Upgrade golangci-lint in CI runner and Makefile#4861
Conversation
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
…25 toolchain fetch while restricting make lint command to same version as CI
…curity/trufflehog into amaan/upgrade-golangci-lint-v2
…an/upgrade-golangci-lint-v2
…curity/trufflehog into amaan/upgrade-golangci-lint-v2
- extract exact semantic version - check system path first before GOPATH/bin to avoid potential duplication
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
There are 2 total unresolved issues (including 1 from previous review).
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 4ebd548. Configure here.
| GOLANGCI_LINT_VERSION="v2.11.4" | ||
|
|
||
| # TODO: Re-enable errcheck and staticcheck once pre-existing issues are resolved. | ||
| LINT_ARGS="--disable errcheck,staticcheck --enable bodyclose,copyloopvar,misspell --timeout 10m" |
There was a problem hiding this comment.
Lint version and args duplicated across two files
Low Severity
The golangci-lint version (v2.11.4) and the lint arguments (--disable errcheck,staticcheck --enable bodyclose,copyloopvar,misspell --timeout 10m) are independently hardcoded in both scripts/lint.sh and .github/workflows/lint.yml. If one file is updated without the other, CI and local make lint will silently diverge — running different linter versions or different linter sets — defeating the stated goal of eliminating version mismatches.
Additional Locations (1)
Reviewed by Cursor Bugbot for commit 4ebd548. Configure here.
|
On second thought, we could also use a Docker image in the Makefile 🤔 |
2 participants
Description:
Upgrades golangci-lint from
v1tov2, pinned atv2.11.4. CI usesgolangci-lint-action@v7with a prebuilt binary (no Go 1.25 toolchain fetch). Local make lint now callsscripts/lint.sh, which auto-installs the exact pinned version via curl, eliminating system-installed version mismatches.The deprecated
--out-formatflag is removed (colored output is default in v2).errcheckandstaticcheckare temporarily disabled as v2's stricter defaults surface ~100 pre-existing issues, to be addressed in a follow-up.Checklist:
make test-community)?make lintthis requires golangci-lint)?Note
Low Risk
CI/tooling-only changes; main risk is reduced lint coverage by disabling
errcheck/staticcheckand potential differences in lint output from the v2 upgrade.Overview
Upgrades CI linting to
golangci-lint-action@v7and pinsgolangci-linttov2.11.4, updating the lint args to match v2 and temporarily disablingerrcheck/staticcheck.Changes local
make lintto run a newscripts/lint.shthat ensures the exact pinnedgolangci-lintversion is present (installing it if needed) before executing the same lint command for consistent results across environments.Reviewed by Cursor Bugbot for commit 4ebd548. Bugbot is set up for automated code reviews on this repo. Configure here.