diff --git a/.github/workflows/artifacts.yaml b/.github/workflows/artifacts.yaml index 71ea5308c9..650b624df9 100644 --- a/.github/workflows/artifacts.yaml +++ b/.github/workflows/artifacts.yaml @@ -205,7 +205,7 @@ jobs: restore-keys: trivy-cache- - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5 # 0.30.0 + uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # 0.36.0 with: input: image format: sarif diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index f24ad2809c..4f4ebce510 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -71,7 +71,7 @@ jobs: - name: Set up Go uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 with: - go-version: "1.24" + go-version: "1.25.9" - name: Download tool dependencies run: make deps @@ -142,7 +142,7 @@ jobs: - name: Set up Go uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 with: - go-version: "1.24" + go-version: "1.25.9" - name: Download golangci-lint run: make bin/golangci-lint diff --git a/.golangci.yml b/.golangci.yml index d54dcb183f..995913e58e 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,97 +1,124 @@ -run: - timeout: 4m +version: "2" -linters-settings: - depguard: - rules: - deprecated: - deny: - - pkg: "io/ioutil" - desc: "The 'io/ioutil' package is deprecated. Use corresponding 'os' or 'io' functions instead." - gci: - sections: - - standard - - default - - prefix(github.com/dexidp/dex) - goimports: - local-prefixes: github.com/dexidp/dex +run: + timeout: 5m linters: - disable-all: true - enable: - - depguard - - dogsled - - exhaustive - - gci - - gochecknoinits - - gocritic - - gofmt - - gofumpt - - goimports - - goprintffuncname - - gosimple - - govet - - ineffassign - - misspell - - nakedret - - nolintlint - - prealloc - # - revive - # - sqlclosecheck - - staticcheck - - stylecheck - - unconvert - - unused - - whitespace + disable: + - staticcheck + - errcheck + enable: + - depguard + - dogsled + - exhaustive + - gochecknoinits + # - gocritic + - goprintffuncname + - govet + - ineffassign + - misspell + - nakedret + - nolintlint + - prealloc + # - revive + # - sqlclosecheck + # - staticcheck + - unconvert + - unused + - whitespace - # Disable temporarily until everything works with Go 1.20 - # - bodyclose - # - rowserrcheck - # - tparallel - # - unparam + # Disable temporarily until everything works with Go 1.20 + # - bodyclose + # - rowserrcheck + # - tparallel + # - unparam - # Disable temporarily until everything works with Go 1.18 - - typecheck + # Disable temporarily until the following issue is resolved: https://github.com/golangci/golangci-lint/issues/3086 + # - sqlclosecheck - # Disable temporarily until the following issue is resolved: https://github.com/golangci/golangci-lint/issues/3086 - # - sqlclosecheck + # TODO: fix linter errors before enabling + # - exhaustivestruct + # - gochecknoglobals + # - errorlint + # - gocognit + # - godot + # - nlreturn + # - noctx + # - revive + # - wrapcheck - # TODO: fix linter errors before enabling - # - exhaustivestruct - # - gochecknoglobals - # - errorlint - # - gocognit - # - godot - # - nlreturn - # - noctx - # - revive - # - wrapcheck + # TODO: fix linter errors before enabling (from original config) + # - dupl + # - errcheck + # - goconst + # - gocyclo + # - gosec + # - lll + # - scopelint - # TODO: fix linter errors before enabling (from original config) - # - dupl - # - errcheck - # - goconst - # - gocyclo - # - gosec - # - lll - # - scopelint + # unused + # - goheader + # - gomodguard - # unused - # - goheader - # - gomodguard + # don't enable: + # - asciicheck + # - funlen + # - godox + # - goerr113 + # - gomnd + # - interfacer + # - maligned + # - nestif + # - testpackage + # - wsl - # don't enable: - # - asciicheck - # - funlen - # - godox - # - goerr113 - # - gomnd - # - interfacer - # - maligned - # - nestif - # - testpackage - # - wsl + exclusions: + rules: + - linters: + - errcheck + - noctx + path: _test.go + presets: + - comments + - std-error-handling -issues: - exclude-dirs: - - storage/ent/db # generated ent code + settings: + misspell: + locale: US + nolintlint: + allow-unused: false # report any unused nolint directives + require-specific: false # don't require nolint directives to be specific about which linter is being skipped + gocritic: + # Enable multiple checks by tags. See "Tags" section in https://github.com/go-critic/go-critic#usage. + enabled-tags: + - diagnostic + - experimental + - opinionated + - style + disabled-checks: + - importShadow + - unnamedResult + depguard: + rules: + deprecated: + deny: + - pkg: "io/ioutil" + desc: "The 'io/ioutil' package is deprecated. Use corresponding 'os' or 'io' functions instead." + +formatters: + enable: + - gci + - gofmt + - gofumpt + - goimports + # - golines + + settings: + gci: + sections: + - standard + - default + - localmodule +# issues: +# exclude-dirs: +# - storage/ent/db # generated ent code \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 3ebb8f9353..27749a831d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ ARG BASE_IMAGE=alpine FROM --platform=$BUILDPLATFORM tonistiigi/xx:1.6.1@sha256:923441d7c25f1e2eb5789f82d987693c47b8ed987c4ab3b075d6ed2b5d6779a3 AS xx -FROM --platform=$BUILDPLATFORM golang:1.24.3-alpine3.20@sha256:9f98e9893fbc798c710f3432baa1e0ac6127799127c3101d2c263c3a954f0abe AS builder +FROM --platform=$BUILDPLATFORM golang:1.25.9-alpine3.22@sha256:ea77c38bc50df598f22ae02b729b9d37eb0d70ed72d6dd336b8d6c02ae2b8b09 AS builder COPY --from=xx / / diff --git a/Makefile b/Makefile index 349dbc578c..61ec06bc12 100644 --- a/Makefile +++ b/Makefile @@ -17,7 +17,7 @@ export GOBIN=$(PWD)/bin LD_FLAGS="-w -X main.version=$(VERSION)" # Dependency versions -GOLANGCI_VERSION = 1.64.5 +GOLANGCI_VERSION = 2.4.0 GOTESTSUM_VERSION ?= 1.12.0 PROTOC_VERSION = 29.3 diff --git a/go.mod b/go.mod index ee51dde597..292f9a5eeb 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/dexidp/dex -go 1.24.0 +go 1.25.9 require ( cloud.google.com/go/compute/metadata v0.7.0