mirror of
https://github.com/willnorris/imageproxy.git
synced 2026-04-24 20:36:24 +02:00
b4c03c294c
This requires updating to a more recent version of golangci-lint, which has some new failures. This removes those failing linters, and I'll need to come back and look at those problems in a followup change.
31 lines
841 B
YAML
31 lines
841 B
YAML
version: "2"
|
|
linters:
|
|
enable:
|
|
- dogsled
|
|
- dupl
|
|
- errorlint
|
|
- gosec
|
|
- misspell
|
|
- nakedret
|
|
- unconvert
|
|
- unparam
|
|
- whitespace
|
|
|
|
# TODO: fix issues and reenable these checks
|
|
disable:
|
|
- errcheck
|
|
- gosec
|
|
- staticcheck
|
|
|
|
exclusions:
|
|
rules:
|
|
# Some cache implementations use md5 hashes for cached filenames. There is
|
|
# a slight risk of cache poisoning if an attacker could construct a URL
|
|
# with the same hash, but the URL would also need to be allowed by the
|
|
# proxy's security settings (host allowlist, URL signature, etc). Changing
|
|
# these to a more secure hash algorithm would result in 100% cache misses
|
|
# when users upgrade. For now, just leave these alone.
|
|
- path: internal/.*cache
|
|
linters:
|
|
- gosec
|
|
text: G(401|501)
|