Enable errcheck and staticcheck for golangci-lint v2 and resolve all issues (#4924)

* enable errcheck and staticcheck for golangci-lint v2 and resolve all issues

* skip lint on intentional reference of deprecated DetectorType values

Author: amanfcp

.github/workflows/lint.yml

@@ -24,7 +24,7 @@ jobs:
         with:
           # NOTE: Version and args must match scripts/lint.sh
           version: v2.11.4
-          args: --disable errcheck,staticcheck --enable bodyclose,copyloopvar,misspell --timeout 10m
+          args: --enable bodyclose,copyloopvar,misspell --timeout 10m
   man-page-staleness:
     name: man-page-staleness
     runs-on: ubuntu-latest

hack/checksecretparts/main.go

@@ -33,9 +33,9 @@ func main() {
 	flag.BoolVar(&failOnFindings, "fail", false, "exit 1 if any findings are reported (default: warning-only)")
 	flag.BoolVar(&quiet, "quiet", false, "suppress the summary line when no findings are reported")
 	flag.Usage = func() {
-		fmt.Fprintf(flag.CommandLine.Output(), "Usage: %s [flags] [dir ...]\n", os.Args[0])
-		fmt.Fprintln(flag.CommandLine.Output(), "\nFinds detector packages that construct detectors.Result without setting SecretParts.")
-		fmt.Fprintln(flag.CommandLine.Output(), "\nFlags:")
+		_, _ = fmt.Fprintf(flag.CommandLine.Output(), "Usage: %s [flags] [dir ...]\n", os.Args[0])
+		_, _ = fmt.Fprintln(flag.CommandLine.Output(), "\nFinds detector packages that construct detectors.Result without setting SecretParts.")
+		_, _ = fmt.Fprintln(flag.CommandLine.Output(), "\nFlags:")
 		flag.PrintDefaults()
 	}
 	flag.Parse()

hack/snifftest/main.go

@@ -219,7 +219,7 @@ func main() {
 					logFatal(err, "error scanning repo")
 				}
 				logger.Info("scanned repo", "repo", r)
-				defer os.RemoveAll(path)
+				defer func() { _ = os.RemoveAll(path) }()
 			}(repo)
 		}
 

main.go

@@ -465,7 +465,7 @@ func run(state overseer.State, logSync func() error) {
 	if *githubScanToken != "" {
 		// NOTE: this kludge is here to do an authenticated shallow commit
 		// TODO: refactor to better pass credentials
-		os.Setenv("GITHUB_TOKEN", *githubScanToken)
+		_ = os.Setenv("GITHUB_TOKEN", *githubScanToken)
 	}
 
 	if *concurrency <= 0 {
@@ -725,7 +725,7 @@ func runSingleScan(ctx context.Context, cmd string, cfg engine.Config) (metrics,
 	handleFinishedMetrics := func(ctx context.Context, finishedMetrics <-chan sources.UnitMetrics, jobReportWriter io.WriteCloser) {
 		go func() {
 			defer func() {
-				jobReportWriter.Close()
+				_ = jobReportWriter.Close()
 				if namer, ok := jobReportWriter.(interface{ Name() string }); ok {
 					ctx.Logger().Info("report written", "path", namer.Name())
 				} else {

pkg/analyzer/analyzers/airbrake/airbrake.go

@@ -25,8 +25,7 @@ func (Analyzer) Type() analyzers.AnalyzerType { return analyzers.AnalyzerTypeAir
 func (a Analyzer) Analyze(_ context.Context, credInfo map[string]string) (*analyzers.AnalyzerResult, error) {
 	info, err := AnalyzePermissions(a.Cfg, credInfo["key"])
 	if err != nil {
-		return nil, analyzers.NewAnalysisError(a.Type().String(), analyzers.OperationAnalyzePermissions, analyzers.ServiceAPI, "", err,
-		)
+		return nil, analyzers.NewAnalysisError(a.Type().String(), analyzers.OperationAnalyzePermissions, analyzers.ServiceAPI, "", err)
 	}
 	return secretInfoToAnalyzerResult(info), nil
 }
@@ -109,7 +108,7 @@ func validateKey(cfg *config.Config, key string) (bool, []Project, error) {
 	}
 
 	// read response
-	defer resp.Body.Close()
+	defer func() { _ = resp.Body.Close() }()
 
 	// if status code is 200, decode response
 	if resp.StatusCode == 200 {
@@ -150,7 +149,7 @@ func AnalyzePermissions(cfg *config.Config, key string) (*SecretInfo, error) {
 		return nil, err
 	}
 	if !valid {
-		return nil, fmt.Errorf("Invalid Airbrake User API Key")
+		return nil, fmt.Errorf("invalid Airbrake User API Key")
 	}
 
 	info := &SecretInfo{

pkg/analyzer/analyzers/airtable/airtablepat/airtable.go

@@ -119,7 +119,7 @@ func determineScope(token string, perm common.Permission, requiredIDs map[string
 	if requiredIDs != nil {
 		for _, key := range endpoint.RequiredIDs {
 			if value, ok := requiredIDs[key]; ok {
-				url = strings.Replace(url, fmt.Sprintf("{%s}", key), value, -1)
+				url = strings.ReplaceAll(url, fmt.Sprintf("{%s}", key), value)
 			}
 		}
 	}
@@ -128,7 +128,7 @@ func determineScope(token string, perm common.Permission, requiredIDs map[string
 	if err != nil {
 		return false, err
 	}
-	defer resp.Body.Close()
+	defer func() { _ = resp.Body.Close() }()
 
 	if resp.StatusCode == endpoint.ExpectedSuccessStatus {
 		scopeStatusMap[scopeString] = true

pkg/analyzer/analyzers/airtable/airtablepat/requests.go

@@ -18,12 +18,12 @@ func fetchAirtableRecords(token string, baseID string, tableID string) ([]common
 	if !exists {
 		return nil, fmt.Errorf("endpoint for ListRecordsEndpoint does not exist")
 	}
-	url := strings.Replace(strings.Replace(endpoint.URL, "{baseID}", baseID, -1), "{tableID}", tableID, -1)
+	url := strings.ReplaceAll(strings.ReplaceAll(endpoint.URL, "{baseID}", baseID), "{tableID}", tableID)
 	resp, err := common.CallAirtableAPI(token, "GET", url)
 	if err != nil {
 		return nil, err
 	}
-	defer resp.Body.Close()
+	defer func() { _ = resp.Body.Close() }()
 
 	if resp.StatusCode != http.StatusOK {
 		return nil, fmt.Errorf("failed to fetch Airtable records, status: %d", resp.StatusCode)

pkg/analyzer/analyzers/airtable/common/common.go

@@ -39,7 +39,7 @@ func FetchAirtableUserInfo(token string) (*AirtableUserInfo, error) {
 	if err != nil {
 		return nil, err
 	}
-	defer resp.Body.Close()
+	defer func() { _ = resp.Body.Close() }()
 
 	if resp.StatusCode != http.StatusOK {
 		return nil, fmt.Errorf("failed to fetch Airtable user info, status: %d", resp.StatusCode)
@@ -62,7 +62,7 @@ func FetchAirtableBases(token string) (*AirtableBases, error) {
 	if err != nil {
 		return nil, err
 	}
-	defer resp.Body.Close()
+	defer func() { _ = resp.Body.Close() }()
 
 	if resp.StatusCode != http.StatusOK {
 		return nil, fmt.Errorf("failed to fetch Airtable bases, status: %d", resp.StatusCode)
@@ -96,7 +96,7 @@ func fetchBaseSchema(token string, baseID string) (*Schema, error) {
 	if err != nil {
 		return nil, err
 	}
-	defer resp.Body.Close()
+	defer func() { _ = resp.Body.Close() }()
 
 	if resp.StatusCode != http.StatusOK {
 		return nil, fmt.Errorf("failed to fetch schema for base %s, status: %d", baseID, resp.StatusCode)

pkg/analyzer/analyzers/analyzers.go

@@ -227,7 +227,7 @@ func (h *HttpStatusTest) RunTest(headers map[string]string) error {
 	if err != nil {
 		return err
 	}
-	defer resp.Body.Close()
+	defer func() { _ = resp.Body.Close() }()
 
 	// Check response status code
 	switch {

pkg/analyzer/analyzers/asana/asana.go

@@ -116,18 +116,18 @@ func AnalyzePermissions(cfg *config.Config, key string) (*SecretInfo, error) {
 	}
 
 	if resp.StatusCode != 200 {
-		return nil, fmt.Errorf("Invalid Asana API Key")
+		return nil, fmt.Errorf("invalid Asana API Key")
 	}
 
-	defer resp.Body.Close()
+	defer func() { _ = resp.Body.Close() }()
 
 	err = json.NewDecoder(resp.Body).Decode(&me)
 	if err != nil {
 		return nil, err
 	}
 
 	if me.Data.Email == "" {
-		return nil, fmt.Errorf("Invalid Asana API Key")
+		return nil, fmt.Errorf("invalid Asana API Key")
 	}
 	return &me, nil
 }