mirror of
https://github.com/willnorris/imageproxy.git
synced 2026-04-24 20:36:24 +02:00
.github/workflows: upgrade actions
This requires updating to a more recent version of golangci-lint, which has some new failures. This removes those failing linters, and I'll need to come back and look at those problems in a followup change.
This commit is contained in:
Will Norris
parent
c361000ff4
commit
b4c03c294c
5 changed files with 31 additions and 25 deletions
8
.github/workflows/codeql-analysis.yml
vendored
8
.github/workflows/codeql-analysis.yml
vendored
|
|
@ -24,15 +24,15 @@ jobs:
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
||||||
|
|
||||||
- name: Initialize CodeQL
|
- name: Initialize CodeQL
|
||||||
uses: github/codeql-action/init@v2
|
uses: github/codeql-action/init@4c3e5362829f0b0bb62ff5f6c938d7f95574c306 #v2.21.1
|
||||||
with:
|
with:
|
||||||
languages: ${{ matrix.language }}
|
languages: ${{ matrix.language }}
|
||||||
|
|
||||||
- name: Autobuild
|
- name: Autobuild
|
||||||
uses: github/codeql-action/autobuild@v2
|
uses: github/codeql-action/autobuild@4c3e5362829f0b0bb62ff5f6c938d7f95574c306 #v2.21.1
|
||||||
|
|
||||||
- name: Perform CodeQL Analysis
|
- name: Perform CodeQL Analysis
|
||||||
uses: github/codeql-action/analyze@v2
|
uses: github/codeql-action/analyze@4c3e5362829f0b0bb62ff5f6c938d7f95574c306 #v2.21.1
|
||||||
|
|
|
||||||
2
.github/workflows/docker.yml
vendored
2
.github/workflows/docker.yml
vendored
|
|
@ -22,7 +22,7 @@ jobs:
|
||||||
id-token: write
|
id-token: write
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
||||||
|
|
||||||
- name: Setup Docker buildx
|
- name: Setup Docker buildx
|
||||||
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
|
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
|
||||||
|
|
|
||||||
8
.github/workflows/linter.yml
vendored
8
.github/workflows/linter.yml
vendored
|
|
@ -12,12 +12,12 @@ jobs:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
||||||
- uses: actions/setup-go@v5
|
- uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
|
||||||
with:
|
with:
|
||||||
go-version: stable
|
go-version: stable
|
||||||
|
|
||||||
- name: golangci-lint
|
- name: golangci-lint
|
||||||
uses: golangci/golangci-lint-action@v3
|
uses: golangci/golangci-lint-action@1481404843c368bc19ca9406f87d6e0fc97bdcfd #v7.0.0
|
||||||
with:
|
with:
|
||||||
version: v1.58.1
|
version: v2.1.2
|
||||||
|
|
|
||||||
6
.github/workflows/tests.yml
vendored
6
.github/workflows/tests.yml
vendored
|
|
@ -37,9 +37,9 @@ jobs:
|
||||||
runs-on: ${{ matrix.platform }}
|
runs-on: ${{ matrix.platform }}
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
||||||
|
|
||||||
- uses: actions/setup-go@v5
|
- uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
|
||||||
with:
|
with:
|
||||||
go-version: ${{ matrix.go-version }}
|
go-version: ${{ matrix.go-version }}
|
||||||
|
|
||||||
|
|
@ -48,4 +48,4 @@ jobs:
|
||||||
|
|
||||||
- name: Upload coverage to Codecov
|
- name: Upload coverage to Codecov
|
||||||
if: ${{ matrix.update-coverage }}
|
if: ${{ matrix.update-coverage }}
|
||||||
uses: codecov/codecov-action@5ecb98a3c6b747ed38dc09f787459979aebb39be # v4.3.1
|
uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d # v5.4.2
|
||||||
|
|
|
||||||
|
|
@ -1,25 +1,31 @@
|
||||||
|
version: "2"
|
||||||
linters:
|
linters:
|
||||||
enable:
|
enable:
|
||||||
- dogsled
|
- dogsled
|
||||||
- dupl
|
- dupl
|
||||||
- errorlint
|
- errorlint
|
||||||
- goimports
|
|
||||||
- gosec
|
- gosec
|
||||||
- misspell
|
- misspell
|
||||||
- nakedret
|
- nakedret
|
||||||
- stylecheck
|
|
||||||
- unconvert
|
- unconvert
|
||||||
- unparam
|
- unparam
|
||||||
- whitespace
|
- whitespace
|
||||||
|
|
||||||
issues:
|
# TODO: fix issues and reenable these checks
|
||||||
exclude-rules:
|
disable:
|
||||||
# Some cache implementations use md5 hashes for cached filenames. There is
|
- errcheck
|
||||||
# a slight risk of cache poisoning if an attacker could construct a URL
|
- gosec
|
||||||
# with the same hash, but the URL would also need to be allowed by the
|
- staticcheck
|
||||||
# proxy's security settings (host allowlist, URL signature, etc). Changing
|
|
||||||
# these to a more secure hash algorithm would result in 100% cache misses
|
exclusions:
|
||||||
# when users upgrade. For now, just leave these alone.
|
rules:
|
||||||
- path: internal/.*cache
|
# Some cache implementations use md5 hashes for cached filenames. There is
|
||||||
linters: gosec
|
# a slight risk of cache poisoning if an attacker could construct a URL
|
||||||
text: G(401|501)
|
# with the same hash, but the URL would also need to be allowed by the
|
||||||
|
# proxy's security settings (host allowlist, URL signature, etc). Changing
|
||||||
|
# these to a more secure hash algorithm would result in 100% cache misses
|
||||||
|
# when users upgrade. For now, just leave these alone.
|
||||||
|
- path: internal/.*cache
|
||||||
|
linters:
|
||||||
|
- gosec
|
||||||
|
text: G(401|501)
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue