Bump CI versions, fix a few linting errors (#90)

Author: unrolled

.github/workflows/test.yaml

@@ -11,7 +11,7 @@ jobs:
   tests:
     strategy:
       matrix:
-        go-version: [1.16.x, 1.17.x, 1.18.x, 1.19.x]
+        go-version: [1.18.x, 1.19.x, 1.20.x, 1.21.x]
         os: [ubuntu-latest]
     runs-on: ${{ matrix.os }}
     steps:

.golangci.yaml

@@ -1,5 +1,5 @@
 run:
-  timeout: 10m
+  timeout: 5m
 
 linters:
   enable-all: true
@@ -29,8 +29,6 @@ linters:
     - nestif
     - funlen
     - goconst
-    - nlreturn
-    - gochecknoglobals
     - cyclop
     - gocyclo
     - gocognit

csp_test.go

@@ -10,7 +10,7 @@ import (
 	"testing"
 )
 
-// cspHandler writes the nonce out as the response body.
+//nolint:gochecknoglobals
 var cspHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 	_, _ = w.Write([]byte(CSPNonce(r.Context())))
 })

cspbuilder/builder_test.go

@@ -45,6 +45,7 @@ func TestContentSecurityPolicyBuilder_Build_SingleDirective(t *testing.T) {
 			got, err := builder.Build()
 			if (err != nil) != tt.wantErr {
 				t.Errorf("ContentSecurityPolicyBuilder.Build() error = %v, wantErr %v", err, tt.wantErr)
+
 				return
 			}
 
@@ -94,6 +95,7 @@ func TestContentSecurityPolicyBuilder_Build_MultipleDirectives(t *testing.T) {
 			got, err := builder.Build()
 			if (err != nil) != tt.wantErr {
 				t.Errorf("ContentSecurityPolicyBuilder.Build() error = %v, wantErr %v", err, tt.wantErr)
+
 				return
 			}
 
@@ -102,6 +104,7 @@ func TestContentSecurityPolicyBuilder_Build_MultipleDirectives(t *testing.T) {
 				for directive := range tt.directives {
 					if strings.HasPrefix(got, directive) {
 						startsWithDirective = true
+
 						break
 					}
 				}

cspbuilder/directive_builder.go

@@ -9,6 +9,7 @@ import (
 func buildDirectiveSandbox(sb *strings.Builder, values []string) error {
 	if len(values) == 0 {
 		sb.WriteString(Sandbox)
+
 		return nil
 	}
 

secure.go

@@ -39,11 +39,11 @@ type SSLHostFunc func(host string) (newHost string)
 // AllowRequestFunc is a custom function type that can be used to dynamically determine if a request should proceed or not.
 type AllowRequestFunc func(r *http.Request) bool
 
-func defaultBadHostHandler(w http.ResponseWriter, r *http.Request) {
+func defaultBadHostHandler(w http.ResponseWriter, _ *http.Request) {
 	http.Error(w, "Bad Host", http.StatusInternalServerError)
 }
 
-func defaultBadRequestHandler(w http.ResponseWriter, r *http.Request) {
+func defaultBadRequestHandler(w http.ResponseWriter, _ *http.Request) {
 	http.Error(w, "Bad Request", http.StatusBadRequest)
 }
 
@@ -302,6 +302,7 @@ func (s *Secure) processRequest(w http.ResponseWriter, r *http.Request) (http.He
 	for _, header := range s.opt.HostsProxyHeaders {
 		if h := r.Header.Get(header); h != "" {
 			host = h
+
 			break
 		}
 	}
@@ -314,20 +315,23 @@ func (s *Secure) processRequest(w http.ResponseWriter, r *http.Request) (http.He
 			for _, allowedHost := range s.cRegexAllowedHosts {
 				if match := allowedHost.MatchString(host); match {
 					isGoodHost = true
+
 					break
 				}
 			}
 		} else {
 			for _, allowedHost := range s.opt.AllowedHosts {
 				if strings.EqualFold(allowedHost, host) {
 					isGoodHost = true
+
 					break
 				}
 			}
 		}
 
 		if !isGoodHost {
 			s.badHostHandler.ServeHTTP(w, r)
+
 			return nil, nil, fmt.Errorf("bad host name: %s", host)
 		}
 	}
@@ -389,6 +393,7 @@ func (s *Secure) processRequest(w http.ResponseWriter, r *http.Request) (http.He
 	// If the AllowRequestFunc is set, call it and exit early if needed.
 	if s.opt.AllowRequestFunc != nil && !s.opt.AllowRequestFunc(r) {
 		s.badRequestHandler.ServeHTTP(w, r)
+
 		return nil, nil, fmt.Errorf("request not allowed")
 	}
 
@@ -487,6 +492,7 @@ func (s *Secure) isSSL(r *http.Request) bool {
 		for k, v := range s.opt.SSLProxyHeaders {
 			if r.Header.Get(k) == v {
 				ssl = true
+
 				break
 			}
 		}

secure_test.go

@@ -10,6 +10,7 @@ import (
 	"testing"
 )
 
+//nolint:gochecknoglobals
 var myHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 	_, _ = w.Write([]byte("bar"))
 })