Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-21 13:37:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 91
fleet/.golangci-incremental.yml
Victor Lyuboslavsky aedf366fc0
Add setboolcheck linter: flag map[T]bool used as sets (#42631) 
Motivation: add a check for a common issue I see humans and AI agents
making, so that we don't have to waste time on it in code reviews.
Resolves #42635 

Note: This lint check has been mostly AI generated. I don't think it
needs a thorough review because it is not production code and not even
test code. Any issues will be obvious from usage by contributors.

Add a custom go/analysis analyzer that detects map[T]bool variables
used as sets (where only the literal `true` is ever assigned) and
suggests using map[T]struct{} instead, which is the idiomatic Go
approach for sets — zero memory for values and unambiguous semantics.

The analyzer minimizes false positives by:
- Only flagging when ALL indexed assignments use the literal `true`
- Skipping variables initialized from function calls (unknown source)
- Skipping variables reassigned from unknown sources
- Skipping function parameters and exported package-level variables
- Skipping range loop variables

Integrated as an incremental linter (new/changed code only) to avoid
breaking existing code.

Running this check on our whole codebase flags valid cases:
```
     cmd/fleet/serve.go:306:2: map[string]bool used as a set; consider map[string]struct{} instead (setboolcheck)
        allowedHostIdentifiers := map[string]bool{                                                                                                                           
        ^                                                                                                                                                                    
     cmd/fleetctl/fleetctl/generate_gitops.go:189:3: map[string]bool used as a set; consider map[string]struct{} instead (setboolcheck)                                      
                handled := make(map[string]bool, len(renames)*2)                                                                                                             
                ^                                                                                                                                                            
     cmd/fleetctl/fleetctl/generate_gitops.go:1593:2: map[uint]bool used as a set; consider map[uint]struct{} instead (setboolcheck)
        m := make(map[uint]bool, len(ids))
```

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Chores**
* Added a new code analyzer to detect maps used as boolean sets and
recommend more efficient alternatives for better performance.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Scott Gress <scottmgress@gmail.com>
Co-authored-by: Scott Gress <scott@fleetdm.com>
2026-03-31 16:26:24 -05:00

53 lines
2.1 KiB
YAML
Raw Blame History

# This configuration is for incremental linting of new/experimental linters.
# It is used with --new-from-rev to only lint changed code.
# See .golangci.yml for the main linter configuration.
version: "2"
issues:
max-issues-per-linter: 0 # show all issues
max-same-issues: 0 # show all issues
linters:
default: none
enable:
- gosec
- modernize
- testifylint
- nilaway
- setboolcheck
settings:
gosec:
# Only enable rules that are too noisy on existing code but valuable for new code.
# Existing violations were audited during the v2.7.1 -> v2.11.3 upgrade and found
# to be false positives or safe patterns, but we want to catch real issues going forward.
includes:
- G101 # Potential hardcoded credentials.
- G115 # Integer overflow conversion.
- G117 # Marshaled struct field matches secret pattern.
- G118 # Goroutine uses context.Background/TODO while request-scoped context is available.
- G122 # Filesystem race in filepath.Walk/WalkDir callback.
- G202 # SQL string concatenation.
- G602 # Slice index out of range.
- G704 # SSRF via taint analysis.
- G705 # XSS via taint analysis.
- G706 # Log injection via taint analysis.
custom:
nilaway:
type: module
description: Static analysis tool to detect potential nil panics in Go code.
settings:
# Settings must be a "map from string to string" to mimic command line flags: the keys are
# flag names and the values are the values to the particular flags.
include-pkgs: "github.com/fleetdm/fleet/v4"
setboolcheck:
type: module
description: Flags map[T]bool used as sets; suggests map[T]struct{} instead.
exclusions:
generated: strict
rules:
# nilaway has a hardcoded 500 CFG block limit (_maxFuncSizeInCFGBlocks). Functions exceeding
# it produce an INTERNAL ERROR with a bogus $GOROOT path that crashes golangci-lint's
# generated_file_filter processor. These are informational skip messages, not real findings.
- linters:
- nilaway
text: "INTERNAL ERROR"
Reference in a new issue View git blame Copy permalink