-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy path.golangci.yml
More file actions
449 lines (390 loc) · 14.6 KB
/
.golangci.yml
File metadata and controls
449 lines (390 loc) · 14.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
# golangci-lint configuration for Meridian
# Production-grade Go linting with strict quality standards
version: "2"
run:
timeout: 5m
tests: true
modules-download-mode: readonly
allow-parallel-runners: true
build-tags:
- integration
linters:
enable:
# Core linters (always enabled)
- govet # Official Go vet
- errcheck # Check for unchecked errors
- staticcheck # Go static analysis (includes gosimple)
- unused # Check for unused code
- ineffassign # Detect ineffectual assignments
- misspell # Spell checker
- gocyclo # Cyclomatic complexity
# Additional quality linters
- revive # Fast, configurable, extensible
- goconst # Repeated strings that could be constants
- gocognit # Cognitive complexity
- unconvert # Remove unnecessary type conversions
# - unparam # Disabled: panics on Go generics with type constraints (e.g., ~string)
# # See: https://github.com/golangci/golangci-lint/issues/5254
# # revive's unused-parameter rule provides similar coverage
- nakedret # Naked returns in long functions
- prealloc # Slice preallocation
- nilerr # Check for nil error returns
- noctx # Check for missing context.Context
- exhaustive # Check exhaustiveness of enum switch statements
- err113 # Go 1.13 error wrapping
# - wrapcheck # Check error wrapping (disabled: gRPC services return terminal errors)
- errorlint # Error handling best practices
- contextcheck # Check context.Context usage
- sqlclosecheck # Check SQL resources are closed
- rowserrcheck # Check database rows errors
# Compile-time safety linters
- nilnil # Prevent returning (nil, nil) which hides errors
- forcetypeassert # Require checked type assertions (v, ok := x.(T))
- gocritic # Additional safety diagnostics
- bodyclose # HTTP response bodies must be closed
# Code hygiene linters
- nolintlint # Require specific linter names and explanations on //nolint directives
- godox # Reject TODO/FIXME/HACK in committed code
- funlen # Reject overly long functions
- cyclop # Package-level cyclomatic complexity
# Architecture linters
- depguard # Enforce dependency constraints and block dangerous packages
disable:
- varnamelen # Too strict for production code
- testpackage # Allow internal testing
- paralleltest # Not always appropriate
- wrapcheck # Disabled: gRPC services return terminal errors
exclusions:
# v2 format: path-based exclusions
paths:
- tests/audit-e2e # E2E tests require //go:build integration tag
- services/internal-account/e2e # E2E tests require //go:build integration tag
- services/reference-data/e2e # E2E tests require //go:build integration tag
- tests/integration # Integration tests have stale references to refactored domain types
rules:
# Exclude some linters for test files
- path: _test\.go
linters:
- gocyclo
- gocognit
- errcheck
- goconst
- unparam
- wrapcheck
- bodyclose
- forcetypeassert # Type assertions in tests are acceptable for cleaner test code
- gocritic # Style checks less critical in tests
- nilnil # Tests may use (nil, nil) for mock implementations
- govet # unusedwrite and nilness checks too strict for test scaffolding
- err113 # Tests need dynamic errors to test error pattern matching
- funlen # Tests can be verbose with setup/assertions
- cyclop # Tests can have complex control flow
- noctx # httptest.NewRequest creates a valid context; requiring WithContext in tests is noise
# Allow context-as-argument after *testing.T in test helper functions
- path: _test\.go
text: "context-as-argument"
linters:
- revive
# Exclude linters for test support utilities
- path: (testdb/|testhelpers/|testfixtures/)
linters:
- gocyclo
- gocognit
- gocritic
- funlen
- cyclop
# Exclude complexity linters for gRPC service implementations
# These have inherently complex request handling with validation, conversion, and persistence
- path: services/.*/service/.*\.go
linters:
- gocyclo
- gocognit
- funlen
- cyclop
# Exclude complexity linters for repository implementations (complex query building)
- path: services/.*/repository/.*\.go
linters:
- gocyclo
- gocognit
- funlen
- cyclop
# Exclude complexity linters for adapter implementations (mapping logic)
- path: services/.*/adapters/.*\.go
linters:
- gocyclo
- gocognit
- funlen
- cyclop
# Exclude complexity linters for Kafka implementations (complex message handling)
- path: shared/platform/kafka/.*\.go
linters:
- gocyclo
- gocognit
- funlen
- cyclop
# Exclude complexity linters for auth config (complex switch statements for auth modes)
- path: shared/platform/auth/.*\.go
linters:
- gocyclo
- gocognit
- funlen
- cyclop
# Exclude complexity linters for saga packages (AST walkers, orchestration, step execution)
- path: (shared/pkg/saga|services/reference-data/saga)/.*\.go
linters:
- gocyclo
- gocognit
- funlen
- cyclop
# Exclude complexity linters for internal service packages (appliers, validators, handlers)
- path: services/.*/internal/.*\.go
linters:
- funlen
- cyclop
# Exclude complexity linters for service handler packages (gRPC handler wiring)
- path: services/.*/handler/.*\.go
linters:
- funlen
- cyclop
# Exclude complexity linters for service client packages (Starlark handler registration)
- path: services/.*/client/.*\.go
linters:
- funlen
- cyclop
# Exclude complexity linters for service worker packages (batch processing)
- path: services/.*/worker/.*\.go
linters:
- funlen
- cyclop
# Exclude complexity linters for service connector packages (external integrations)
- path: services/.*/connector/.*\.go
linters:
- funlen
- cyclop
# Exclude complexity linters for Starlark runner packages (script execution + timeout logic)
- path: services/.*/starlark/.*\.go
linters:
- funlen
- cyclop
# Exclude complexity linters for tenant provisioner (multi-step provisioning)
- path: services/tenant/provisioner/.*\.go
linters:
- funlen
- cyclop
# Exclude complexity linters for API gateway auth handlers (multi-step OAuth flows)
- path: services/api-gateway/auth_.*\.go
linters:
- funlen
- cyclop
# Exclude complexity linters for API gateway MCP consent handler (multi-step OAuth consent flow)
- path: services/api-gateway/mcp_consent_handler\.go
linters:
- gocyclo
- funlen
- cyclop
# Exclude all linters for integration tests (require external services)
- path: test/integration/
linters:
- all
# Exclude some linters for generated files
- path: \.pb\.go$
linters:
- all
# Exclude typecheck for tools.go (imports main packages for tool dependency tracking)
- path: tools\.go$
linters:
- typecheck
# Exclude some linters for mock files
- path: mock_.*\.go
linters:
- all
# Allow main() to have unchecked errors for flag parsing
- path: (^cmd/|^services/.*/cmd/|^utilities/)
text: "Error return value of.*is not checked"
linters:
- errcheck
# Allow long/complex functions in main/cmd packages for setup and CLI orchestration
- path: (^cmd/|^services/.*/cmd/|^utilities/)
linters:
- gocyclo
- gocognit
- funlen
- cyclop
# Exclude var-naming for http adapter packages (intentionally named 'http' for clarity)
- path: services/.*/adapters/http/
text: "var-naming: avoid package names that conflict"
linters:
- revive
# "types" package name is intentional (similar to go/types in stdlib)
- path: ^shared/pkg/types/
text: "var-naming: avoid meaningless package names"
linters:
- revive
# Exclude deprecatedComment for current-account clients (backward compat layer)
- path: services/current-account/clients/
text: "deprecatedComment"
linters:
- gocritic
# Exclude misspell for protobuf enum references (CANCELLED is the official enum name)
- text: "CANCELLED.*is a misspelling of.*CANCELED"
linters:
- misspell
# Exclude misspell for British English variations in comments/strings
# The codebase uses British English for user-facing terminology
- text: "cancelled.*is a misspelling of.*canceled"
linters:
- misspell
- text: "Cancelled.*is a misspelling of.*Canceled"
linters:
- misspell
- text: "cancelling.*is a misspelling of.*canceling"
linters:
- misspell
# Suppress SA1019 for deprecated shared/domain/money and shared/platform/quantity/currency
# These packages are deprecated in favour of shared/pkg/refdata.InstrumentResolver but
# are still imported across the codebase during the migration period.
- text: "SA1019:.*shared/(domain/money|platform/quantity/currency)"
linters:
- staticcheck
- text: "SA1019:.*deprecated.*(InstrumentResolver|InstrumentProperties|quantity package|quantity error|quantity\\.|dynamic instrument)"
linters:
- staticcheck
settings:
govet:
enable-all: true
disable:
- shadow # Too many false positives
- fieldalignment # Struct field alignment is informative but too noisy
errcheck:
check-type-assertions: true
check-blank: false # Allow _ = to explicitly ignore errors
exclude-functions:
- fmt.Print*
- fmt.Fprint*
staticcheck:
checks: ["all"]
gocyclo:
min-complexity: 15
gocognit:
min-complexity: 20
goconst:
min-len: 3
min-occurrences: 3
misspell:
locale: US
nakedret:
max-func-lines: 30
# unparam settings removed - linter disabled due to Go generics panic
revive:
confidence: 0.8
rules:
- name: blank-imports
- name: context-as-argument
- name: context-keys-type
- name: dot-imports
- name: error-return
- name: error-strings
- name: error-naming
- name: exported
- name: if-return
- name: increment-decrement
- name: var-naming
- name: var-declaration
- name: package-comments
- name: range
- name: receiver-naming
- name: time-naming
- name: unexported-return
- name: indent-error-flow
- name: errorf
- name: empty-block
- name: superfluous-else
- name: unused-parameter
- name: unreachable-code
- name: redefines-builtin-id
nolintlint:
require-explanation: true
require-specific: true
godox:
keywords:
- TODO
- FIXME
- HACK
- BUG
- XXX
funlen:
lines: 80
statements: 60
cyclop:
max-complexity: 15
errorlint:
errorf: true
asserts: true
comparison: true
gocritic:
# Enable only diagnostic checks (safety), disable style checks
enabled-tags:
- diagnostic
disabled-tags:
- style
- performance
- opinionated
# Note: ifElseChain, elseif, unlambda, exitAfterDefer, assignOp are
# already disabled by disabled-tags: [style]
depguard:
# Enforce dependency constraints - block deprecated packages and prevent test
# packages from leaking into production code
rules:
# Main rule applies to production Go files only (excludes test files)
main:
# Only apply to non-test files
files:
- "!**/*_test.go"
- "!**/testhelpers/**"
- "!**/testfixtures/**"
- "!**/testdb/**"
- "!**/tests/**"
# Lax mode: allow all packages except those explicitly denied
list-mode: lax
deny:
# Deprecated packages
- pkg: "io/ioutil"
desc: "Deprecated since Go 1.16: use io and os packages instead"
- pkg: "github.com/pkg/errors"
desc: "Deprecated: use standard library errors with fmt.Errorf and %w"
# Test-only packages that should not be in production code
- pkg: "testing"
desc: "testing package should only be imported in test files"
- pkg: "github.com/stretchr/testify"
desc: "testify should only be imported in test files"
- pkg: "github.com/stretchr/testify/assert"
desc: "testify/assert should only be imported in test files"
- pkg: "github.com/stretchr/testify/require"
desc: "testify/require should only be imported in test files"
- pkg: "github.com/stretchr/testify/mock"
desc: "testify/mock should only be imported in test files"
- pkg: "github.com/stretchr/testify/suite"
desc: "testify/suite should only be imported in test files"
- pkg: "github.com/testcontainers/testcontainers-go"
desc: "testcontainers should only be imported in test files"
# Test files: only block deprecated packages
tests:
files:
- "**/*_test.go"
- "**/testhelpers/**"
- "**/testfixtures/**"
- "**/testdb/**"
- "**/tests/**"
list-mode: lax
deny:
- pkg: "io/ioutil"
desc: "Deprecated since Go 1.16: use io and os packages instead"
formatters:
enable:
- gofmt # Standard Go formatting
- goimports # Manage imports
- gofumpt # Stricter gofmt
output:
formats:
text:
path: stdout