Silverfish/proton-bridge
1
0
Fork 1
mirror of https://github.com/ProtonMail/proton-bridge.git synced 2025-12-10 12:46:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Other: Bump linter

Browse Source
This commit is contained in:
Jakub
2021-04-07 09:19:22 +02:00
parent 2f35c453a1
commit 7d0af7624c
22 changed files with 116 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
.golangci.yml
View File

@ -1,3 +1,4 @@
---
run:
timeout: 10m
build-tags:
@ -9,8 +10,10 @@ issues:
exclude-use-default: false
exclude:
- Using the variable on range scope `tt` in function literal
- should have comment (\([^)]+\) )?or be unexported # For now we are missing a lot of comments.
- at least one file in a package should have a package comment # For now we are missing a lot of comments.
# For now we are missing a lot of comments.
- should have comment (\([^)]+\) )?or be unexported
# For now we are missing a lot of comments.
- at least one file in a package should have a package comment
exclude-rules:
- path: _test\.go
@ -58,15 +61,53 @@ linters:
- goimports # Goimports does everything that gofmt does. Additionally it checks unused imports [fast: true, auto-fix: true]
- golint # Golint differs from gofmt. Gofmt reformats Go source code, whereas golint prints out style mistakes [fast: true, auto-fix: false]
- gosec # Inspects source code for security problems [fast: true, auto-fix: false]
- interfacer # Linter that suggests narrower interface types [fast: true, auto-fix: false]
- maligned # Tool to detect Go structs that would take less memory if their fields were sorted [fast: true, auto-fix: false]
- misspell # Finds commonly misspelled English words in comments [fast: true, auto-fix: true]
- nakedret # Finds naked returns in functions greater than a specified function length [fast: true, auto-fix: false]
- prealloc # Finds slice declarations that could potentially be preallocated [fast: true, auto-fix: false]
- scopelint # Scopelint checks for unpinned variables in go programs [fast: true, auto-fix: false]
- stylecheck # Stylecheck is a replacement for golint [fast: true, auto-fix: false]
- unconvert # Remove unnecessary type conversions [fast: true, auto-fix: false]
- unparam # Reports unused function parameters [fast: true, auto-fix: false]
- whitespace # Tool for detection of leading and trailing whitespace [fast: true, auto-fix: true]
# - wsl # Whitespace Linter - Forces you to use empty lines! [fast: true, auto-fix: false]
# - lll # Reports long lines [fast: true, auto-fix: false]
# Newly added linters (not processed yet)
# - asciicheck # Simple linter to check that your code does not contain non-ASCII identifiers [fast: true, auto-fix: false]
# - cyclop # checks function and package cyclomatic complexity [fast: false, auto-fix: false]
# - durationcheck # check for two durations multiplied together [fast: false, auto-fix: false]
# - errorlint # go-errorlint is a source code linter for Go software that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13. [fast: false, auto-fix: false]
# - exhaustive # check exhaustiveness of enum switch statements [fast: false, auto-fix: false]
# - exhaustivestruct # Checks if all struct's fields are initialized [fast: false, auto-fix: false]
# - exportloopref # checks for pointers to enclosing loop variables [fast: false, auto-fix: false]
# - forbidigo # Forbids identifiers [fast: true, auto-fix: false]
# - forcetypeassert # finds forced type assertions [fast: true, auto-fix: false]
# - gci # Gci control golang package import order and make it always deterministic. [fast: true, auto-fix: true]
# - gocognit # Computes and checks the cognitive complexity of functions [fast: true, auto-fix: false]
# - godot # Check if comments end in a period [fast: true, auto-fix: true]
# - goerr113 # Golang linter to check the errors handling expressions [fast: false, auto-fix: false]
# - gofumpt # Gofumpt checks whether code was gofumpt-ed. [fast: true, auto-fix: true]
# - goheader # Checks is file header matches to pattern [fast: true, auto-fix: false]
# - gomnd # An analyzer to detect magic numbers. [fast: true, auto-fix: false]
# - gomoddirectives # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod. [fast: true, auto-fix: false]
# - gomodguard # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations. [fast: true, auto-fix: false]
# - goprintffuncname # Checks that printf-like functions are named with `f` at the end [fast: true, auto-fix: false]
# - ifshort # Checks that your code uses short syntax for if-statements whenever possible [fast: true, auto-fix: false]
# - importas # Enforces consistent import aliases [fast: false, auto-fix: false]
# - lll # Reports long lines [fast: true, auto-fix: false]
# - makezero # Finds slice declarations with non-zero initial length [fast: false, auto-fix: false]
# - nestif # Reports deeply nested if statements [fast: true, auto-fix: false]
# - nilerr # Finds the code that returns nil even if it checks that the error is not nil. [fast: false, auto-fix: false]
# - nlreturn # nlreturn checks for a new line before return and branch statements to increase code clarity [fast: true, auto-fix: false]
# - noctx # noctx finds sending http request without context.Context [fast: false, auto-fix: false]
# - nolintlint # Reports ill-formed or insufficient nolint directives [fast: true, auto-fix: false]
# - paralleltest # paralleltest detects missing usage of t.Parallel() method in your Go test [fast: true, auto-fix: false]
# - predeclared # find code that shadows one of Go's predeclared identifiers [fast: true, auto-fix: false]
# - revive # Fast, configurable, extensible, flexible, and beautiful linter for Go. Drop-in replacement of golint. [fast: false, auto-fix: false]
# - rowserrcheck # checks whether Err of rows is checked successfully [fast: false, auto-fix: false]
# - sqlclosecheck # Checks that sql.Rows and sql.Stmt are closed. [fast: false, auto-fix: false]
# - testpackage # linter that makes you use a separate _test package [fast: true, auto-fix: false]
# - thelper # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers [fast: false, auto-fix: false]
# - tparallel # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes [fast: false, auto-fix: false]
# - wastedassign # wastedassign finds wasted assignment statements. [fast: false, auto-fix: false]
# - wrapcheck # Checks that errors returned from external packages are wrapped [fast: false, auto-fix: false]
# - wsl # Whitespace Linter - Forces you to use empty lines! [fast: true, auto-fix: false]

2
Makefile
View File

@ -188,7 +188,7 @@ update-qt-docs:
## Dev dependencies
.PHONY: install-devel-tools install-linter install-go-mod-outdated install-git-hooks
LINTVER:="v1.29.0"
LINTVER:="v1.39.0"
LINTSRC:="https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh"
install-dev-dependencies: install-devel-tools install-linter install-go-mod-outdated

2
internal/config/settings/settings.go
View File

@ -78,7 +78,7 @@ func (s *Settings) setDefaultValues() {
s.setDefault(ReportOutgoingNoEncKey, "false")
s.setDefault(LastVersionKey, "")
s.setDefault(UpdateChannelKey, "")
s.setDefault(RolloutKey, fmt.Sprintf("%v", rand.Float64()))
s.setDefault(RolloutKey, fmt.Sprintf("%v", rand.Float64())) //nolint[gosec] G404 It is OK to use weak random number generator here
s.setDefault(PreferredKeychainKey, "")
s.setDefault(APIPortKey, DefaultAPIPort)

1
internal/config/tls/tls.go
View File

@ -154,5 +154,6 @@ func (t *TLS) GetConfig() (*tls.Config, error) {
ClientAuth: tls.VerifyClientCertIfGiven,
RootCAs: caCertPool,
ClientCAs: caCertPool,
MinVersion: tls.VersionTLS13, // gosec G402
}, nil
}

2
internal/frontend/cli-ie/accounts.go
View File

@ -25,7 +25,7 @@ import (
func (f *frontendCLI) listAccounts(c *ishell.Context) {
spacing := "%-2d: %-20s (%-15s, %-15s)\n"
f.Printf(bold(strings.Replace(spacing, "d", "s", -1)), "#", "account", "status", "address mode")
f.Printf(bold(strings.ReplaceAll(spacing, "d", "s")), "#", "account", "status", "address mode")
for idx, user := range f.ie.GetUsers() {
connected := "disconnected"
if user.IsConnected() {

2
internal/frontend/cli/accounts.go
View File

@ -28,7 +28,7 @@ import (
func (f *frontendCLI) listAccounts(c *ishell.Context) {
spacing := "%-2d: %-20s (%-15s, %-15s)\n"
f.Printf(bold(strings.Replace(spacing, "d", "s", -1)), "#", "account", "status", "address mode")
f.Printf(bold(strings.ReplaceAll(spacing, "d", "s")), "#", "account", "status", "address mode")
for idx, user := range f.bridge.GetUsers() {
connected := "disconnected"
if user.IsConnected() {

2
internal/frontend/cli/system.go
View File

@ -161,7 +161,7 @@ func (f *frontendCLI) disallowProxy(c *ishell.Context) {
}
func (f *frontendCLI) isPortFree(port string) bool {
port = strings.Replace(port, ":", "", -1)
port = strings.ReplaceAll(port, ":", "")
if port == "" || port == currentPort {
return true
}

4
internal/imap/bridge.go
View File

@ -61,7 +61,7 @@ func (b *bridgeWrap) GetUser(query string) (bridgeUser, error) {
if err != nil {
return nil, err
}
return newBridgeUserWrap(user), nil
return newBridgeUserWrap(user), nil //nolint[typecheck] missing methods are inherited
}
type bridgeUserWrap struct {
@ -77,5 +77,5 @@ func (u *bridgeUserWrap) GetStore() storeUserProvider {
if store == nil {
return nil
}
return newStoreUserWrap(store)
return newStoreUserWrap(store) //nolint[typecheck] missing methods are inherited
}

6
internal/imap/store.go
View File

@ -123,7 +123,7 @@ func (s *storeUserWrap) GetAddress(addressID string) (storeAddressProvider, erro
if err != nil {
return nil, err
}
return newStoreAddressWrap(address), nil
return newStoreAddressWrap(address), nil //nolint[typecheck] missing methods are inherited
}
type storeAddressWrap struct {
@ -137,7 +137,7 @@ func newStoreAddressWrap(address *store.Address) *storeAddressWrap {
func (s *storeAddressWrap) ListMailboxes() []storeMailboxProvider {
mailboxes := []storeMailboxProvider{}
for _, mailbox := range s.Address.ListMailboxes() {
mailboxes = append(mailboxes, newStoreMailboxWrap(mailbox))
mailboxes = append(mailboxes, newStoreMailboxWrap(mailbox)) //nolint[typecheck] missing methods are inherited
}
return mailboxes
}
@ -147,7 +147,7 @@ func (s *storeAddressWrap) GetMailbox(name string) (storeMailboxProvider, error)
if err != nil {
return nil, err
}
return newStoreMailboxWrap(mailbox), nil
return newStoreMailboxWrap(mailbox), nil //nolint[typecheck] missing methods are inherited
}
type storeMailboxWrap struct {

4
internal/imap/uidplus/extension.go
View File

@ -228,7 +228,7 @@ func getStatusResponseCopy(uidValidity uint32, sourceSeq, targetSeq *OrderedSeq)
// CopyResponse prepares OK response with extended UID information about copied message.
func CopyResponse(uidValidity uint32, sourceSeq, targetSeq *OrderedSeq) error {
return server.ErrStatusResp(getStatusResponseCopy(uidValidity, sourceSeq, targetSeq))
return imap.ErrStatusResp{getStatusResponseCopy(uidValidity, sourceSeq, targetSeq)}
}
func getStatusResponseAppend(uidValidity uint32, targetSeq *OrderedSeq) *imap.StatusResp {
@ -250,5 +250,5 @@ func getStatusResponseAppend(uidValidity uint32, targetSeq *OrderedSeq) *imap.St
// AppendResponse prepares OK response with extended UID information about appended message.
func AppendResponse(uidValidity uint32, targetSeq *OrderedSeq) error {
return server.ErrStatusResp(getStatusResponseAppend(uidValidity, targetSeq))
return imap.ErrStatusResp{getStatusResponseAppend(uidValidity, targetSeq)}
}

2
internal/logging/crash.go
View File

@ -34,7 +34,7 @@ func DumpStackTrace(logsPath string) crash.RecoveryAction {
return func(r interface{}) error {
file := filepath.Join(logsPath, getStackTraceName(constants.Version, constants.Revision))
f, err := os.OpenFile(file, os.O_WRONLY|os.O_APPEND|os.O_CREATE, 0600)
f, err := os.OpenFile(filepath.Clean(file), os.O_WRONLY|os.O_APPEND|os.O_CREATE, 0600)
if err != nil {
return err
}

2
internal/smtp/bridge.go
View File

@ -51,7 +51,7 @@ func (b *bridgeWrap) GetUser(query string) (bridgeUser, error) {
if err != nil {
return nil, err
}
return newBridgeUserWrap(user), nil
return newBridgeUserWrap(user), nil //nolint[typecheck] missing methods are inherited
}
type bridgeUserWrap struct {

2
internal/transfer/provider_imap_utils.go
View File

@ -84,7 +84,7 @@ func imapClientDialHelper(addr string) (*imapClient.Client, error) {
var tlsConf *tls.Config
if strings.Contains(strings.ToLower(host), "yahoo") {
log.Warning("Yahoo server detected: limiting maximal TLS version to 1.2.")
tlsConf = &tls.Config{MaxVersion: tls.VersionTLS12}
tlsConf = &tls.Config{MaxVersion: tls.VersionTLS12} //nolint[gosec] G402
}
return imapClient.DialTLS(addr, tlsConf)
}

2
internal/transfer/provider_mbox_target.go
View File

@ -63,7 +63,7 @@ func (p *MBOXProvider) writeMessage(msg Message) error {
}
mboxPath := filepath.Join(p.root, mboxName)
mboxFile, err := os.OpenFile(mboxPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0600)
mboxFile, err := os.OpenFile(filepath.Clean(mboxPath), os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0600)
if err != nil {
multiErr = multierror.Append(multiErr, err)
continue

6
internal/updater/sync.go
View File

@ -125,7 +125,7 @@ func mkdirAllClear(path string) error {
// checksum assumes the file is a regular file and that it exists.
func checksum(path string) (hash string) {
file, err := os.Open(path) //nolint[gosec]
file, err := os.Open(filepath.Clean(path))
if err != nil {
return
}
@ -224,7 +224,7 @@ func copyRecursively(srcDir, dstDir string) error { // nolint[funlen]
}
// Create/overwrite regular file.
srcReader, err := os.Open(srcPath) //nolint[gosec]
srcReader, err := os.Open(filepath.Clean(srcPath))
if err != nil {
return err
}
@ -244,7 +244,7 @@ func copyToTmpFileRename(srcReader io.Reader, dstPath string, dstMode os.FileMod
func copyToFileTruncate(srcReader io.Reader, dstPath string, dstMode os.FileMode) error {
logrus.Debug("Copy and truncate ", dstPath)
dstWriter, err := os.OpenFile(dstPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, dstMode)
dstWriter, err := os.OpenFile(filepath.Clean(dstPath), os.O_WRONLY|os.O_CREATE|os.O_TRUNC, dstMode) //nolint[gosec] Cannot guess the safe part of path
if err != nil {
return err
}

2
pkg/pmapi/bugs.go
View File

@ -104,7 +104,7 @@ func writeMultipartReport(w *multipart.Writer, rep *ReportReq) error { // nolint
fmt.Sprintf(`form-data; name="%s"; filename="%s"`,
quoteEscaper.Replace(att.name), quoteEscaper.Replace(att.filename+".zip")))
h.Set("Content-Type", "application/octet-stream")
//h.Set("Content-Transfere-Encoding", "base64")
// h.Set("Content-Transfer-Encoding", "base64")
attWr, err := w.CreatePart(h)
if err != nil {
return err

2
pkg/pmapi/client.go
View File

@ -293,7 +293,7 @@ func (c *client) doBuffered(req *http.Request, bodyBuffer []byte, retryUnauthori
retryAfter = headerAfter
}
// To avoid spikes when all clients retry at the same time, we add some random wait.
retryAfter += rand.Intn(10)
retryAfter += rand.Intn(10) //nolint[gosec] It is OK to use weak random number generator here
if hasBody {
r := bytes.NewReader(bodyBuffer)

6
pkg/srp/hash.go
View File

@ -70,9 +70,9 @@ func HashPassword(authVersion int, password, userName string, salt, modulus []by
// CleanUserName returns the input string in lower-case without characters `_`,
// `.` and `-`.
func CleanUserName(userName string) string {
userName = strings.Replace(userName, "-", "", -1)
userName = strings.Replace(userName, ".", "", -1)
userName = strings.Replace(userName, "_", "", -1)
userName = strings.ReplaceAll(userName, "-", "")
userName = strings.ReplaceAll(userName, ".", "")
userName = strings.ReplaceAll(userName, "_", "")
return strings.ToLower(userName)
}

31
pkg/tar/tar.go
View File

@ -19,6 +19,7 @@ package tar
import (
"archive/tar"
"errors"
"io"
"os"
"path/filepath"
@ -27,6 +28,31 @@ import (
"github.com/sirupsen/logrus"
)
// maxFileSize limit tre single file size after decopression is not larger than 1GB
const maxFileSize = int64(1 * 1024 * 1024 * 1024) // 1 GB
// ErrFileTooLarge returned when decompressed file is too large
var ErrFileTooLarge = errors.New("trying to decompress file larger than 1GB")
type limitReader struct {
r io.Reader
n int64
}
// Read returns error if limit was exceeded. Inspired by io.LimitReader.Read
func (lr *limitReader) Read(p []byte) (n int, err error) {
if lr.n <= 0 {
return 0, ErrFileTooLarge
}
if int64(len(p)) > lr.n {
p = p[0:lr.n]
}
n, err = lr.r.Read(p)
lr.n -= int64(n)
return
}
// UntarToDir decopmress and unarchive the files into directory
func UntarToDir(r io.Reader, dir string) error {
tr := tar.NewReader(r)
@ -42,7 +68,7 @@ func UntarToDir(r io.Reader, dir string) error {
continue
}
target := filepath.Join(dir, header.Name)
target := filepath.Join(dir, filepath.Clean(header.Name)) // gosec G305
switch {
case header.Typeflag == tar.TypeSymlink:
@ -60,7 +86,8 @@ func UntarToDir(r io.Reader, dir string) error {
if err != nil {
return err
}
if _, err := io.Copy(f, tr); err != nil { // nolint[gosec]
lr := &limitReader{r: tr, n: maxFileSize} // gosec G110
if _, err := io.Copy(f, lr); err != nil {
return err
}
if runtime.GOOS != "windows" {

4
test/context/settings.go
View File

@ -43,8 +43,8 @@ func newFakeSettings() *fakeSettings {
}
// We should use nonstandard ports to not conflict with bridge.
s.SetInt(settings.IMAPPortKey, 21100+rand.Intn(100))
s.SetInt(settings.SMTPPortKey, 21200+rand.Intn(100))
s.SetInt(settings.IMAPPortKey, 21100+rand.Intn(100)) //noling[gosec] G404 It is OK to use weak random number generator here
s.SetInt(settings.SMTPPortKey, 21200+rand.Intn(100)) //noling[gosec] G404 It is OK to use weak random number generator here
return s
}