|
|
- gocritic
|
|
# - gocyclo # The cyclomatic complexety of a lot of functions is too high, we should refactor those another time.
|
|
- gofmt
|
|
- gofumpt
|
|
- gosimple
|
|
- govet
|
|
- ineffassign
|
|
- nakedret
|
|
- nolintlint
|
|
- revive
|
|
- staticcheck
|
|
# - structcheck # deprecated - https://github.com/golangci/golangci-lint/issues/1841
|
|
- stylecheck
|
|
- typecheck
|
|
- unconvert
|
|
- unused
|
|
# - varcheck # deprecated - https://github.com/golangci/golangci-lint/issues/1841
|
|
# - wastedassign # disabled - https://github.com/golangci/golangci-lint/issues/2649
|
|
enable-all: false
|
|
disable-all: true
|
|
fast: false
|
|
|
|
run:
|
|
go: 1.20
|
|
timeout: 10m
|
|
skip-dirs:
|
|
- node_modules
|
|
- public
|
|
- web_src
|
|
|
|
linters-settings:
|
|
stylecheck:
|
|
checks: ["all", "-ST1005", "-ST1003"]
|
|
nakedret:
|
|
max-func-lines: 0
|
|
gocritic:
|
|
disabled-checks:
|
|
- ifElseChain
|
|
- singleCaseSwitch # Every time this occurred in the code, there was no other way.
|
|
revive:
|
|
ignore-generated-header: false
|
|
severity: warning
|
|
confidence: 0.8
|
|
errorCode: 1
|
|
warningCode: 1
|
|
rules:
|
|
- name: blank-imports
|
|
- name: context-as-argument
|
|
- name: context-keys-type
|
|
- name: dot-imports
|
|
- name: error-return
|
|
- name: error-strings
|
|
- name: error-naming
|
|
- name: exported
|
|
- name: if-return
|
|
- name: increment-decrement
|
|
- name: var-naming
|
|
- name: var-declaration
|
|
- name: package-comments
|
|
- name: range
|
|
- name: receiver-naming
|
|
- name: time-naming
|
|
- name: unexported-return
|
|
- name: indent-error-flow
|
|
- name: errorf
|
|
- name: duplicated-imports
|
|
- name: modifies-value-receiver
|
|
gofumpt:
|
|
extra-rules: true
|
|
lang-version: "1.20"
|
|
depguard:
|
|
list-type: denylist
|
|
# Check the list against standard lib.
|
|
include-go-root: true
|
|
packages-with-error-message:
|
|
- encoding/json: "use gitea's modules/json instead of encoding/json"
|
|
- github.com/unknwon/com: "use gitea's util and replacements"
|
|
- io/ioutil: "use os or io instead"
|
|
- golang.org/x/exp: "it's experimental and unreliable."
|
|
- code.gitea.io/gitea/modules/git/internal: "do not use the internal package, use AddXxx function instead"
|
|
|
|
issues:
|
|
max-issues-per-linter: 0
|
|
max-same-issues: 0
|
|
exclude-rules:
|
|
# Exclude some linters from running on tests files.
|
|
- path: _test\.go
|
|
linters:
|
|
- gocyclo
|
|
- errcheck
|
|
- dupl
|
|
- gosec
|
|
- unparam
|
|
- staticcheck
|
|
- path: models/migrations/v
|
|
linters:
|
|
- gocyclo
|
|
- errcheck
|
|
- dupl
|
|
- gosec
|
|
- linters:
|
|
- dupl
|
|
text: "webhook"
|
|
- linters:
|
|
- gocritic
|
|
text: "`ID' should not be capitalized"
|
|
- path: modules/templates/helper.go
|
|
linters:
|
|
- gocritic
|
|
- linters:
|
|
- unused
|
|
- deadcode
|
|
text: "swagger"
|
|
- path: contrib/pr/checkout.go
|
|
linters:
|
|
- errcheck
|
|
- path: models/issue.go
|
|
linters:
|
|
- errcheck
|
|
- path: models/migrations/
|
|
linters:
|
|
- errcheck
|
|
- path: modules/log/
|
|
linters:
|
|
- errcheck
|
|
- path: routers/api/v1/repo/issue_subscription.go
|
|
linters:
|
|
- dupl
|
|
- path: routers/repo/view.go
|
|
linters:
|
|
- dupl
|
|
- path: models/migrations/
|
|
linters:
|
|
- unused
|
|
- linters:
|
|
- staticcheck
|
|
text: "argument x is overwritten before first use"
|
|
- path: modules/httplib/httplib.go
|
|
linters:
|
|
- staticcheck
|
|
# Enabling this would require refactoring the methods and how they are called.
|
|
- path: models/issue_comment_list.go
|
|
linters:
|
|
- dupl
|
|
- path: models/update.go
|
|
linters:
|
|
- unused
|
|
- path: cmd/dump.go
|
|
linters:
|
|
- dupl
|
|
- path: services/webhook/webhook.go
|
|
linters:
|
|
- structcheck
|
|
- text: "commentFormatting: put a space between `//` and comment text"
|
|
linters:
|
|
- gocritic
|
|
- text: "exitAfterDefer:"
|
|
linters:
|
|
- gocritic
|
|
- path: modules/graceful/manager_windows.go
|
|
linters:
|
|
- staticcheck
|
|
text: "svc.IsAnInteractiveSession is deprecated: Use IsWindowsService instead."
|
|
- path: models/user/openid.go
|
|
linters:
|
|
- golint
|
|
- path: models/user/badge.go
|
|
linters:
|
|
- revive
|
|
text: "exported: type name will be used as user.UserBadge by other packages, and that stutters; consider calling this Badge"
|