Fix linting (#2903)

Author: WillAbides

.github/workflows/linter.yml

@@ -9,15 +9,14 @@ jobs:
   lint:
     strategy:
       matrix:
-        go-version: [1.x]
         platform: [ubuntu-latest]
 
         # golangci-lint will only process a single module, so we need to call it
         # separately for each module in the repo.  We dont lint example/newreposecretwithlibsodium
         # since that needs libsodium to run.
         working-directory:
           - ""
-          # - example  # Fails with "no go files to analyze"
+          - example
           - scrape
           - update-urls
     runs-on: ${{ matrix.platform }}

.golangci.yml

@@ -1,34 +1,39 @@
+run:
+  build-tags:
+    - integration
 linters:
-  # TODO: fix errors so that all of the linters below pass.
-  # The linters that are commented out, as well as those explicitly disabled,
-  # are currently failing.  We should fix those failures or define exclusion
-  # rules, and then enable those linters.
   enable:
     - dogsled
     - dupl
     - gofmt
     - goimports
-  # - gosec
+    - gosec
     - misspell
     - nakedret
     - stylecheck
-  # - unconvert
-  # - unparam
+    - unconvert
+    - unparam
     - whitespace
-  disable:
-    - errcheck
-    - gosimple
-    - staticcheck
-    - ineffassign
-    - unused
+linters-settings:
+  gosec:
+    excludes:
+      # performance issue: see https://github.com/golangci/golangci-lint/issues/4039
+      # and https://github.com/securego/gosec/issues/1007
+      - G602
 issues:
-  exclude:
-    - composites
   exclude-rules:
-  - linters:
-    - dogsled
-    text:  "declaration has 3 blank identifiers"
-    path: _test\.go
-  - linters:
-    - dupl
-    path: _test\.go
+    - linters:
+        - dupl
+        - unparam
+        - gosec
+        - dogsled
+      path: _test\.go
+
+    # We need to pass nil Context in order to test DoBare erroring on nil ctx.
+    - linters: [ staticcheck ]
+      text: 'SA1012: do not pass a nil Context'
+      path: _test\.go
+
+    # We need to use sha1 for validating signatures
+    - linters: [ gosec ]
+      text: 'G505: Blocklisted import crypto/sha1: weak cryptographic primitive'

example/basicauth/main.go

@@ -32,7 +32,7 @@ func main() {
 	username, _ := r.ReadString('\n')
 
 	fmt.Print("GitHub Password: ")
-	bytePassword, _ := term.ReadPassword(int(syscall.Stdin))
+	bytePassword, _ := term.ReadPassword(syscall.Stdin)
 	password := string(bytePassword)
 
 	tp := github.BasicAuthTransport{

example/commitpr/main.go

@@ -133,7 +133,7 @@ func pushCommit(ref *github.Reference, tree *github.Tree) (err error) {
 
 	// Create the commit using the tree.
 	date := time.Now()
-	author := &github.CommitAuthor{Date: &github.Timestamp{date}, Name: authorName, Email: authorEmail}
+	author := &github.CommitAuthor{Date: &github.Timestamp{Time: date}, Name: authorName, Email: authorEmail}
 	commit := &github.Commit{Author: author, Message: commitMessage, Tree: tree, Parents: []*github.Commit{parent.Commit}}
 	newCommit, _, err := client.Git.CreateCommit(ctx, *sourceOwner, *sourceRepo, commit)
 	if err != nil {

example/tagprotection/main.go

@@ -39,7 +39,7 @@ func main() {
 	pattern = strings.TrimSpace(pattern)
 
 	fmt.Print("GitHub Token: ")
-	byteToken, _ := term.ReadPassword(int(syscall.Stdin))
+	byteToken, _ := term.ReadPassword(syscall.Stdin)
 	println()
 	token := string(byteToken)
 

example/tokenauth/main.go

@@ -21,7 +21,7 @@ import (
 
 func main() {
 	fmt.Print("GitHub Token: ")
-	byteToken, _ := term.ReadPassword(int(syscall.Stdin))
+	byteToken, _ := term.ReadPassword(syscall.Stdin)
 	println()
 	token := string(byteToken)
 

github/actions_runners_test.go

@@ -65,7 +65,7 @@ func TestActionsService_GenerateOrgJITConfig(t *testing.T) {
 
 	mux.HandleFunc("/orgs/o/actions/runners/generate-jitconfig", func(w http.ResponseWriter, r *http.Request) {
 		v := new(GenerateJITConfigRequest)
-		json.NewDecoder(r.Body).Decode(v)
+		assertNilError(t, json.NewDecoder(r.Body).Decode(v))
 
 		testMethod(t, r, "POST")
 		if !cmp.Equal(v, input) {
@@ -109,7 +109,7 @@ func TestActionsService_GenerateRepoJITConfig(t *testing.T) {
 
 	mux.HandleFunc("/repos/o/r/actions/runners/generate-jitconfig", func(w http.ResponseWriter, r *http.Request) {
 		v := new(GenerateJITConfigRequest)
-		json.NewDecoder(r.Body).Decode(v)
+		assertNilError(t, json.NewDecoder(r.Body).Decode(v))
 
 		testMethod(t, r, "POST")
 		if !cmp.Equal(v, input) {

github/actions_secrets.go

@@ -23,7 +23,7 @@ type PublicKey struct {
 // do not error out when unmarshaling.
 func (p *PublicKey) UnmarshalJSON(data []byte) error {
 	var pk struct {
-		KeyID interface{} `json:"key_id,string"`
+		KeyID interface{} `json:"key_id"`
 		Key   *string     `json:"key"`
 	}
 

github/actions_workflow_runs_test.go

@@ -1247,7 +1247,7 @@ func TestActionService_PendingDeployments(t *testing.T) {
 
 	mux.HandleFunc("/repos/o/r/actions/runs/399444496/pending_deployments", func(w http.ResponseWriter, r *http.Request) {
 		v := new(PendingDeploymentsRequest)
-		json.NewDecoder(r.Body).Decode(v)
+		assertNilError(t, json.NewDecoder(r.Body).Decode(v))
 
 		testMethod(t, r, "POST")
 		if !cmp.Equal(v, input) {

github/actions_workflows_test.go

@@ -243,7 +243,7 @@ func TestActionsService_CreateWorkflowDispatchEventByID(t *testing.T) {
 	}
 	mux.HandleFunc("/repos/o/r/actions/workflows/72844/dispatches", func(w http.ResponseWriter, r *http.Request) {
 		var v CreateWorkflowDispatchEventRequest
-		json.NewDecoder(r.Body).Decode(&v)
+		assertNilError(t, json.NewDecoder(r.Body).Decode(&v))
 
 		testMethod(t, r, "POST")
 		if !cmp.Equal(v, event) {
@@ -287,7 +287,7 @@ func TestActionsService_CreateWorkflowDispatchEventByFileName(t *testing.T) {
 	}
 	mux.HandleFunc("/repos/o/r/actions/workflows/main.yml/dispatches", func(w http.ResponseWriter, r *http.Request) {
 		var v CreateWorkflowDispatchEventRequest
-		json.NewDecoder(r.Body).Decode(&v)
+		assertNilError(t, json.NewDecoder(r.Body).Decode(&v))
 
 		testMethod(t, r, "POST")
 		if !cmp.Equal(v, event) {