c967727ff8
G301/G306 on config files (intentional 0755/0644), G204 on process exec (necessary), G101 on API key display string, G104 on ShowMenu. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
40 lines
1.1 KiB
YAML
40 lines
1.1 KiB
YAML
version: "2"
|
|
|
|
linters:
|
|
enable:
|
|
- errcheck
|
|
- gosec
|
|
- govet
|
|
- ineffassign
|
|
- staticcheck
|
|
- unused
|
|
exclusions:
|
|
presets:
|
|
- std-error-handling
|
|
rules:
|
|
# binary.Write in ICO header encoding — panic-level errors only
|
|
- path: internal/icons/render\.go
|
|
linters: [errcheck, gosec]
|
|
source: "binary\\.Write"
|
|
# systray ShowMenu return value is meaningless
|
|
- path: internal/tray/
|
|
linters: [errcheck, gosec]
|
|
source: "ShowMenu"
|
|
# Config files use 0755/0644 intentionally (user-readable config, not secrets)
|
|
- linters: [gosec]
|
|
text: "G301|G306"
|
|
path: internal/config/
|
|
# Process manager and panel launcher must exec with variable paths
|
|
- linters: [gosec]
|
|
text: "G204"
|
|
# API key display string is not a hardcoded credential
|
|
- linters: [gosec]
|
|
text: "G101"
|
|
path: internal/tray/
|
|
# Setup binary is a CLI wizard; best-effort error handling is acceptable
|
|
- path: cmd/setup/
|
|
linters: [errcheck, gosec]
|
|
paths:
|
|
- cmd/panel
|
|
- cmd/icongen
|