search

anchore / syft

CLI tool and library for generating a Software Bill of Materials from container images and filesystems
Apache License 2.0
5.99k stars 552 forks source link

linter in CI doesn't work as expected #3126

Open tomersein opened 4 weeks ago

tomersein commented 4 weeks ago

What happened: If you run this command golangci-lint run --issues-exit-code=1 --timeout 5m0s --tests=false you will see the below errors:

internal/cache/error_resolver.go:37:30: printf: non-constant format string in call to fmt.Errorf (govet)
        return v.Value, fmt.Errorf(v.Error)
                                   ^
syft/internal/packagemetadata/discover_type_names.go:81:26: printf: non-constant format string in call to fmt.Errorf (govet)
        return nil, fmt.Errorf("not enough metadata definitions found (discovered: " + fmt.Sprintf("%d", len(strNames)) + ")")
                               ^
syft/internal/sourcemetadata/discover_type_names.go:71:26: printf: non-constant format string in call to fmt.Errorf (govet)
        return nil, fmt.Errorf("not enough metadata definitions found (discovered: " + fmt.Sprintf("%d", len(strNames)) + ")")
                               ^
cmd/syft/internal/commands/scan.go:164:21: printf: non-constant format string in call to fmt.Errorf (govet)
        return fmt.Errorf(error)
                          ^
cmd/syft/internal/commands/scan.go:164:10: SA1006: printf-style function with dynamic format string and no further arguments should use print-style function instead (staticcheck)
        return fmt.Errorf(error)
               ^
syft/pkg/cataloger/cpp/parse_conanfile.go:27:8: SA1032: arguments have the wrong order (staticcheck)
        case errors.Is(io.EOF, err):
             ^
syft/pkg/cataloger/cpp/parse_conaninfo.go:102:8: SA1032: arguments have the wrong order (staticcheck)
        case errors.Is(io.EOF, err):
             ^
syft/pkg/cataloger/elixir/parse_mix_lock.go:31:8: SA1032: arguments have the wrong order (staticcheck)
        case errors.Is(io.EOF, err):
             ^
syft/pkg/cataloger/haskell/parse_cabal_freeze.go:26:8: SA1032: arguments have the wrong order (staticcheck)
        case errors.Is(io.EOF, err):

However it seems the CI doesn't fail.

What you expected to happen: CI should detect these errors Steps to reproduce the issue: as I mentioned above run manually the command from the root directory of syft Anything else we need to know?:

Environment:

willmurphyscode commented 4 weeks ago

Are you running the version of golangci-lint that is installed by Syft's Taskfile? ./.tool/golangci-lint run --issues-exit-code=1 --timeout 5m0s --tests=false succeeds for me on main.

It's possible the version of golangci-lint on path is newer or older than the one in .tool and that is causing this difference.

tomersein commented 4 weeks ago

hi, My version is: golangci-lint has version 1.60.1 built with go1.22.6 from 3298c10 on 2024-08-14T01:09:25Z

spiffcs commented 3 weeks ago

we're working on fixing the current code to match the latest linter updates for new golangci-lint