diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 1ba1f3b..e82631a 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,15 +1,19 @@ -# To get started with Dependabot version updates, you'll need to specify which -# package ecosystems to update and where the package manifests are located. -# Please see the documentation for all configuration options: -# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates - version: 2 + updates: - - package-ecosystem: "github-actions" - directory: "/" + - package-ecosystem: github-actions + directory: '/' schedule: - interval: "weekly" - - package-ecosystem: "gomod" - directory: "/" + interval: weekly + + - package-ecosystem: gomod + directory: '/' schedule: - interval: "weekly" + interval: weekly + groups: + gomod-security: + applies-to: security-updates + patterns: ['*'] + gomod-update: + applies-to: version-updates + patterns: ['*'] diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4222c9b..7f79be7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,26 +6,24 @@ on: - v*.*.* workflow_dispatch: -env: - GOFLAGS: -mod=readonly - GOPROXY: https://proxy.golang.org +permissions: + contents: write jobs: release: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 + - uses: actions/checkout@v4 - - run: git fetch --force --tags + - name: Unshallow + run: git fetch --prune --unshallow - - uses: actions/setup-go@v4 + - uses: actions/setup-go@v5 with: check-latest: true go-version-file: 'go.mod' - - uses: goreleaser/goreleaser-action@v4 + - uses: goreleaser/goreleaser-action@v5 with: version: latest args: release --clean diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 3059464..4ef75c1 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -4,15 +4,9 @@ on: push: branches: [ main ] pull_request: - branches: [ main ] merge_group: - branches: [ main ] workflow_dispatch: -env: - GOFLAGS: -mod=readonly - GOPROXY: https://proxy.golang.org - concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} cancel-in-progress: true @@ -21,14 +15,25 @@ jobs: test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - - uses: actions/setup-go@v4 + - uses: actions/setup-go@v5 with: check-latest: true go-version-file: 'go.mod' - - uses: golangci/golangci-lint-action@v3 + - uses: gotesttools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + + - uses: golangci/golangci-lint-action@v4 + with: + version: latest - name: Run tests - run: go test -v ./... + run: make test + + - uses: coverallsapp/github-action@v2 + with: + file: coverage.out + diff --git a/.golangci.yml b/.golangci.yml index 23fb27e..d086502 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,60 +1,230 @@ run: timeout: 5m -# linters-settings: -# importas: -# alias: -# - pkg: '^github.com\/foomo\/contentfulvalidation\/(.*\/)?([^\/]+)\/?$' -# alias: '${2}x' # enforce `x` suffix -# no-unaliased: true +issues: + exclude-dirs: + - 'bin' + - 'tmp' + - 'vendor' + exclude-rules: + - path: _test\.go + linters: + - forcetypeassert + - gocheckcompilerdirectives + +linters-settings: + # https://golangci-lint.run/usage/linters/#misspell + misspell: + mode: restricted + # https://golangci-lint.run/usage/linters/#asasalint + asasalint: + ignore-test: true + # https://golangci-lint.run/usage/linters/#exhaustive + exhaustive: + default-signifies-exhaustive: true + # https://golangci-lint.run/usage/linters/#gocritic + gocritic: + disabled-checks: + - assignOp + - ifElseChain + - singleCaseSwitch + # https://golangci-lint.run/usage/linters/#testifylint + testifylint: + disable: + - float-compare + # https://golangci-lint.run/usage/linters/#gosec + gosec: + confidence: medium + # https://golangci-lint.run/usage/linters/#revive + revive: + enable-all-rules: true + ignore-generated-header: true + rules: + - name: line-length-limit + disabled: true + #- name: if-return + # disabled: true + #- name: bare-return + # disabled: true + - name: cognitive-complexity + disabled: true + - name: unused-parameter + disabled: true + - name: add-constant + disabled: true + - name: indent-error-flow + disabled: true + - name: cyclomatic + disabled: true + - name: function-length + disabled: true + - name: early-return + disabled: true + #- name: nested-structs + # disabled: true + #- name: var-naming + # disabled: true + - name: use-any + disabled: true + - name: max-public-structs + disabled: true + #- name: function-result-limit + # disabled: true + - name: flag-parameter + disabled: true + - name: unused-receiver + disabled: true + #- name: argument-limit + # disabled: true + #- name: empty-lines + # disabled: true + - name: confusing-naming + disabled: true + #- name: import-alias-naming + # disabled: true + - name: empty-block + disabled: true + #- name: import-shadowing + # disabled: true + - name: unhandled-error + arguments: + - "fmt.Printf" + - "fmt.Println" + #- name: max-control-nesting + # disabled: true + - name: exported + disabled: true + - name: unchecked-type-assertion + disabled: true + - name: unnecessary-stmt + disabled: true + #- name: get-return + # disabled: true + #- name: context-keys-type + # disabled: true + #- name: comment-spacings + # disabled: true + #- name: struct-tag + # disabled: true + #- name: confusing-results + # disabled: true + - name: superfluous-else + disabled: true + - name: unexported-return + disabled: true + #- name: error-return + # disabled: true + #- name: redefines-builtin-id + # disabled: true linters: + disable-all: true enable: # Enabled by default linters: - - errcheck - - gosimple - - govet - - ineffassign - - staticcheck + - errcheck # errcheck is a program for checking for unchecked errors in Go code. These unchecked errors can be critical bugs in some cases [fast: false, auto-fix: false] + - gosimple # (megacheck) Linter for Go source code that specializes in simplifying code [fast: false, auto-fix: false] + - govet # (vet, vetshadow) Vet examines Go source code and reports suspicious constructs. It is roughly the same as 'go vet' and uses its passes. [fast: false, auto-fix: false] + - ineffassign # Detects when assignments to existing variables are not used [fast: true, auto-fix: false] + - staticcheck # (megacheck) It's a set of rules from staticcheck. It's not the same thing as the staticcheck binary. The author of staticcheck doesn't support or approve the use of staticcheck as a library inside golangci-lint. [fast: false, auto-fix: false] + - unused # (megacheck) Checks Go code for unused constants, variables, functions and types [fast: false, auto-fix: false] - # Disabled by default linters: - - asciicheck # Simple linter to check that your code does not contain non-ASCII identifiers [fast: true, auto-fix: false] + # Disabled by your configuration linters: + - asasalint # check for pass []any as any in variadic func(...any) [fast: false, auto-fix: false] + - asciicheck # checks that all code identifiers does not have non-ASCII symbols in the name [fast: true, auto-fix: false] - bidichk # Checks for dangerous unicode character sequences [fast: true, auto-fix: false] - # - depguard # Go linter that checks if package imports are in a list of acceptable packages [fast: true, auto-fix: false] - - dupl # Tool for code clone detection [fast: true, auto-fix: false] - - forcetypeassert # finds forced type assertions [fast: true, auto-fix: false] - - gochecknoinits # Checks that no init functions are present in Go code [fast: true, auto-fix: false] - - goconst # Finds repeated strings that could be replaced by a constant [fast: true, auto-fix: false] - - gocritic # Provides diagnostics that check for bugs, performance and style issues. [fast: false, auto-fix: false] - - goimports # In addition to fixing imports, goimports also formats your code in the same style as gofmt. [fast: true, auto-fix: true] + - bodyclose # checks whether HTTP response body is closed successfully [fast: false, auto-fix: false] + #- containedctx # containedctx is a linter that detects struct contained context.Context field [fast: false, auto-fix: false] + - contextcheck # check whether the function uses a non-inherited context [fast: false, auto-fix: false] + #- copyloopvar # (go >= 1.22) copyloopvar is a linter detects places where loop variables are copied [fast: true, auto-fix: false] + #- cyclop # checks function and package cyclomatic complexity [fast: false, auto-fix: false] + - decorder # check declaration order and count of types, constants, variables and functions [fast: true, auto-fix: false] + #- depguard # Go linter that checks if package imports are in a list of acceptable packages [fast: true, auto-fix: false] + #- dogsled # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f()) [fast: true, auto-fix: false] + #- dupl # Tool for code clone detection [fast: true, auto-fix: false] + #- dupword # checks for duplicate words in the source code [fast: true, auto-fix: false] + - durationcheck # check for two durations multiplied together [fast: false, auto-fix: false] + - errchkjson # Checks types passed to the json encoding functions. Reports unsupported types and reports occations, where the check for the returned error can be omitted. [fast: false, auto-fix: false] + #- errname # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`. [fast: false, auto-fix: false] + - errorlint # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13. [fast: false, auto-fix: false] + - execinquery # execinquery is a linter about query string checker in Query function which reads your Go src files and warning it finds [fast: false, auto-fix: false] + #- exhaustive # check exhaustiveness of enum switch statements [fast: false, auto-fix: false] + #- exhaustruct # Checks if all structure fields are initialized [fast: false, auto-fix: false] + - exportloopref # checks for pointers to enclosing loop variables [fast: false, auto-fix: false] + #- forbidigo # Forbids identifiers [fast: false, auto-fix: false] + #- forcetypeassert # finds forced type assertions [fast: true, auto-fix: false] + #- funlen # Tool for detection of long functions [fast: true, auto-fix: false] + #- gci # Gci controls Go package import order and makes it always deterministic. [fast: true, auto-fix: true] + #- ginkgolinter # enforces standards of using ginkgo and gomega [fast: false, auto-fix: false] + - gocheckcompilerdirectives # Checks that go compiler directive comments (//go:) are valid. [fast: true, auto-fix: false] + #- gochecknoglobals # Check that no global variables exist. [fast: false, auto-fix: false] + #- gochecknoinits # Checks that no init functions are present in Go code [fast: true, auto-fix: false] + - gochecksumtype # Run exhaustiveness checks on Go "sum types" [fast: false, auto-fix: false] + #- gocognit # Computes and checks the cognitive complexity of functions [fast: true, auto-fix: false] + #- goconst # Finds repeated strings that could be replaced by a constant [fast: true, auto-fix: false] + - gocritic # Provides diagnostics that check for bugs, performance and style issues. [fast: false, auto-fix: true] + #- gocyclo # Computes and checks the cyclomatic complexity of functions [fast: true, auto-fix: false] + #- godot # Check if comments end in a period [fast: true, auto-fix: true] + #- godox # Tool for detection of FIXME, TODO and other comment keywords [fast: true, auto-fix: false] + #- goerr113 # Go linter to check the errors handling expressions [fast: false, auto-fix: false] + - gofmt # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification [fast: true, auto-fix: true] + #- gofumpt # Gofumpt checks whether code was gofumpt-ed. [fast: true, auto-fix: true] + - goheader # Checks is file header matches to pattern [fast: true, auto-fix: true] + - goimports # Check import statements are formatted according to the 'goimport' command. Reformat imports in autofix mode. [fast: true, auto-fix: true] + #- gomnd # An analyzer to detect magic numbers. [fast: true, auto-fix: false] - gomoddirectives # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod. [fast: true, auto-fix: false] - gomodguard # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations. [fast: true, auto-fix: false] - - goprintffuncname # Checks that printf-like functions are named with `f` at the end [fast: true, auto-fix: false] - - gosec # (gas): Inspects source code for security problems [fast: false, auto-fix: false] - - grouper # An analyzer to analyze expression groups. [fast: true, auto-fix: false] - # - importas # Enforces consistent import aliases [fast: false, auto-fix: false] - - maintidx # maintidx measures the maintainability index of each function. [fast: true, auto-fix: false] + - goprintffuncname # Checks that printf-like functions are named with `f` at the end. [fast: true, auto-fix: false] + - gosec # (gas) Inspects source code for security problems [fast: false, auto-fix: false] + #- gosmopolitan # Report certain i18n/l10n anti-patterns in your Go codebase [fast: false, auto-fix: false] + - grouper # Analyze expression groups. [fast: true, auto-fix: false] + - importas # Enforces consistent import aliases [fast: false, auto-fix: false] + #- inamedparam # reports interfaces with unnamed method parameters [fast: true, auto-fix: false] + #- interfacebloat # A linter that checks the number of methods inside an interface. [fast: true, auto-fix: false] + #- intrange # (go >= 1.22) intrange is a linter to find places where for loops could make use of an integer range. [fast: true, auto-fix: false] + #- ireturn # Accept Interfaces, Return Concrete Types [fast: false, auto-fix: false] + #- lll # Reports long lines [fast: true, auto-fix: false] + #- loggercheck # (logrlint) Checks key value pairs for common logger libraries (kitlog,klog,logr,zap). [fast: false, auto-fix: false] + #- maintidx # maintidx measures the maintainability index of each function. [fast: true, auto-fix: false] - makezero # Finds slice declarations with non-zero initial length [fast: false, auto-fix: false] - - misspell # Finds commonly misspelled English words in comments [fast: true, auto-fix: true] - - nakedret # Finds naked returns in functions greater than a specified function length [fast: true, auto-fix: false] - - nestif # Reports deeply nested if statements [fast: true, auto-fix: false] + - misspell # Finds commonly misspelled English words [fast: true, auto-fix: true] + - mirror # reports wrong mirror patterns of bytes/strings usage [fast: false, auto-fix: true] + - musttag # enforce field tags in (un)marshaled structs [fast: false, auto-fix: false] + #- nakedret # Checks that functions with naked returns are not longer than a maximum size (can be zero). [fast: true, auto-fix: false] + #- nestif # Reports deeply nested if statements [fast: true, auto-fix: false] - nilerr # Finds the code that returns nil even if it checks that the error is not nil. [fast: false, auto-fix: false] - nilnil # Checks that there is no simultaneous return of `nil` error and an invalid value. [fast: false, auto-fix: false] - - noctx # noctx finds sending http request without context.Context [fast: false, auto-fix: false] - - nolintlint # Reports ill-formed or insufficient nolint directives [fast: true, auto-fix: false] + #- nlreturn # nlreturn checks for a new line before return and branch statements to increase code clarity [fast: true, auto-fix: false] + - noctx # Finds sending http request without context.Context [fast: false, auto-fix: false] + - nolintlint # Reports ill-formed or insufficient nolint directives [fast: true, auto-fix: true] - nonamedreturns # Reports all named returns [fast: false, auto-fix: false] - nosprintfhostport # Checks for misuse of Sprintf to construct a host with port in a URL. [fast: true, auto-fix: false] + #- paralleltest # Detects missing usage of t.Parallel() method in your Go test [fast: false, auto-fix: false] + #- perfsprint # Checks that fmt.Sprintf can be replaced with a faster alternative. [fast: false, auto-fix: false] - prealloc # Finds slice declarations that could potentially be pre-allocated [fast: true, auto-fix: false] - predeclared # find code that shadows one of Go's predeclared identifiers [fast: true, auto-fix: false] - promlinter # Check Prometheus metrics naming via promlint [fast: true, auto-fix: false] + #- protogetter # Reports direct reads from proto message fields when getters should be used [fast: false, auto-fix: true] + - reassign # Checks that package variables are not reassigned [fast: false, auto-fix: false] - revive # Fast, configurable, extensible, flexible, and beautiful linter for Go. Drop-in replacement of golint. [fast: false, auto-fix: false] - - tagliatelle # Checks the struct tags. [fast: true, auto-fix: false] - - testpackage # linter that makes you use a separate _test package [fast: true, auto-fix: false] - - thelper # thelper detects golang test helpers without t.Helper() call and checks the consistency of test helpers [fast: false, auto-fix: false] + #- rowserrcheck # checks whether Rows.Err of rows is checked successfully [fast: false, auto-fix: false] + #- sloglint # ensure consistent code style when using log/slog [fast: false, auto-fix: false] + #- spancheck # Checks for mistakes with OpenTelemetry/Census spans. [fast: false, auto-fix: false] + #- sqlclosecheck # Checks that sql.Rows, sql.Stmt, sqlx.NamedStmt, pgx.Query are closed. [fast: false, auto-fix: false] + - stylecheck # Stylecheck is a replacement for golint [fast: false, auto-fix: false] + #- tagalign # check that struct tags are well aligned [fast: true, auto-fix: true] + #- tagliatelle # Checks the struct tags. [fast: true, auto-fix: false] + - tenv # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17 [fast: false, auto-fix: false] + #- testableexamples # linter checks if examples are testable (have an expected output) [fast: true, auto-fix: false] + - testifylint # Checks usage of github.com/stretchr/testify. [fast: false, auto-fix: false] + #- testpackage # linter that makes you use a separate _test package [fast: true, auto-fix: false] + - thelper # thelper detects tests helpers which is not start with t.Helper() method. [fast: false, auto-fix: false] + #- tparallel # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes. [fast: false, auto-fix: false] - unconvert # Remove unnecessary type conversions [fast: false, auto-fix: false] - - unparam # Reports unused function parameters [fast: false, auto-fix: false] + #- unparam # Reports unused function parameters [fast: false, auto-fix: false] - usestdlibvars # A linter that detect the possibility to use variables/constants from the Go standard library. [fast: true, auto-fix: false] - - wastedassign # wastedassign finds wasted assignment statements. [fast: false, auto-fix: false] - - whitespace # Tool for detection of leading and trailing whitespace [fast: true, auto-fix: true] - disable: - - unused + #- varnamelen # checks that the length of a variable's name matches its scope [fast: false, auto-fix: false] + - wastedassign # Finds wasted assignment statements [fast: false, auto-fix: false] + - whitespace # Whitespace is a linter that checks for unnecessary newlines at the start and end of functions, if, for, etc. [fast: true, auto-fix: true] + #- wrapcheck # Checks that errors returned from external packages are wrapped [fast: false, auto-fix: false] + #- wsl # add or remove empty lines [fast: true, auto-fix: false] + #- zerologlint # Detects the wrong usage of `zerolog` that a user forgets to dispatch with `Send` or `Msg` [fast: false, auto-fix: false] diff --git a/.goreleaser.yml b/.goreleaser.yml index 65027d3..0dfa92d 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -1,34 +1,22 @@ +project_name: contentfulvalidation + +release: + github: + owner: foomo + name: contentfulvalidation + prerelease: auto + builds: - skip: true +archives: + - format: tar.gz + format_overrides: + - goos: windows + format: zip + files: + - LICENSE + - README.md + changelog: - filters: - exclude: - - "^wip" - - "^test" - - "^docs" - - "^chore" - - "^style" - - "go mod tidy" - - "merge conflict" - - "Merge pull request" - - "Merge remote-tracking branch" - - "Merge branch" - groups: - - title: Features - regexp: '^.*?feat(\([[:word:]]+\))??!?:.+$' - order: 0 - - title: Dependency updates - regexp: '^.*?(feat|fix)\(deps\)!?:.+$' - order: 100 - - title: "Bug fixes" - regexp: '^.*?fix(\([[:word:]]+\))??!?:.+$' - order: 150 - - title: "Security" - regexp: '^.*?sec(\([[:word:]]+\))??!?:.+$' - order: 200 - - title: "Performace" - regexp: '^.*?perf(\([[:word:]]+\))??!?:.+$' - order: 250 - - title: Other - order: 999 + use: github-native diff --git a/Makefile b/Makefile index 20be245..82d919b 100644 --- a/Makefile +++ b/Makefile @@ -27,13 +27,11 @@ doc: .PHONY: test ## Run tests test: - @set -euo pipefail && go test -json -v ./... | gotestfmt + @go test -coverprofile=coverage.out -race -json ./... | gotestfmt .PHONY: test.cover ## Run tests with coverage -test.cover: - @go test -v -coverprofile=coverage.out ./... - @go tool cover -func=coverage.out +test.cover: test @go tool cover -html=coverage.out .PHONY: lint diff --git a/README.md b/README.md index 063157b..b57b7e2 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,10 @@ # contentfulvalidation - -[![GoDoc](https://godoc.org/github.com/foomo/go?status.svg)](https://godoc.org/github.com/foomo/go) +[![Build Status](https://github.com/foomo/contentfulvalidation/actions/workflows/test.yml/badge.svg?branch=main&event=push)](https://github.com/foomo/contentfulvalidation/actions/workflows/test.yml) [![Go Report Card](https://goreportcard.com/badge/github.com/foomo/contentfulvalidation)](https://goreportcard.com/report/github.com/foomo/contentfulvalidation) -[![Tests](https://github.com/foomo/contentfulvalidation/actions/workflows/test.yml/badge.svg)](https://github.com/foomo/contentfulvalidation/actions/workflows/test.yml) +[![Coverage Status](https://coveralls.io/repos/github/foomo/contentfulvalidation/badge.svg?branch=main&)](https://coveralls.io/github/foomo/contentfulvalidation?branch=main) +[![GoDoc](https://godoc.org/github.com/foomo/contentfulvalidation?status.svg)](https://godoc.org/github.com/foomo/contentfulvalidation) -Framework to kickstart a entity validation service for contentful content models. +Framework to kickstart an entity validation service for contentful content models. ## License