forked from gastownhall/beads
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.golangci.yml
More file actions
92 lines (87 loc) · 2.78 KB
/
.golangci.yml
File metadata and controls
92 lines (87 loc) · 2.78 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
version: "2"
run:
timeout: 5m
tests: false
linters:
default: 'none'
enable:
- errcheck
- gosec
- misspell
- unconvert
- unparam
settings:
errcheck:
exclude-functions:
- (*database/sql.DB).Close
- (*database/sql.Rows).Close
- (*database/sql.Tx).Rollback
- (*database/sql.Stmt).Close
- (*database/sql.Conn).Close
- (*os.File).Close
- (os).RemoveAll
- (os).Remove
- (os).Setenv
- (os).Unsetenv
- (os).Chdir
- (os).MkdirAll
misspell:
locale: US
exclusions:
rules:
# G304: File inclusion via variable in tests is safe (test data)
- path: '_test\.go'
linters:
- gosec
text: "G304"
# G306: File permissions 0644 in tests are acceptable (test fixtures)
- path: '_test\.go'
linters:
- gosec
text: "G306"
# G304: Safe file reads from known JSONL and error paths
- path: 'cmd/bd/autoflush\.go|internal/daemon/discovery\.go|internal/daemonrunner/sync\.go'
linters:
- gosec
text: "G304"
# G302/G306: Directory/file permissions 0700/0750 are acceptable
- linters:
- gosec
text: "G302.*0700|G301.*0750"
# G302/G306: JSONL files and error logs need 0644 for debugging/sharing
- path: 'cmd/bd/autoflush\.go|cmd/bd/daemon\.go|cmd/bd/daemon_sync_branch\.go|internal/daemon/registry\.go|internal/daemonrunner/daemon\.go|internal/git/worktree\.go'
linters:
- gosec
text: "G306"
# G306: Git hooks must be executable (0700)
- path: 'cmd/bd/init\.go'
linters:
- gosec
text: "G306.*0700"
# G204: Safe subprocess launches with validated arguments
- path: 'cmd/bd/daemon_autostart\.go|cmd/bd/daemon_sync_branch\.go|cmd/bd/show\.go|cmd/bd/sync\.go|internal/git/worktree\.go'
linters:
- gosec
text: 'G204'
# G104: Deferred file closes - errors are non-critical
- path: 'cmd/bd/show\.go'
linters:
- gosec
text: "G104.*Close"
# G115: Safe integer conversions in backoff calculations
- path: 'cmd/bd/daemon_autostart\.go'
linters:
- gosec
text: "G115"
# G201: SQL with fmt.Sprintf using placeholders (IN clause expansion)
- path: 'internal/storage/sqlite/dependencies\.go'
linters:
- gosec
text: "G201"
# errcheck: Ignore unchecked errors in test files for common cleanup patterns
- path: '_test\.go'
linters:
- errcheck
text: "Error return value of .*(Close|Rollback|RemoveAll|Setenv|Unsetenv|Chdir|MkdirAll|Remove|Write|SetReadDeadline|SetDeadline|Start|Stop).* is not checked"
issues:
uniq-by-line: true