From 670244710b98c6db43f33b248435b238baee0b9a Mon Sep 17 00:00:00 2001 From: manifestori Date: Tue, 1 Oct 2024 15:01:28 +0200 Subject: [PATCH 1/3] chore: fix lint and upgrade deps --- .devcontainer/devcontainer.json | 2 +- .github/workflows/build.yml | 6 +++--- .github/workflows/lint.yml | 2 +- .github/workflows/release.yml | 2 +- .pre-commit-config.yaml | 2 +- cmd/cli/convert.go | 2 +- cmd/cli/root.go | 2 ++ go.mod | 2 +- 8 files changed, 11 insertions(+), 9 deletions(-) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 4c3c6b8..9f3d8c3 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -61,7 +61,7 @@ "workspaceMount": "source=${localWorkspaceFolder},target=/workspace,type=bind", "features": { "ghcr.io/devcontainers/features/go:1": { - "version": "1.21.5" + "version": "1.23.1" }, "ghcr.io/devcontainers/features/docker-in-docker:2": { "moby": true diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 782324b..50695c2 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -17,7 +17,7 @@ jobs: - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: - go-version: '1.22' + go-version-file: ./go.mod check-latest: true - name: govulncheck @@ -53,7 +53,7 @@ jobs: - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: - go-version: '1.22' + go-version-file: ./go.mod check-latest: true - name: setup-ruleguard @@ -76,7 +76,7 @@ jobs: - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: - go-version: '1.22' + go-version-file: ./go.mod check-latest: true - uses: arduino/setup-task@b91d5d2c96a56797b48ac1e0e89220bf64044611 # v2.0.0 diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 73e2a94..ae441c8 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -21,7 +21,7 @@ jobs: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: - go-version: '1.22' + go-version-file: ./go.mod check-latest: true cache: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8cafc89..ccd8dda 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -49,7 +49,7 @@ jobs: - name: Setup Go uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: - go-version: '1.22' + go-version-file: ./go.mod check-latest: true - name: Login to GitHub Container Registry diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 1a49c5d..0d66778 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -15,7 +15,7 @@ repos: - id: go-test-mod - repo: https://github.com/golangci/golangci-lint - rev: v1.59.1 + rev: v1.61.0 hooks: - id: golangci-lint args: ["--timeout", "10m", "--fix"] diff --git a/cmd/cli/convert.go b/cmd/cli/convert.go index 6e4e604..bfed89f 100644 --- a/cmd/cli/convert.go +++ b/cmd/cli/convert.go @@ -17,7 +17,7 @@ import ( "github.com/protobom/sbom-convert/pkg/format" ) -var outputDirPermissions = 0o755 +const outputDirPermissions uint32 = 0o755 func ConvertCommand() *cobra.Command { co := &options.ConvertOptions{} diff --git a/cmd/cli/root.go b/cmd/cli/root.go index d04bc8c..04b2a73 100644 --- a/cmd/cli/root.go +++ b/cmd/cli/root.go @@ -84,6 +84,8 @@ func validateRootOptions(_ *options.RootOptions) error { } func setupLogger(ro *options.RootOptions) error { + //nolint:gosec + // verbose is always within the range of int8 level := zapcore.Level(int(zap.WarnLevel) - ro.Verbose) log, err := log.NewLogger( log.WithLevel(level), diff --git a/go.mod b/go.mod index ddae41a..7f673ad 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/protobom/sbom-convert -go 1.22.5 +go 1.23.1 require ( github.com/google/go-cmp v0.6.0 From 5a2e6e406905ea803f2b3867839bf0ee890303b4 Mon Sep 17 00:00:00 2001 From: manifestori Date: Tue, 1 Oct 2024 15:12:08 +0200 Subject: [PATCH 2/3] chore: bump lint action --- .github/workflows/lint.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index ae441c8..ad472c9 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -26,7 +26,7 @@ jobs: cache: true - name: golangci-lint - uses: golangci/golangci-lint-action@v3 + uses: golangci/golangci-lint-action@v6 with: args: --timeout=5m version: v1.59 From e8d9e96a8db1d7a9fc5a308348e16cf6e1cbec54 Mon Sep 17 00:00:00 2001 From: manifestori Date: Tue, 1 Oct 2024 15:19:05 +0200 Subject: [PATCH 3/3] chore: bump lint action --- .github/workflows/lint.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index ad472c9..1442ab2 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -22,11 +22,10 @@ jobs: - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version-file: ./go.mod - check-latest: true cache: true - name: golangci-lint uses: golangci/golangci-lint-action@v6 with: args: --timeout=5m - version: v1.59 + version: v1.61.0