Use errcheck, gosec, govulncheck

eikendev · eikendev · commit affe8a4b89dc · 2023-03-25T14:46:45.000+01:00
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -9,16 +9,17 @@ jobs:
   test_publish:
     name: Test and publish
     runs-on: ubuntu-latest
+    timeout-minutes: 10
     steps:
       - name: Checkout code
         uses: actions/checkout@v3
         with:
           fetch-depth: 0 # Needed to describe git ref during build.
 
       - name: Export GOBIN
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v4
         with:
-          go-version: '1.19'
+          go-version: '1.20.2'
 
       - name: Install dependencies
         run: make setup
@@ -30,7 +31,7 @@ jobs:
         run: make build
 
       - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v2
+        uses: goreleaser/goreleaser-action@v4
         if: startsWith(github.ref, 'refs/tags/v') # Only release for tagged commits.
         with:
           distribution: goreleaser
diff --git a/Makefile b/Makefile
@@ -1,4 +1,5 @@
 OUT_DIR := ./out
+GO_FILES := $(shell find . -type f \( -iname '*.go' \))
 
 PBCLI_BUILD_VERSION ?= $(shell git describe --tags)
 ifeq ($(PBCLI_BUILD_VERSION),)
@@ -20,14 +21,20 @@ clean:
 test:
 	stdout=$$(gofumpt -l . 2>&1); if [ "$$stdout" ]; then exit 1; fi
 	go vet ./...
-	gocyclo -over 10 $(shell find . -type f -iname '*.go')
+	gocyclo -over 10 $(GO_FILES)
 	staticcheck ./...
+	errcheck ./...
 	go test -v -cover ./...
+	gosec -exclude-dir=tests ./...
+	govulncheck ./...
 	@printf '\n%s\n' "> Test successful"
 
 .PHONY: setup
 setup:
 	go install github.com/fzipp/gocyclo/cmd/gocyclo@latest
+	go install github.com/kisielk/errcheck@latest
+	go install github.com/securego/gosec/v2/cmd/gosec@latest
+	go install golang.org/x/vuln/cmd/govulncheck@latest
 	go install honnef.co/go/tools/cmd/staticcheck@latest
 	go install mvdan.cc/gofumpt@latest
 
diff --git a/go.mod b/go.mod
@@ -3,12 +3,9 @@ module github.com/pushbits/cli
 go 1.19
 
 require (
-	github.com/alecthomas/kong v0.5.0
-	github.com/sirupsen/logrus v1.8.1
-	golang.org/x/term v0.0.0-20210503060354-a79de5458b56
+	github.com/alecthomas/kong v0.7.1
+	github.com/sirupsen/logrus v1.9.0
+	golang.org/x/term v0.6.0
 )
 
-require (
-	github.com/pkg/errors v0.9.1 // indirect
-	golang.org/x/sys v0.0.0-20210603125802-9665404d3644 // indirect
-)
+require golang.org/x/sys v0.6.0 // indirect
diff --git a/go.sum b/go.sum
@@ -1,27 +1,23 @@
-github.com/alecthomas/kong v0.5.0 h1:u8Kdw+eeml93qtMZ04iei0CFYve/WPcA5IFh+9wSskE=
-github.com/alecthomas/kong v0.5.0/go.mod h1:uzxf/HUh0tj43x1AyJROl3JT7SgsZ5m+icOv1csRhc0=
-github.com/alecthomas/repr v0.0.0-20210801044451-80ca428c5142 h1:8Uy0oSf5co/NZXje7U1z8Mpep++QJOldL2hs/sBQf48=
-github.com/alecthomas/repr v0.0.0-20210801044451-80ca428c5142/go.mod h1:2kn6fqh/zIyPLmm3ugklbEi5hg5wS435eygvNfaDQL8=
+github.com/alecthomas/assert/v2 v2.1.0 h1:tbredtNcQnoSd3QBhQWI7QZ3XHOVkw1Moklp2ojoH/0=
+github.com/alecthomas/kong v0.7.1 h1:azoTh0IOfwlAX3qN9sHWTxACE2oV8Bg2gAwBsMwDQY4=
+github.com/alecthomas/kong v0.7.1/go.mod h1:n1iCIO2xS46oE8ZfYCNDqdR0b0wZNrXAIAqro/2132U=
+github.com/alecthomas/repr v0.1.0 h1:ENn2e1+J3k09gyj2shc0dHr/yjaWSHRlrJ4DPMevDqE=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
-github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/hexops/gotextdiff v1.0.3 h1:gitA9+qJrrTCsiCl7+kh75nPqQt1cx4ZkudSTLoUqJM=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE=
-github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
+github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0=
+github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210603125802-9665404d3644 h1:CA1DEQ4NdKphKeL70tvsWNdT5oFh1lOjihRcEDROi0I=
-golang.org/x/sys v0.0.0-20210603125802-9665404d3644/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/term v0.0.0-20210503060354-a79de5458b56 h1:b8jxX3zqjpqb2LklXPzKSGJhzyxCOZSz8ncv8Nv+y7w=
-golang.org/x/term v0.0.0-20210503060354-a79de5458b56/go.mod h1:tfny5GFUkzUvx4ps4ajbZsCe5lw1metzhBm9T3x7oIY=
+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.6.0 h1:clScbb1cHjoCkyRbWwBEUZ5H/tIFu5TAXIqaZD0Gcjw=
+golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo=
-gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
diff --git a/internal/api/mod.go b/internal/api/mod.go
@@ -7,6 +7,7 @@ import (
 	"net/url"
 	"strings"
 
+	"github.com/pushbits/cli/internal/handling"
 	log "github.com/sirupsen/logrus"
 )
 
@@ -73,12 +74,12 @@ func Request(base, endpoint, method, proxy, username, password string, hasBody b
 	if err != nil {
 		log.Fatal(err)
 	}
+	defer handling.Close(resp.Body)
 
 	if resp.StatusCode != http.StatusOK {
 		log.Fatalf("Request failed with HTTP %s.", resp.Status)
 	}
 
-	defer resp.Body.Close()
 	bodyText, err := io.ReadAll(resp.Body)
 	if err != nil {
 		log.Fatal(err)
diff --git a/internal/handling/handling.go b/internal/handling/handling.go
@@ -0,0 +1,13 @@
+package handling
+
+import (
+	"io"
+
+	log "github.com/sirupsen/logrus"
+)
+
+func Close(c io.Closer) {
+	if err := c.Close(); err != nil {
+		log.Warn(err)
+	}
+}

Original file line number	Diff line number	Diff line change
`@@ -7,6 +7,7 @@ import (`
`7`	`7`	`"net/url"`
`8`	`8`	`"strings"`
`9`	`9`
	`10`	`+ "github.com/pushbits/cli/internal/handling"`
`10`	`11`	`log "github.com/sirupsen/logrus"`
`11`	`12`	`)`
`12`	`13`
`@@ -73,12 +74,12 @@ func Request(base, endpoint, method, proxy, username, password string, hasBody b`
`73`	`74`	`if err != nil {`
`74`	`75`	`log.Fatal(err)`
`75`	`76`	`}`
	`77`	`+ defer handling.Close(resp.Body)`
`76`	`78`
`77`	`79`	`if resp.StatusCode != http.StatusOK {`
`78`	`80`	`log.Fatalf("Request failed with HTTP %s.", resp.Status)`
`79`	`81`	`}`
`80`	`82`
`81`		`- defer resp.Body.Close()`
`82`	`83`	`bodyText, err := io.ReadAll(resp.Body)`
`83`	`84`	`if err != nil {`
`84`	`85`	`log.Fatal(err)`