From 9e1f8d646e15b2626e56960e9505ad281937dc30 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 23 Oct 2023 15:01:31 +0200 Subject: [PATCH 1/2] image/build: use "nolint" comment to work around gosec regression Latest gosec linter has a regression in parsing "nosec" comments; see https://github.com/securego/gosec/issues/1046 Signed-off-by: Sebastiaan van Stijn --- cli/command/image/build/context.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cli/command/image/build/context.go b/cli/command/image/build/context.go index fc1e7b64d484..d570fe657c58 100644 --- a/cli/command/image/build/context.go +++ b/cli/command/image/build/context.go @@ -234,8 +234,7 @@ func GetContextFromURL(out io.Writer, remoteURL, dockerfileName string) (io.Read // getWithStatusError does an http.Get() and returns an error if the // status code is 4xx or 5xx. func getWithStatusError(url string) (resp *http.Response, err error) { - // #nosec G107 - if resp, err = http.Get(url); err != nil { + if resp, err = http.Get(url); err != nil { //nolint:gosec // Ignore G107: Potential HTTP request made with variable url return nil, err } if resp.StatusCode < http.StatusBadRequest { From b7b5b31a7ee88e4a425e2785972bdffb911ebb24 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 23 Oct 2023 15:02:57 +0200 Subject: [PATCH 2/2] update to golangci-lint v1.55.0 release notes: https://github.com/golangci/golangci-lint/releases/tag/v1.55.0 Signed-off-by: Sebastiaan van Stijn --- dockerfiles/Dockerfile.lint | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dockerfiles/Dockerfile.lint b/dockerfiles/Dockerfile.lint index f0364943f820..d1ac42b1adf5 100644 --- a/dockerfiles/Dockerfile.lint +++ b/dockerfiles/Dockerfile.lint @@ -2,7 +2,7 @@ ARG GO_VERSION=1.21.3 ARG ALPINE_VERSION=3.17 -ARG GOLANGCI_LINT_VERSION=v1.54.2 +ARG GOLANGCI_LINT_VERSION=v1.55.0 FROM golangci/golangci-lint:${GOLANGCI_LINT_VERSION}-alpine AS golangci-lint