Merge branch 'master' into context-propagation-2

.github/workflows/go-tests-windows.yml

@@ -57,6 +57,6 @@ jobs:
     - name: golangci-lint
       uses: golangci/golangci-lint-action@v6
       with:
-        version: v1.60
+        version: v1.61
         args: --issues-exit-code=1 --timeout 10m
         only-new-issues: false

.github/workflows/go-tests.yml

@@ -163,6 +163,6 @@ jobs:
     - name: golangci-lint
       uses: golangci/golangci-lint-action@v6
       with:
-        version: v1.60
+        version: v1.61
         args: --issues-exit-code=1 --timeout 10m
         only-new-issues: false

.golangci.yml

@@ -103,7 +103,7 @@ linters-settings:
         disabled: true
       - name: cyclomatic
         # lower this after refactoring
-        arguments: [41]
+        arguments: [39]
       - name: defer
         disabled: true
       - name: empty-block
@@ -178,13 +178,45 @@ linters-settings:
     # Allow blocks to end with comments
     allow-trailing-comment: true
 
+  gocritic:
+    enable-all: true
+    disabled-checks:
+      - typeDefFirst
+      - paramTypeCombine
+      - httpNoBody
+      - ifElseChain
+      - importShadow
+      - hugeParam
+      - rangeValCopy
+      - commentedOutCode
+      - commentedOutImport
+      - unnamedResult
+      - sloppyReassign
+      - appendCombine
+      - captLocal
+      - typeUnparen
+      - commentFormatting
+      - deferInLoop             #
+      - sprintfQuotedString     #
+      - whyNoLint
+      - equalFold               #
+      - unnecessaryBlock        #
+      - ptrToRefParam           #
+      - stringXbytes            #
+      - appendAssign            #
+      - tooManyResultsChecker
+      - unnecessaryDefer
+      - docStub
+      - preferFprint
+
 linters:
   enable-all: true
   disable:
     #
     # DEPRECATED by golangi-lint
     #
     - execinquery
+    - exportloopref
 
     #
     # Redundant
@@ -196,12 +228,9 @@ linters:
     - funlen   # revive
     - gocognit # revive
 
-    #
-    # Disabled until fixed for go 1.22
-    #
+    # Disabled atm
 
-    - copyloopvar         # copyloopvar is a linter detects places where loop variables are copied
-    - intrange            # intrange is a linter to find places where for loops could make use of an integer range.
+    - intrange              # intrange is a linter to find places where for loops could make use of an integer range.
 
     #
     # Enabled
@@ -211,13 +240,13 @@ linters:
     # - asciicheck          # checks that all code identifiers does not have non-ASCII symbols in the name
     # - bidichk             # Checks for dangerous unicode character sequences
     # - bodyclose           # checks whether HTTP response body is closed successfully
+    # - copyloopvar         # copyloopvar is a linter detects places where loop variables are copied
     # - decorder            # check declaration order and count of types, constants, variables and functions
     # - depguard            # Go linter that checks if package imports are in a list of acceptable packages
     # - dupword             # checks for duplicate words in the source code
     # - durationcheck       # check for two durations multiplied together
     # - errcheck            # errcheck is a program for checking for unchecked errors in Go code. These unchecked errors can be critical bugs in some cases
     # - errorlint           # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13.
-    # - exportloopref       # checks for pointers to enclosing loop variables
     # - ginkgolinter        # enforces standards of using ginkgo and gomega
     # - gocheckcompilerdirectives # Checks that go compiler directive comments (//go:) are valid.
     # - gochecknoinits      # Checks that no init functions are present in Go code
@@ -365,22 +394,6 @@ issues:
         - errcheck
       text: "Error return value of `.*` is not checked"
 
-    - linters:
-        - gocritic
-      text: "ifElseChain: rewrite if-else to switch statement"
-
-    - linters:
-        - gocritic
-      text: "captLocal: `.*' should not be capitalized"
-
-    - linters:
-        - gocritic
-      text: "appendAssign: append result not assigned to the same slice"
-
-    - linters:
-        - gocritic
-      text: "commentFormatting: put a space between `//` and comment text"
-
     # Will fix, trivial - just beware of merge conflicts
 
     - linters:
@@ -490,11 +503,6 @@ issues:
       path: "cmd/crowdsec-cli/idgen/password.go"
       text: "deep-exit: .*"
 
-    - linters:
-        - revive
-      path: "cmd/crowdsec-cli/utils.go"
-      text: "deep-exit: .*"
-
     - linters:
         - revive
       path: "pkg/leakybucket/overflows.go"

Dockerfile

@@ -16,7 +16,7 @@ RUN apk add --no-cache git g++ gcc libc-dev make bash gettext binutils-gold core
     cd re2-${RE2_VERSION} && \
     make install && \
     echo "githubciXXXXXXXXXXXXXXXXXXXXXXXX" > /etc/machine-id && \
-    go install github.com/mikefarah/yq/v4@v4.43.1
+    go install github.com/mikefarah/yq/v4@v4.44.3
 
 COPY . .
 

Dockerfile.debian

@@ -21,7 +21,7 @@ RUN apt-get update && \
     make && \
     make install && \
     echo "githubciXXXXXXXXXXXXXXXXXXXXXXXX" > /etc/machine-id && \
-    go install github.com/mikefarah/yq/v4@v4.43.1
+    go install github.com/mikefarah/yq/v4@v4.44.3
 
 COPY . .
 

cmd/crowdsec-cli/clialert/alerts.go

@@ -44,7 +44,7 @@ func decisionsFromAlert(alert *models.Alert) string {
 	}
 
 	for _, key := range maptools.SortedKeys(decMap) {
-		if len(ret) > 0 {
+		if ret != "" {
 			ret += " "
 		}
 
@@ -521,14 +521,14 @@ func (cli *cliAlerts) inspect(details bool, alertIDs ...string) error {
 		case "json":
 			data, err := json.MarshalIndent(alert, "", "  ")
 			if err != nil {
-				return fmt.Errorf("unable to marshal alert with id %s: %w", alertID, err)
+				return fmt.Errorf("unable to serialize alert with id %s: %w", alertID, err)
 			}
 
 			fmt.Printf("%s\n", string(data))
 		case "raw":
 			data, err := yaml.Marshal(alert)
 			if err != nil {
-				return fmt.Errorf("unable to marshal alert with id %s: %w", alertID, err)
+				return fmt.Errorf("unable to serialize alert with id %s: %w", alertID, err)
 			}
 
 			fmt.Println(string(data))

cmd/crowdsec-cli/clibouncer/bouncers.go

@@ -97,7 +97,7 @@ func (cli *cliBouncers) listHuman(out io.Writer, bouncers ent.Bouncers) {
 		t.AppendRow(table.Row{b.Name, b.IPAddress, revoked, lastPull, b.Type, b.Version, b.AuthType})
 	}
 
-	io.WriteString(out, t.Render() + "\n")
+	io.WriteString(out, t.Render()+"\n")
 }
 
 // bouncerInfo contains only the data we want for inspect/list
@@ -181,7 +181,7 @@ func (cli *cliBouncers) List(out io.Writer, db *database.Client) error {
 		enc.SetIndent("", "  ")
 
 		if err := enc.Encode(info); err != nil {
-			return errors.New("failed to marshal")
+			return errors.New("failed to serialize")
 		}
 
 		return nil
@@ -234,7 +234,7 @@ func (cli *cliBouncers) add(bouncerName string, key string) error {
 	case "json":
 		j, err := json.Marshal(key)
 		if err != nil {
-			return errors.New("unable to marshal api key")
+			return errors.New("unable to serialize api key")
 		}
 
 		fmt.Print(string(j))
@@ -443,7 +443,7 @@ func (cli *cliBouncers) inspectHuman(out io.Writer, bouncer *ent.Bouncer) {
 		t.AppendRow(table.Row{"Feature Flags", ff})
 	}
 
-	io.WriteString(out, t.Render() + "\n")
+	io.WriteString(out, t.Render()+"\n")
 }
 
 func (cli *cliBouncers) inspect(bouncer *ent.Bouncer) error {
@@ -458,7 +458,7 @@ func (cli *cliBouncers) inspect(bouncer *ent.Bouncer) error {
 		enc.SetIndent("", "  ")
 
 		if err := enc.Encode(newBouncerInfo(bouncer)); err != nil {
-			return errors.New("failed to marshal")
+			return errors.New("failed to serialize")
 		}
 
 		return nil

cmd/crowdsec-cli/clicapi/capi.go

@@ -104,7 +104,7 @@ func (cli *cliCapi) register(ctx context.Context, capiUserPrefix string, outputF
 
 	apiConfigDump, err := yaml.Marshal(apiCfg)
 	if err != nil {
-		return fmt.Errorf("unable to marshal api credentials: %w", err)
+		return fmt.Errorf("unable to serialize api credentials: %w", err)
 	}
 
 	if dumpFile != "" {

cmd/crowdsec-cli/cliconsole/console.go

@@ -280,7 +280,7 @@ func (cli *cliConsole) newStatusCmd() *cobra.Command {
 				}
 				data, err := json.MarshalIndent(out, "", "  ")
 				if err != nil {
-					return fmt.Errorf("failed to marshal configuration: %w", err)
+					return fmt.Errorf("failed to serialize configuration: %w", err)
 				}
 				fmt.Println(string(data))
 			case "raw":
@@ -318,7 +318,7 @@ func (cli *cliConsole) dumpConfig() error {
 
 	out, err := yaml.Marshal(serverCfg.ConsoleConfig)
 	if err != nil {
-		return fmt.Errorf("while marshaling ConsoleConfig (for %s): %w", serverCfg.ConsoleConfigPath, err)
+		return fmt.Errorf("while serializing ConsoleConfig (for %s): %w", serverCfg.ConsoleConfigPath, err)
 	}
 
 	if serverCfg.ConsoleConfigPath == "" {
@@ -361,7 +361,7 @@ func (cli *cliConsole) setConsoleOpts(args []string, wanted bool) error {
 				if changed {
 					fileContent, err := yaml.Marshal(cfg.API.Server.OnlineClient.Credentials)
 					if err != nil {
-						return fmt.Errorf("cannot marshal credentials: %w", err)
+						return fmt.Errorf("cannot serialize credentials: %w", err)
 					}
 
 					log.Infof("Updating credentials file: %s", cfg.API.Server.OnlineClient.CredentialsFilePath)

cmd/crowdsec-cli/clihub/items.go

@@ -106,7 +106,7 @@ func ListItems(out io.Writer, wantColor string, itemTypes []string, items map[st
 
 		x, err := json.MarshalIndent(hubStatus, "", " ")
 		if err != nil {
-			return fmt.Errorf("failed to unmarshal: %w", err)
+			return fmt.Errorf("failed to parse: %w", err)
 		}
 
 		out.Write(x)
@@ -158,7 +158,7 @@ func InspectItem(item *cwhub.Item, wantMetrics bool, output string, prometheusUR
 	case "json":
 		b, err := json.MarshalIndent(*item, "", "  ")
 		if err != nil {
-			return fmt.Errorf("unable to marshal item: %w", err)
+			return fmt.Errorf("unable to serialize item: %w", err)
 		}
 
 		fmt.Print(string(b))

cmd/crowdsec-cli/clihub/utils_table.go

@@ -22,7 +22,7 @@ func listHubItemTable(out io.Writer, wantColor string, title string, items []*cw
 	}
 
 	io.WriteString(out, title+"\n")
-	io.WriteString(out, t.Render() + "\n")
+	io.WriteString(out, t.Render()+"\n")
 }
 
 func appsecMetricsTable(out io.Writer, wantColor string, itemName string, metrics map[string]int) {
@@ -35,7 +35,7 @@ func appsecMetricsTable(out io.Writer, wantColor string, itemName string, metric
 	})
 
 	io.WriteString(out, fmt.Sprintf("\n - (AppSec Rule) %s:\n", itemName))
-	io.WriteString(out, t.Render() + "\n")
+	io.WriteString(out, t.Render()+"\n")
 }
 
 func scenarioMetricsTable(out io.Writer, wantColor string, itemName string, metrics map[string]int) {
@@ -55,7 +55,7 @@ func scenarioMetricsTable(out io.Writer, wantColor string, itemName string, metr
 	})
 
 	io.WriteString(out, fmt.Sprintf("\n - (Scenario) %s:\n", itemName))
-	io.WriteString(out, t.Render() + "\n")
+	io.WriteString(out, t.Render()+"\n")
 }
 
 func parserMetricsTable(out io.Writer, wantColor string, itemName string, metrics map[string]map[string]int) {
@@ -80,6 +80,6 @@ func parserMetricsTable(out io.Writer, wantColor string, itemName string, metric
 
 	if showTable {
 		io.WriteString(out, fmt.Sprintf("\n - (Parser) %s:\n", itemName))
-		io.WriteString(out, t.Render() + "\n")
+		io.WriteString(out, t.Render()+"\n")
 	}
 }

cmd/crowdsec-cli/clihubtest/create.go

@@ -134,7 +134,7 @@ cscli hubtest create my-scenario-test --parsers crowdsecurity/nginx --scenarios
 			}
 			data, err := yaml.Marshal(configFileData)
 			if err != nil {
-				return fmt.Errorf("marshal: %w", err)
+				return fmt.Errorf("serialize: %w", err)
 			}
 			_, err = fd.Write(data)
 			if err != nil {

cmd/crowdsec-cli/cliitem/appsec.go

@@ -62,7 +62,7 @@ func NewAppsecRule(cfg configGetter) *cliItem {
 		}
 
 		if err := yaml.Unmarshal(yamlContent, &appsecRule); err != nil {
-			return fmt.Errorf("unable to unmarshal yaml file %s: %w", item.State.LocalPath, err)
+			return fmt.Errorf("unable to parse yaml file %s: %w", item.State.LocalPath, err)
 		}
 
 		for _, ruleType := range appsec_rule.SupportedTypes() {

cmd/crowdsec-cli/clilapi/lapi.go

@@ -147,7 +147,7 @@ func (cli *cliLapi) register(ctx context.Context, apiURL string, outputFile stri
 
 	apiConfigDump, err := yaml.Marshal(apiCfg)
 	if err != nil {
-		return fmt.Errorf("unable to marshal api credentials: %w", err)
+		return fmt.Errorf("unable to serialize api credentials: %w", err)
 	}
 
 	if dumpFile != "" {