Start using golangci-lint

    - Fix issues found

Author: dhui

.golangci.yml

@@ -0,0 +1,27 @@
+linters:
+  enable:
+    - golint
+    - interfacer
+    - unconvert
+    - dupl
+    - goconst
+    - gofmt
+    - misspell
+    - maligned
+    - unparam
+    - nakedret
+    - prealloc
+    - gosec
+linters-settings:
+  misspell:
+    locale: US
+issues:
+  max-same: 0
+  max-per-linter: 0
+  exclude-use-default: false
+  exclude:
+    # gosec: Duplicated errcheck checks
+    - G104
+    - G201 # Re-enable once gosec considers quoted strings to be safe: https://github.com/securego/gosec/pull/240
+    # Ignore unused variables/constants for now
+    - is unused

.travis.yml

@@ -1,6 +1,11 @@
 language: go
 sudo: false
 
+env:
+  global:
+    - GOLANGCI_LINT_VERSION=v1.10.2
+    - DEP_VERSION=v0.5.0
+
 matrix:
   allow_failures:
   - go: master
@@ -11,12 +16,15 @@ matrix:
   - go: master
 
 before_install:
-  - if [ $GO_GET_COVER ]; then go get golang.org/x/tools/cmd/cover; fi
-  - if [ "${NO_GOLINT}" != "true" ]; then go get github.com/golang/lint/golint; fi
+  - curl -L -s https://github.com/golang/dep/releases/download/$DEP_VERSION/dep-linux-amd64 -o $GOPATH/bin/dep
+  - chmod +x $GOPATH/bin/dep
+  - curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | bash -s -- -b $GOPATH/bin $GOLANGCI_LINT_VERSION
+
+install:
+  - dep ensure -vendor-only
 
 before_script:
-  - if [ "${NO_VET}" != "true" ]; then go vet ./...; fi
-  - if [ "${NO_GOLINT}" != "true" ]; then golint ./...; fi
+  - golangci-lint run
 
 script:
   - ./codecov_test.sh

audit_logger_test.go

@@ -9,7 +9,7 @@ import (
 )
 
 // setupAuditLoggerTestData logs test data to the given AuditLogger
-func setupAuditLoggerTestData(userID passhash.UserID, al passhash.AuditLogger) int {
+func setupAuditLoggerTestData(userID passhash.UserID, al passhash.AuditLogger) int { // nolint: unparam
 	numIters := 5
 	for i := 0; i < numIters; i++ {
 		al.Log(userID, passhash.AuthnSucceeded, passhash.EmptyIP)

benchmarks_test.go

@@ -15,9 +15,8 @@ func BenchmarkDefaultWorkFactorPbkdfSha256(b *testing.B) {
 		Store: passhash.DummyCredentialStore{}, PasswordPolicies: []passhash.PasswordPolicy{},
 	}
 	userID := passhash.UserID(0)
-	password := "insecurepassword"
 	for i := 0; i < b.N; i++ {
-		config.NewCredential(userID, password)
+		config.NewCredential(userID, testPassword) // nolint: errcheck
 	}
 }
 
@@ -28,9 +27,8 @@ func BenchmarkDefaultWorkFactorPbkdfSha512(b *testing.B) {
 		Store: passhash.DummyCredentialStore{}, PasswordPolicies: []passhash.PasswordPolicy{},
 	}
 	userID := passhash.UserID(0)
-	password := "insecurepassword"
 	for i := 0; i < b.N; i++ {
-		config.NewCredential(userID, password)
+		config.NewCredential(userID, testPassword) // nolint: errcheck
 	}
 }
 
@@ -41,9 +39,8 @@ func BenchmarkDefaultWorkFactorPbkdfSha3_256(b *testing.B) {
 		Store: passhash.DummyCredentialStore{}, PasswordPolicies: []passhash.PasswordPolicy{},
 	}
 	userID := passhash.UserID(0)
-	password := "insecurepassword"
 	for i := 0; i < b.N; i++ {
-		config.NewCredential(userID, password)
+		config.NewCredential(userID, testPassword) // nolint: errcheck
 	}
 }
 
@@ -54,9 +51,8 @@ func BenchmarkDefaultWorkFactorPbkdfSha3_512(b *testing.B) {
 		Store: passhash.DummyCredentialStore{}, PasswordPolicies: []passhash.PasswordPolicy{},
 	}
 	userID := passhash.UserID(0)
-	password := "insecurepassword"
 	for i := 0; i < b.N; i++ {
-		config.NewCredential(userID, password)
+		config.NewCredential(userID, testPassword) // nolint: errcheck
 	}
 }
 
@@ -67,9 +63,8 @@ func BenchmarkDefaultWorkFactorBcrypt(b *testing.B) {
 		Store: passhash.DummyCredentialStore{}, PasswordPolicies: []passhash.PasswordPolicy{},
 	}
 	userID := passhash.UserID(0)
-	password := "insecurepassword"
 	for i := 0; i < b.N; i++ {
-		config.NewCredential(userID, password)
+		config.NewCredential(userID, testPassword) // nolint: errcheck
 	}
 }
 
@@ -80,8 +75,7 @@ func BenchmarkDefaultWorkFactorScrypt(b *testing.B) {
 		Store: passhash.DummyCredentialStore{}, PasswordPolicies: []passhash.PasswordPolicy{},
 	}
 	userID := passhash.UserID(0)
-	password := "insecurepassword"
 	for i := 0; i < b.N; i++ {
-		config.NewCredential(userID, password)
+		config.NewCredential(userID, testPassword) // nolint: errcheck
 	}
 }

config_test.go

@@ -94,7 +94,7 @@ func TestNewCredentialRandError(t *testing.T) {
 	}()
 	passhash.SetRandReader(readerError{})
 	userID := passhash.UserID(0)
-	password := "insecurepassword"
+	password := testPassword
 	if _, err := passhash.DefaultConfig.NewCredential(userID, password); err == nil {
 		t.Error("No error hit when calling random numbers")
 	}

consts_test.go

@@ -0,0 +1,3 @@
+package passhash_test
+
+const testPassword = "insecurePassword"

credential.go

@@ -7,7 +7,7 @@ import (
 	"net"
 )
 
-// EmptyIP is the cannonical value for an empty IP. This value should not be modified
+// EmptyIP is the canonical value for an empty IP. This value should not be modified
 var EmptyIP = net.IP{}
 
 // Credential is a password specification.