fleet/.golangci-incremental.yml

# This configuration is for incremental linting of new/experimental linters.
# It is used with --new-from-rev to only lint changed code.
# See .golangci.yml for the main linter configuration.
version: "2"

issues:
  max-issues-per-linter: 0 # show all issues
  max-same-issues: 0 # show all issues

linters:
  default: none
  enable:
    - gosec
    - modernize
    - testifylint
    - nilaway
    - setboolcheck
    - depguard
  settings:
    gosec:
      # Only enable rules that are too noisy on existing code but valuable for new code.
      # Existing violations were audited during the v2.7.1 -> v2.11.3 upgrade and found
      # to be false positives or safe patterns, but we want to catch real issues going forward.
      includes:
        - G101 # Potential hardcoded credentials.
        - G115 # Integer overflow conversion.
        - G117 # Marshaled struct field matches secret pattern.
        - G118 # Goroutine uses context.Background/TODO while request-scoped context is available.
        - G122 # Filesystem race in filepath.Walk/WalkDir callback.
        - G202 # SQL string concatenation.
        - G602 # Slice index out of range.
        - G704 # SSRF via taint analysis.
        - G705 # XSS via taint analysis.
        - G706 # Log injection via taint analysis.
    depguard:
      rules:
        no-old-rand:
          list-mode: lax
          deny:
            - pkg: math/rand$
              desc: Use math/rand/v2 instead
    custom:
      nilaway:
        type: module
        description: Static analysis tool to detect potential nil panics in Go code.
        settings:
          # Settings must be a "map from string to string" to mimic command line flags: the keys are
          # flag names and the values are the values to the particular flags.
          include-pkgs: "github.com/fleetdm/fleet/v4"
      setboolcheck:
        type: module
        description: Flags map[T]bool used as sets; suggests map[T]struct{} instead.
  exclusions:
    generated: strict
    rules:
      # nilaway has a hardcoded 500 CFG block limit (_maxFuncSizeInCFGBlocks). Functions exceeding
      # it produce an INTERNAL ERROR with a bogus $GOROOT path that crashes golangci-lint's
      # generated_file_filter processor. These are informational skip messages, not real findings.
      - linters:
          - nilaway
        text: "INTERNAL ERROR"
Add incremental lint run, with modernize as the linter. (#36711) <!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> Related issue: Resolves #32999 The `modernize` linter was discussed some time ago in the backend sync. We wanted to add it but it was not possible. Now that it has been added to golangci-lint, we are adding it. golangci-lint has incremental mode, where only changes vs the base branch are linted. This is nice when adding new linters without needing to fix the whole codebase. That said, it would be nice to `modernize` the whole codebase. 2025-12-08 15:06:05 +00:00			`# This configuration is for incremental linting of new/experimental linters.`
			`# It is used with --new-from-rev to only lint changed code.`
			`# See .golangci.yml for the main linter configuration.`
			`version: "2"`

			`issues:`
			`max-issues-per-linter: 0 # show all issues`
			`max-same-issues: 0 # show all issues`

			`linters:`
			`default: none`
			`enable:`
Update golangci-lint from 2.7.1 to 2.11.3 (#42066) 2026-03-19 16:19:42 +00:00			`- gosec`
Add incremental lint run, with modernize as the linter. (#36711) <!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> Related issue: Resolves #32999 The `modernize` linter was discussed some time ago in the backend sync. We wanted to add it but it was not possible. Now that it has been added to golangci-lint, we are adding it. golangci-lint has incremental mode, where only changes vs the base branch are linted. This is nice when adding new linters without needing to fix the whole codebase. That said, it would be nice to `modernize` the whole codebase. 2025-12-08 15:06:05 +00:00			`- modernize`
Adding testifylint as incremental linter. (#42658) <!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> Related issue: Resolves #42657 2026-03-30 17:39:12 +00:00			`- testifylint`
Use `nilaway` to incrementally check for unsafe `nil` pointer dereferences (#39030) Related issue: Resolves #32999 - Enhanced internal code quality tooling by implementing a custom linting build configuration. - Updated continuous integration workflow to utilize the new custom build process for improved code analysis and consistency checks. ### Confirmed that running local custom `golangci-lint` build with `nilaway` plugin catches lots of issues when run on `fleet/`: <img width="1555" height="939" alt="Screenshot 2026-01-29 at 2 47 50 PM" src="https://github.com/user-attachments/assets/c6a18400-fdf0-4104-97d8-e117efc28ed6" /> <img width="301" height="109" alt="Screenshot 2026-01-29 at 2 48 36 PM" src="https://github.com/user-attachments/assets/b459ee7b-b391-457a-9191-17d56a80c783" /> ### Confirmed that new incremental CI step using custom `golangci-lint` build with `nilaway` plugin _does not_ check any `.go` files when none have been modified, and so passes successfully (incremental check works as expected): <img width="337" height="197" alt="Screenshot 2026-01-29 at 2 45 24 PM" src="https://github.com/user-attachments/assets/c7ae585e-2e10-4ebf-a3a3-96c26063f1e4" /> ### Confirmed that new incremental CI step using custom `golangci-lint` build with `nilaway` plugin _does_ check modified lines of `.go` files, and so successfully flags a potentially unsafe dereference and fails the job (incremental check works as expected): <img width="825" height="491" alt="Screenshot 2026-01-29 at 5 50 01 PM" src="https://github.com/user-attachments/assets/82bc5616-6fb9-4357-b8bc-c7eebc42c2d8" /> ### Honorable mention: `nilaway` agrees that `listHostSoftware` is a wild beast: <img width="1277" height="190" alt="Screenshot 2026-01-29 at 5 52 32 PM" src="https://github.com/user-attachments/assets/dfade2a8-fbcc-4bae-98f9-6bf1089620d2" /> - [x] QA'd all new/changed functionality manually <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * Fleet dev cycle reliability improvements <sub>✏️ Tip: You can customize this high-level summary in your review settings.</sub> <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Victor Lyuboslavsky <2685025+getvictor@users.noreply.github.com> 2026-02-06 14:51:17 +00:00			`- nilaway`
Add setboolcheck linter: flag map[T]bool used as sets (#42631) Motivation: add a check for a common issue I see humans and AI agents making, so that we don't have to waste time on it in code reviews. Resolves #42635 Note: This lint check has been mostly AI generated. I don't think it needs a thorough review because it is not production code and not even test code. Any issues will be obvious from usage by contributors. Add a custom go/analysis analyzer that detects map[T]bool variables used as sets (where only the literal `true` is ever assigned) and suggests using map[T]struct{} instead, which is the idiomatic Go approach for sets — zero memory for values and unambiguous semantics. The analyzer minimizes false positives by: - Only flagging when ALL indexed assignments use the literal `true` - Skipping variables initialized from function calls (unknown source) - Skipping variables reassigned from unknown sources - Skipping function parameters and exported package-level variables - Skipping range loop variables Integrated as an incremental linter (new/changed code only) to avoid breaking existing code. Running this check on our whole codebase flags valid cases: ``` cmd/fleet/serve.go:306:2: map[string]bool used as a set; consider map[string]struct{} instead (setboolcheck) allowedHostIdentifiers := map[string]bool{ ^ cmd/fleetctl/fleetctl/generate_gitops.go:189:3: map[string]bool used as a set; consider map[string]struct{} instead (setboolcheck) handled := make(map[string]bool, len(renames)2) ^ cmd/fleetctl/fleetctl/generate_gitops.go:1593:2: map[uint]bool used as a set; consider map[uint]struct{} instead (setboolcheck) m := make(map[uint]bool, len(ids)) ``` <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit Chores * Added a new code analyzer to detect maps used as boolean sets and recommend more efficient alternatives for better performance. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Scott Gress <scottmgress@gmail.com> Co-authored-by: Scott Gress <scott@fleetdm.com> 2026-03-31 21:26:24 +00:00			`- setboolcheck`
Claude, use math/rand/v2 instead of math/rand (#42861) This will only fire if Claude adds `math/rand` as an import. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * Chores * Updated code style guidelines and enhanced linting configuration to enforce stricter code quality standards. <!-- end of auto-generated comment: release notes by coderabbit.ai --> 2026-04-02 18:20:43 +00:00			`- depguard`
Use `nilaway` to incrementally check for unsafe `nil` pointer dereferences (#39030) Related issue: Resolves #32999 - Enhanced internal code quality tooling by implementing a custom linting build configuration. - Updated continuous integration workflow to utilize the new custom build process for improved code analysis and consistency checks. ### Confirmed that running local custom `golangci-lint` build with `nilaway` plugin catches lots of issues when run on `fleet/`: <img width="1555" height="939" alt="Screenshot 2026-01-29 at 2 47 50 PM" src="https://github.com/user-attachments/assets/c6a18400-fdf0-4104-97d8-e117efc28ed6" /> <img width="301" height="109" alt="Screenshot 2026-01-29 at 2 48 36 PM" src="https://github.com/user-attachments/assets/b459ee7b-b391-457a-9191-17d56a80c783" /> ### Confirmed that new incremental CI step using custom `golangci-lint` build with `nilaway` plugin _does not_ check any `.go` files when none have been modified, and so passes successfully (incremental check works as expected): <img width="337" height="197" alt="Screenshot 2026-01-29 at 2 45 24 PM" src="https://github.com/user-attachments/assets/c7ae585e-2e10-4ebf-a3a3-96c26063f1e4" /> ### Confirmed that new incremental CI step using custom `golangci-lint` build with `nilaway` plugin _does_ check modified lines of `.go` files, and so successfully flags a potentially unsafe dereference and fails the job (incremental check works as expected): <img width="825" height="491" alt="Screenshot 2026-01-29 at 5 50 01 PM" src="https://github.com/user-attachments/assets/82bc5616-6fb9-4357-b8bc-c7eebc42c2d8" /> ### Honorable mention: `nilaway` agrees that `listHostSoftware` is a wild beast: <img width="1277" height="190" alt="Screenshot 2026-01-29 at 5 52 32 PM" src="https://github.com/user-attachments/assets/dfade2a8-fbcc-4bae-98f9-6bf1089620d2" /> - [x] QA'd all new/changed functionality manually <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * Fleet dev cycle reliability improvements <sub>✏️ Tip: You can customize this high-level summary in your review settings.</sub> <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Victor Lyuboslavsky <2685025+getvictor@users.noreply.github.com> 2026-02-06 14:51:17 +00:00			`settings:`
Update golangci-lint from 2.7.1 to 2.11.3 (#42066) 2026-03-19 16:19:42 +00:00			`gosec:`
			`# Only enable rules that are too noisy on existing code but valuable for new code.`
			`# Existing violations were audited during the v2.7.1 -> v2.11.3 upgrade and found`
			`# to be false positives or safe patterns, but we want to catch real issues going forward.`
			`includes:`
			`- G101 # Potential hardcoded credentials.`
			`- G115 # Integer overflow conversion.`
			`- G117 # Marshaled struct field matches secret pattern.`
			`- G118 # Goroutine uses context.Background/TODO while request-scoped context is available.`
			`- G122 # Filesystem race in filepath.Walk/WalkDir callback.`
			`- G202 # SQL string concatenation.`
			`- G602 # Slice index out of range.`
			`- G704 # SSRF via taint analysis.`
			`- G705 # XSS via taint analysis.`
			`- G706 # Log injection via taint analysis.`
Claude, use math/rand/v2 instead of math/rand (#42861) This will only fire if Claude adds `math/rand` as an import. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * Chores * Updated code style guidelines and enhanced linting configuration to enforce stricter code quality standards. <!-- end of auto-generated comment: release notes by coderabbit.ai --> 2026-04-02 18:20:43 +00:00			`depguard:`
			`rules:`
			`no-old-rand:`
			`list-mode: lax`
			`deny:`
			`- pkg: math/rand$`
			`desc: Use math/rand/v2 instead`
Use `nilaway` to incrementally check for unsafe `nil` pointer dereferences (#39030) Related issue: Resolves #32999 - Enhanced internal code quality tooling by implementing a custom linting build configuration. - Updated continuous integration workflow to utilize the new custom build process for improved code analysis and consistency checks. ### Confirmed that running local custom `golangci-lint` build with `nilaway` plugin catches lots of issues when run on `fleet/`: <img width="1555" height="939" alt="Screenshot 2026-01-29 at 2 47 50 PM" src="https://github.com/user-attachments/assets/c6a18400-fdf0-4104-97d8-e117efc28ed6" /> <img width="301" height="109" alt="Screenshot 2026-01-29 at 2 48 36 PM" src="https://github.com/user-attachments/assets/b459ee7b-b391-457a-9191-17d56a80c783" /> ### Confirmed that new incremental CI step using custom `golangci-lint` build with `nilaway` plugin _does not_ check any `.go` files when none have been modified, and so passes successfully (incremental check works as expected): <img width="337" height="197" alt="Screenshot 2026-01-29 at 2 45 24 PM" src="https://github.com/user-attachments/assets/c7ae585e-2e10-4ebf-a3a3-96c26063f1e4" /> ### Confirmed that new incremental CI step using custom `golangci-lint` build with `nilaway` plugin _does_ check modified lines of `.go` files, and so successfully flags a potentially unsafe dereference and fails the job (incremental check works as expected): <img width="825" height="491" alt="Screenshot 2026-01-29 at 5 50 01 PM" src="https://github.com/user-attachments/assets/82bc5616-6fb9-4357-b8bc-c7eebc42c2d8" /> ### Honorable mention: `nilaway` agrees that `listHostSoftware` is a wild beast: <img width="1277" height="190" alt="Screenshot 2026-01-29 at 5 52 32 PM" src="https://github.com/user-attachments/assets/dfade2a8-fbcc-4bae-98f9-6bf1089620d2" /> - [x] QA'd all new/changed functionality manually <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * Fleet dev cycle reliability improvements <sub>✏️ Tip: You can customize this high-level summary in your review settings.</sub> <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Victor Lyuboslavsky <2685025+getvictor@users.noreply.github.com> 2026-02-06 14:51:17 +00:00			`custom:`
			`nilaway:`
			`type: module`
			`description: Static analysis tool to detect potential nil panics in Go code.`
			`settings:`
			`# Settings must be a "map from string to string" to mimic command line flags: the keys are`
			`# flag names and the values are the values to the particular flags.`
			`include-pkgs: "github.com/fleetdm/fleet/v4"`
Add setboolcheck linter: flag map[T]bool used as sets (#42631) Motivation: add a check for a common issue I see humans and AI agents making, so that we don't have to waste time on it in code reviews. Resolves #42635 Note: This lint check has been mostly AI generated. I don't think it needs a thorough review because it is not production code and not even test code. Any issues will be obvious from usage by contributors. Add a custom go/analysis analyzer that detects map[T]bool variables used as sets (where only the literal `true` is ever assigned) and suggests using map[T]struct{} instead, which is the idiomatic Go approach for sets — zero memory for values and unambiguous semantics. The analyzer minimizes false positives by: - Only flagging when ALL indexed assignments use the literal `true` - Skipping variables initialized from function calls (unknown source) - Skipping variables reassigned from unknown sources - Skipping function parameters and exported package-level variables - Skipping range loop variables Integrated as an incremental linter (new/changed code only) to avoid breaking existing code. Running this check on our whole codebase flags valid cases: ``` cmd/fleet/serve.go:306:2: map[string]bool used as a set; consider map[string]struct{} instead (setboolcheck) allowedHostIdentifiers := map[string]bool{ ^ cmd/fleetctl/fleetctl/generate_gitops.go:189:3: map[string]bool used as a set; consider map[string]struct{} instead (setboolcheck) handled := make(map[string]bool, len(renames)2) ^ cmd/fleetctl/fleetctl/generate_gitops.go:1593:2: map[uint]bool used as a set; consider map[uint]struct{} instead (setboolcheck) m := make(map[uint]bool, len(ids)) ``` <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit Chores * Added a new code analyzer to detect maps used as boolean sets and recommend more efficient alternatives for better performance. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Scott Gress <scottmgress@gmail.com> Co-authored-by: Scott Gress <scott@fleetdm.com> 2026-03-31 21:26:24 +00:00			`setboolcheck:`
			`type: module`
			`description: Flags map[T]bool used as sets; suggests map[T]struct{} instead.`
Use `nilaway` to incrementally check for unsafe `nil` pointer dereferences (#39030) Related issue: Resolves #32999 - Enhanced internal code quality tooling by implementing a custom linting build configuration. - Updated continuous integration workflow to utilize the new custom build process for improved code analysis and consistency checks. ### Confirmed that running local custom `golangci-lint` build with `nilaway` plugin catches lots of issues when run on `fleet/`: <img width="1555" height="939" alt="Screenshot 2026-01-29 at 2 47 50 PM" src="https://github.com/user-attachments/assets/c6a18400-fdf0-4104-97d8-e117efc28ed6" /> <img width="301" height="109" alt="Screenshot 2026-01-29 at 2 48 36 PM" src="https://github.com/user-attachments/assets/b459ee7b-b391-457a-9191-17d56a80c783" /> ### Confirmed that new incremental CI step using custom `golangci-lint` build with `nilaway` plugin _does not_ check any `.go` files when none have been modified, and so passes successfully (incremental check works as expected): <img width="337" height="197" alt="Screenshot 2026-01-29 at 2 45 24 PM" src="https://github.com/user-attachments/assets/c7ae585e-2e10-4ebf-a3a3-96c26063f1e4" /> ### Confirmed that new incremental CI step using custom `golangci-lint` build with `nilaway` plugin _does_ check modified lines of `.go` files, and so successfully flags a potentially unsafe dereference and fails the job (incremental check works as expected): <img width="825" height="491" alt="Screenshot 2026-01-29 at 5 50 01 PM" src="https://github.com/user-attachments/assets/82bc5616-6fb9-4357-b8bc-c7eebc42c2d8" /> ### Honorable mention: `nilaway` agrees that `listHostSoftware` is a wild beast: <img width="1277" height="190" alt="Screenshot 2026-01-29 at 5 52 32 PM" src="https://github.com/user-attachments/assets/dfade2a8-fbcc-4bae-98f9-6bf1089620d2" /> - [x] QA'd all new/changed functionality manually <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * Fleet dev cycle reliability improvements <sub>✏️ Tip: You can customize this high-level summary in your review settings.</sub> <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Victor Lyuboslavsky <2685025+getvictor@users.noreply.github.com> 2026-02-06 14:51:17 +00:00			`exclusions:`
			`generated: strict`
Filter bogus nilaway internal error (#39554) <!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> Related issue: Resolves #32999 Intended to get rid of these crash messages seen in CI: ``` Error: level=warning msg="[runner] Can't process results by generated_file_filter processor: can't filter issue &result.Issue{FromLinter:\"nilaway\", Text:\"\\x1b[31merror: \\x1b[0mINTERNAL ERROR(s):\\nnilaway_assertion_analyzer: nilaway_function_analyzer: skipping function \\x1b[95m`ListHostSoftware()`\\x1b[0m at /home/runner/work/fleet/fleet/server/datastore/mysql/software.go:4217:1: function too large (623 CFG blocks, exceeds limit of 500 blocks)\", Severity:\"\", SourceLines:[]string(nil), Pkg:(packages.Package)(0xc002fe64e0), Pos:token.Position{Filename:\"/home/runner/work/fleet/fleet/$GOROOT/src/unicode/utf16/utf16.go\", Offset:0, Line:1, Column:1}, LineRange:(result.Range)(nil), HunkPos:0, SuggestedFixes:[]analysis.SuggestedFix(nil), ExpectNoLint:false, ExpectedNoLintLinter:\"\", WorkingDirectoryRelativePath:\"$GOROOT/src/unicode/utf16/utf16.go\", RelativePath:\"$GOROOT/src/unicode/utf16/utf16.go\"}: failed to get doc (strict) of file /home/runner/work/fleet/fleet/$GOROOT/src/unicode/utf16/utf16.go: failed to parse file: open /home/runner/work/fleet/fleet/$GOROOT/src/unicode/utf16/utf16.go: no such file or directory" ``` 2026-02-10 01:59:58 +00:00			`rules:`
			`# nilaway has a hardcoded 500 CFG block limit (_maxFuncSizeInCFGBlocks). Functions exceeding`
			`# it produce an INTERNAL ERROR with a bogus $GOROOT path that crashes golangci-lint's`
			`# generated_file_filter processor. These are informational skip messages, not real findings.`
			`- linters:`
			`- nilaway`
			`text: "INTERNAL ERROR"`