fix(deps): update module golang.org/x/crypto to v0.17.0 [security] #12158
reviewdog [golangci] report
reported by reviewdog 🐶
Findings (35)
queue/redis/redis_test.go|95 col 2| _steps
is unused (deadcode)
database/pipeline/create.go|3| 3-53 lines are duplicate of database/pipeline/update.go:3-54
(dupl)
database/pipeline/update.go|3| 3-54 lines are duplicate of database/pipeline/create.go:3-53
(dupl)
mock/server/schedule.go|3| 3-211 lines are duplicate of mock/server/secret.go:4-167
(dupl)
compiler/native/expand.go|48| Function 'ExpandSteps' has too many statements (71 > 70) (funlen)
cmd/vela-server/server.go|26| Function 'server' is too long (200 > 160) (funlen)
mock/server/authentication.go|41 col 9| string error
has 4 occurrences, make it a constant (goconst)
compiler/registry/github/github.go|41 col 21| string /api/v3/
has 5 occurrences, make it a constant (goconst)
cmd/vela-server/schedule.go|138 col 1| cyclomatic complexity 31 of func processSchedule
is high (> 30) (gocyclo)
queue/redis/ping_test.go|8| File is not goimports
-ed (goimports)
database/schedule/count.go|6| File is not goimports
-ed (goimports)
database/schedule/count_active.go|6| File is not goimports
-ed (goimports)
queue/redis/route_test.go|62 col 28| G601: Implicit memory aliasing in for loop. (gosec)
compiler/native/compile_test.go|1818 col 50| G601: Implicit memory aliasing in for loop. (gosec)
compiler/native/compile_test.go|3129 col 51| G601: Implicit memory aliasing in for loop. (gosec)
database/worker/get.go|14 col 28| unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
database/worker/index.go|19 col 38| unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
database/worker/create.go|15 col 31| unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
scm/github/authentication.go|58 col 52| unused-parameter: parameter 'w' seems to be unused, consider removing or renaming it as _ (revive)
compiler/native/parse_test.go|861 col 24| unused-parameter: parameter 'p' seems to be unused, consider removing or renaming it as _ (revive)
router/middleware/logger.go|42 col 36| unused-parameter: parameter 'timeFormat' seems to be unused, consider removing or renaming it as _ (revive)
api/webhook/post.go|182 col 32| Non-inherited new context, use function like context.WithXXX
instead (contextcheck)
api/webhook/post.go|836 col 38| Non-inherited new context, use function like context.WithXXX
instead (contextcheck)
api/webhook/post.go|847 col 40| Non-inherited new context, use function like context.WithXXX
instead (contextcheck)
scm/github/access.go|34 col 28| Function newClientToken
should pass the context parameter (contextcheck)
scm/github/access.go|103 col 28| Function newClientToken
should pass the context parameter (contextcheck)
scm/github/access.go|153 col 28| Function newClientToken
should pass the context parameter (contextcheck)
database/schedule/create.go|3 col 1| directive //nolint:dupl // ignore similar code with update.go
is unused for linter "dupl" (nolintlint)
compiler/native/compile.go|258 col 1| directive //nolint:dupl,lll // linter thinks the steps and stages workflows are identical
is unused for linter "dupl" (nolintlint)
compiler/native/compile.go|355 col 1| directive //nolint:dupl,lll // linter thinks the steps and stages workflows are identical
is unused for linter "dupl" (nolintlint)
secret/vault/count.go|37 col 2| directive //nolint:staticcheck // ignore false positive
is unused for linter "staticcheck" (nolintlint)
secret/vault/get.go|40 col 2| directive //nolint:ineffassign,staticcheck // ignore false positive
is unused for linter "staticcheck" (nolintlint)
secret/vault/list.go|45 col 2| directive //nolint:staticcheck // ignore false positive
is unused for linter "staticcheck" (nolintlint)
api/build/create.go|302 col 2| directive //nolint:dupl // ignore duplicate code
is unused for linter "dupl" (nolintlint)
api/build/skip.go|12 col 1| directive //nolint:goconst // ignore init and clone constants
is unused for linter "goconst" (nolintlint)
Filtered Findings (0)
Annotations
Check failure on line 95 in queue/redis/redis_test.go
github-actions / golangci
[golangci] queue/redis/redis_test.go#L95
`_steps` is unused (deadcode)
Raw output
queue/redis/redis_test.go:95:2: `_steps` is unused (deadcode)
_steps = &pipeline.Build{
^
Check failure on line 3 in database/pipeline/create.go
github-actions / golangci
[golangci] database/pipeline/create.go#L3
3-53 lines are duplicate of `database/pipeline/update.go:3-54` (dupl)
Raw output
database/pipeline/create.go:3: 3-53 lines are duplicate of `database/pipeline/update.go:3-54` (dupl)
package pipeline
import (
"context"
"github.com/go-vela/types/constants"
"github.com/go-vela/types/database"
"github.com/go-vela/types/library"
"github.com/sirupsen/logrus"
)
// CreatePipeline creates a new pipeline in the database.
func (e *engine) CreatePipeline(ctx context.Context, p *library.Pipeline) (*library.Pipeline, error) {
e.logger.WithFields(logrus.Fields{
"pipeline": p.GetCommit(),
}).Tracef("creating pipeline %s in the database", p.GetCommit())
// cast the library type to database type
//
// https://pkg.go.dev/github.com/go-vela/types/database#PipelineFromLibrary
pipeline := database.PipelineFromLibrary(p)
// validate the necessary fields are populated
//
// https://pkg.go.dev/github.com/go-vela/types/database#Pipeline.Validate
err := pipeline.Validate()
if err != nil {
return nil, err
}
// compress data for the pipeline
//
// https://pkg.go.dev/github.com/go-vela/types/database#Pipeline.Compress
err = pipeline.Compress(e.config.CompressionLevel)
if err != nil {
return nil, err
}
// send query to the database
err = e.client.Table(constants.TablePipeline).Create(pipeline).Error
if err != nil {
return nil, err
}
err = pipeline.Decompress()
if err != nil {
return nil, err
}
return pipeline.ToLibrary(), nil
}
Check failure on line 3 in database/pipeline/update.go
github-actions / golangci
[golangci] database/pipeline/update.go#L3
3-54 lines are duplicate of `database/pipeline/create.go:3-53` (dupl)
Raw output
database/pipeline/update.go:3: 3-54 lines are duplicate of `database/pipeline/create.go:3-53` (dupl)
package pipeline
import (
"context"
"github.com/go-vela/types/constants"
"github.com/go-vela/types/database"
"github.com/go-vela/types/library"
"github.com/sirupsen/logrus"
)
// UpdatePipeline updates an existing pipeline in the database.
func (e *engine) UpdatePipeline(ctx context.Context, p *library.Pipeline) (*library.Pipeline, error) {
e.logger.WithFields(logrus.Fields{
"pipeline": p.GetCommit(),
}).Tracef("updating pipeline %s in the database", p.GetCommit())
// cast the library type to database type
//
// https://pkg.go.dev/github.com/go-vela/types/database#PipelineFromLibrary
pipeline := database.PipelineFromLibrary(p)
// validate the necessary fields are populated
//
// https://pkg.go.dev/github.com/go-vela/types/database#Pipeline.Validate
err := pipeline.Validate()
if err != nil {
return nil, err
}
// compress data for the pipeline
//
// https://pkg.go.dev/github.com/go-vela/types/database#Pipeline.Compress
err = pipeline.Compress(e.config.CompressionLevel)
if err != nil {
return nil, err
}
// send query to the database
err = e.client.Table(constants.TablePipeline).Save(pipeline).Error
if err != nil {
return nil, err
}
// decompress pipeline to return
err = pipeline.Decompress()
if err != nil {
return nil, err
}
return pipeline.ToLibrary(), nil
}
Check failure on line 3 in mock/server/schedule.go
github-actions / golangci
[golangci] mock/server/schedule.go#L3
3-211 lines are duplicate of `mock/server/secret.go:4-167` (dupl)
Raw output
mock/server/schedule.go:3: 3-211 lines are duplicate of `mock/server/secret.go:4-167` (dupl)
package server
import (
"encoding/json"
"fmt"
"net/http"
"strings"
"github.com/gin-gonic/gin"
"github.com/go-vela/types"
"github.com/go-vela/types/library"
)
const (
// ScheduleResp represents a JSON return for a single schedule.
ScheduleResp = `{
"id": 2,
"active": true,
"name": "foo",
"entry": "@weekly",
"created_at": 1683154980,
"created_by": "octocat",
"updated_at": 1683154980,
"updated_by": "octocat",
"scheduled_at": 0,
"repo": {
"id": 1,
"user_id": 1,
"org": "github",
"name": "octocat",
"full_name": "github/octocat",
"link": "https://github.com/github/octocat",
"clone": "https://github.com/github/octocat.git",
"branch": "main",
"topics": [],
"build_limit": 10,
"timeout": 30,
"counter": 0,
"visibility": "public",
"private": false,
"trusted": false,
"active": true,
"allow_pull": false,
"allow_push": true,
"allow_deploy": false,
"allow_tag": false,
"allow_comment": false,
"pipeline_type": "yaml",
"previous_name": ""
}
}`
SchedulesResp = `[
{
"id": 2,
"active": true,
"name": "foo",
"entry": "@weekly",
"created_at": 1683154980,
"created_by": "octocat",
"updated_at": 1683154980,
"updated_by": "octocat",
"scheduled_at": 0,
"repo": {
"id": 1,
"user_id": 1,
"org": "github",
"name": "octokitty",
"full_name": "github/octokitty",
"link": "https://github.com/github/octokitty",
"clone": "https://github.com/github/octokitty.git",
"branch": "main",
"topics": [],
"build_limit": 10,
"timeout": 30,
"counter": 0,
"visibility": "public",
"private": false,
"trusted": false,
"active": true,
"allow_pull": false,
"allow_push": true,
"allow_deploy": false,
"allow_tag": false,
"allow_comment": false,
"pipeline_type": "yaml",
"previous_name": ""
}
},
{
"id": 1,
"active": true,
"name": "bar",
"entry": "@weekly",
"created_at": 1683154974,
"created_by": "octocat",
"updated_at": 1683154974,
"updated_by": "octocat",
"scheduled_at": 0,
"repo": {
"id": 1,
"user_id": 1,
"org": "github",
"name": "octokitty",
"full_name": "github/octokitty",
"link": "https://github.com/github/octokitty",
"clone": "https://github.com/github/octokitty.git",
"branch": "main",
"topics": [],
"build_limit": 10,
"timeout": 30,
"counter": 0,
"visibility": "public",
"private": false,
"trusted": false,
"active": true,
"allow_pull": false,
"allow_push": true,
"allow_deploy": false,
"allow_tag": false,
"allow_comment": false,
"pipeline_type": "yaml",
"previous_name": ""
}
}
]`
)
// getSchedules returns mock JSON for a http GET.
func getSchedules(c *gin.Context) {
data := []byte(SchedulesResp)
var body []library.Schedule
_ = json.Unmarshal(data, &body)
c.JSON(http.StatusOK, body)
}
// getSchedule has a param :schedule returns mock JSON for a http GET.
//
// Pass "not-found" to :schedule to test receiving a http 404 response.
func getSchedule(c *gin.Context) {
s := c.Param("schedule")
if strings.Contains(s, "not-found") {
msg := fmt.Sprintf("Schedule %s does not exist", s)
c.AbortWithStatusJSON(http.StatusNotFound, types.Error{Message: &msg})
return
}
data := []byte(ScheduleResp)
var body library.Schedule
_ = json.Unmarshal(data, &body)
c.JSON(http.StatusOK, body)
}
// addSchedule returns mock JSON for a http POST.
func addSchedule(c *gin.Context) {
data := []byte(ScheduleResp)
var body library.Schedule
_ = json.Unmarshal(data, &body)
c.JSON(http.StatusCreated, body)
}
// updateSchedule has a param :schedule returns mock JSON for a http PUT.
//
// Pass "not-found" to :schedule to test receiving a http 404 response.
func updateSchedule(c *gin.Context) {
if !strings.Contains(c.FullPath(), "admin") {
s := c.Param("schedule")
if strings.Contains(s, "not-found") {
msg := fmt.Sprintf("Schedule %s does not exist", s)
c.AbortWithStatusJSON(http.StatusNotFound, types.Error{Message: &msg})
return
}
}
data := []byte(ScheduleResp)
var body library.Schedule
_ = json.Unmarshal(data, &body)
c.JSON(http.StatusOK, body)
}
// removeSchedule has a param :schedule returns mock JSON for a http DELETE.
//
// Pass "not-found" to :schedule to test receiving a http 404 response.
func removeSchedule(c *gin.Context) {
s := c.Param("schedule")
if strings.Contains(s, "not-found") {
msg := fmt.Sprintf("Schedule %s does not exist", s)
c.AbortWithStatusJSON(http.StatusNotFound, types.Error{Message: &msg})
return
}
c.JSON(http.StatusOK, fmt.Sprintf("schedule %s deleted", s))
}
Check failure on line 48 in compiler/native/expand.go
github-actions / golangci
[golangci] compiler/native/expand.go#L48
Function 'ExpandSteps' has too many statements (71 > 70) (funlen)
Raw output
compiler/native/expand.go:48: Function 'ExpandSteps' has too many statements (71 > 70) (funlen)
func (c *client) ExpandSteps(s *yaml.Build, tmpls map[string]*yaml.Template, r *pipeline.RuleData, depth int) (*yaml.Build, error) {
Check failure on line 26 in cmd/vela-server/server.go
github-actions / golangci
[golangci] cmd/vela-server/server.go#L26
Function 'server' is too long (200 > 160) (funlen)
Raw output
cmd/vela-server/server.go:26: Function 'server' is too long (200 > 160) (funlen)
func server(c *cli.Context) error {
Check failure on line 41 in mock/server/authentication.go
github-actions / golangci
[golangci] mock/server/authentication.go#L41
string `error` has 4 occurrences, make it a constant (goconst)
Raw output
mock/server/authentication.go:41:9: string `error` has 4 occurrences, make it a constant (goconst)
err := "error"
^
Check failure on line 41 in compiler/registry/github/github.go
github-actions / golangci
[golangci] compiler/registry/github/github.go#L41
string `/api/v3/` has 5 occurrences, make it a constant (goconst)
Raw output
compiler/registry/github/github.go:41:21: string `/api/v3/` has 5 occurrences, make it a constant (goconst)
c.API = c.URL + "/api/v3/"
^
Check failure on line 138 in cmd/vela-server/schedule.go
github-actions / golangci
[golangci] cmd/vela-server/schedule.go#L138
cyclomatic complexity 31 of func `processSchedule` is high (> 30) (gocyclo)
Raw output
cmd/vela-server/schedule.go:138:1: cyclomatic complexity 31 of func `processSchedule` is high (> 30) (gocyclo)
func processSchedule(ctx context.Context, s *library.Schedule, compiler compiler.Engine, database database.Interface, metadata *types.Metadata, queue queue.Service, scm scm.Service, allowList []string) error {
^
Check failure on line 8 in queue/redis/ping_test.go
github-actions / golangci
[golangci] queue/redis/ping_test.go#L8
File is not `goimports`-ed (goimports)
Raw output
queue/redis/ping_test.go:8: File is not `goimports`-ed (goimports)
"github.com/alicebob/miniredis/v2"
Check failure on line 6 in database/schedule/count.go
github-actions / golangci
[golangci] database/schedule/count.go#L6
File is not `goimports`-ed (goimports)
Raw output
database/schedule/count.go:6: File is not `goimports`-ed (goimports)
"context"
Check failure on line 6 in database/schedule/count_active.go
github-actions / golangci
[golangci] database/schedule/count_active.go#L6
File is not `goimports`-ed (goimports)
Raw output
database/schedule/count_active.go:6: File is not `goimports`-ed (goimports)
"context"
Check failure on line 62 in queue/redis/route_test.go
github-actions / golangci
[golangci] queue/redis/route_test.go#L62
G601: Implicit memory aliasing in for loop. (gosec)
Raw output
queue/redis/route_test.go:62:28: G601: Implicit memory aliasing in for loop. (gosec)
got, err := client.Route(&test.worker)
^
Check failure on line 1818 in compiler/native/compile_test.go
github-actions / golangci
[golangci] compiler/native/compile_test.go#L1818
G601: Implicit memory aliasing in for loop. (gosec)
Raw output
compiler/native/compile_test.go:1818:50: G601: Implicit memory aliasing in for loop. (gosec)
compiler.WithRepo(&library.Repo{PipelineType: &tt.args.pipelineType})
^
Check failure on line 3129 in compiler/native/compile_test.go
github-actions / golangci
[golangci] compiler/native/compile_test.go#L3129
G601: Implicit memory aliasing in for loop. (gosec)
Raw output
compiler/native/compile_test.go:3129:51: G601: Implicit memory aliasing in for loop. (gosec)
compiler.WithRepo(&library.Repo{PipelineType: &tt.args.pipelineType})
^
Check failure on line 14 in database/worker/get.go
github-actions / golangci
[golangci] database/worker/get.go#L14
unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
Raw output
database/worker/get.go:14:28: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (e *engine) GetWorker(ctx context.Context, id int64) (*library.Worker, error) {
^
Check failure on line 19 in database/worker/index.go
github-actions / golangci
[golangci] database/worker/index.go#L19
unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
Raw output
database/worker/index.go:19:38: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (e *engine) CreateWorkerIndexes(ctx context.Context) error {
^
Check failure on line 15 in database/worker/create.go
github-actions / golangci
[golangci] database/worker/create.go#L15
unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
Raw output
database/worker/create.go:15:31: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (e *engine) CreateWorker(ctx context.Context, w *library.Worker) (*library.Worker, error) {
^
Check failure on line 58 in scm/github/authentication.go
github-actions / golangci
[golangci] scm/github/authentication.go#L58
unused-parameter: parameter 'w' seems to be unused, consider removing or renaming it as _ (revive)
Raw output
scm/github/authentication.go:58:52: unused-parameter: parameter 'w' seems to be unused, consider removing or renaming it as _ (revive)
func (c *client) Authenticate(ctx context.Context, w http.ResponseWriter, r *http.Request, oAuthState string) (*library.User, error) {
^
Check failure on line 861 in compiler/native/parse_test.go
github-actions / golangci
[golangci] compiler/native/parse_test.go#L861
unused-parameter: parameter 'p' seems to be unused, consider removing or renaming it as _ (revive)
Raw output
compiler/native/parse_test.go:861:24: unused-parameter: parameter 'p' seems to be unused, consider removing or renaming it as _ (revive)
func (FailReader) Read(p []byte) (n int, err error) {
^
Check failure on line 42 in router/middleware/logger.go
github-actions / golangci
[golangci] router/middleware/logger.go#L42
unused-parameter: parameter 'timeFormat' seems to be unused, consider removing or renaming it as _ (revive)
Raw output
router/middleware/logger.go:42:36: unused-parameter: parameter 'timeFormat' seems to be unused, consider removing or renaming it as _ (revive)
func Logger(logger *logrus.Logger, timeFormat string) gin.HandlerFunc {
^
Check failure on line 182 in api/webhook/post.go
github-actions / golangci
[golangci] api/webhook/post.go#L182
Non-inherited new context, use function like `context.WithXXX` instead (contextcheck)
Raw output
api/webhook/post.go:182:32: Non-inherited new context, use function like `context.WithXXX` instead (contextcheck)
_, err = database.FromContext(c).UpdateHook(ctx, h)
^
Check failure on line 836 in api/webhook/post.go
github-actions / golangci
[golangci] api/webhook/post.go#L836
Non-inherited new context, use function like `context.WithXXX` instead (contextcheck)
Raw output
api/webhook/post.go:836:38: Non-inherited new context, use function like `context.WithXXX` instead (contextcheck)
dbRepo, err := database.FromContext(c).GetRepoForOrg(ctx, r.GetOrg(), r.GetName())
^
Check failure on line 847 in api/webhook/post.go
github-actions / golangci
[golangci] api/webhook/post.go#L847
Non-inherited new context, use function like `context.WithXXX` instead (contextcheck)
Raw output
api/webhook/post.go:847:40: Non-inherited new context, use function like `context.WithXXX` instead (contextcheck)
lastHook, err := database.FromContext(c).LastHookForRepo(ctx, dbRepo)
^
Check failure on line 34 in scm/github/access.go
github-actions / golangci
[golangci] scm/github/access.go#L34
Function `newClientToken` should pass the context parameter (contextcheck)
Raw output
scm/github/access.go:34:28: Function `newClientToken` should pass the context parameter (contextcheck)
client := c.newClientToken(*u.Token)
^