mirror of
https://github.com/anchore/syft
synced 2024-09-20 06:01:53 +00:00
4194a2cd34
This PR adds DependencyOf relationships when ELF packages have been discovered by the binary cataloger. The discovered file.Executable type has a []ImportedLibraries that's read from the file when discovered by syft. By mapping these imported libraries back to the package collection, syft is able to create relationships showing which packages are dependencies of other packages by just reading metadata from the ELF executable. --------- Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> Signed-off-by: Brian Ebarb <ebarb.brian@sers.noreply.github.com> Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
90 lines
3.1 KiB
YAML
90 lines
3.1 KiB
YAML
issues:
|
|
max-same-issues: 25
|
|
|
|
# TODO: enable this when we have coverage on docstring comments
|
|
# # The list of ids of default excludes to include or disable.
|
|
# include:
|
|
# - EXC0002 # disable excluding of issues about comments from golint
|
|
|
|
linters:
|
|
# inverted configuration with `enable-all` and `disable` is not scalable during updates of golangci-lint
|
|
disable-all: true
|
|
enable:
|
|
- asciicheck
|
|
- bodyclose
|
|
- dogsled
|
|
- dupl
|
|
- errcheck
|
|
- exportloopref
|
|
- funlen
|
|
- gocognit
|
|
- goconst
|
|
- gocritic
|
|
- gocyclo
|
|
- gofmt
|
|
- goimports
|
|
- goprintffuncname
|
|
- gosec
|
|
- gosimple
|
|
- govet
|
|
- ineffassign
|
|
- misspell
|
|
- nakedret
|
|
- revive
|
|
- staticcheck
|
|
- stylecheck
|
|
- typecheck
|
|
- unconvert
|
|
- unparam
|
|
- unused
|
|
- whitespace
|
|
|
|
linters-settings:
|
|
funlen:
|
|
# Checks the number of lines in a function.
|
|
# If lower than 0, disable the check.
|
|
# Default: 60
|
|
lines: 70
|
|
# Checks the number of statements in a function.
|
|
# If lower than 0, disable the check.
|
|
# Default: 40
|
|
statements: 50
|
|
gocritic:
|
|
enabled-checks:
|
|
- deferInLoop
|
|
- ruleguard
|
|
settings:
|
|
ruleguard:
|
|
rules: "test/rules/rules.go"
|
|
output:
|
|
uniq-by-line: false
|
|
run:
|
|
timeout: 10m
|
|
tests: false
|
|
|
|
# do not enable...
|
|
# - deadcode # The owner seems to have abandoned the linter. Replaced by "unused".
|
|
# - depguard # We don't have a configuration for this yet
|
|
# - goprintffuncname # does not catch all cases and there are exceptions
|
|
# - nakedret # does not catch all cases and should not fail a build
|
|
# - gochecknoglobals
|
|
# - gochecknoinits # this is too aggressive
|
|
# - rowserrcheck disabled per generics https://github.com/golangci/golangci-lint/issues/2649
|
|
# - godot
|
|
# - godox
|
|
# - goerr113
|
|
# - goimports # we're using gosimports now instead to account for extra whitespaces (see https://github.com/golang/go/issues/20818)
|
|
# - golint # deprecated
|
|
# - gomnd # this is too aggressive
|
|
# - interfacer # this is a good idea, but is no longer supported and is prone to false positives
|
|
# - lll # without a way to specify per-line exception cases, this is not usable
|
|
# - maligned # this is an excellent linter, but tricky to optimize and we are not sensitive to memory layout optimizations
|
|
# - nestif
|
|
# - nolintlint # as of go1.19 this conflicts with the behavior of gofmt, which is a deal-breaker (lint-fix will still fail when running lint)
|
|
# - prealloc # following this rule isn't consistently a good idea, as it sometimes forces unnecessary allocations that result in less idiomatic code
|
|
# - rowserrcheck # not in a repo with sql, so this is not useful
|
|
# - scopelint # deprecated
|
|
# - structcheck # The owner seems to have abandoned the linter. Replaced by "unused".
|
|
# - testpackage
|
|
# - varcheck # The owner seems to have abandoned the linter. Replaced by "unused".
|
|
# - wsl # this doens't have an auto-fixer yet and is pretty noisy (https://github.com/bombsimon/wsl/issues/90)
|