Skip to content

Upgrade golangci-lint to v2.10.1 and fix lint warnings#8072

Closed
veeceey wants to merge 3 commits intojaegertracing:mainfrom
veeceey:fix/issue-8064-upgrade-linter
Closed

Upgrade golangci-lint to v2.10.1 and fix lint warnings#8072
veeceey wants to merge 3 commits intojaegertracing:mainfrom
veeceey:fix/issue-8064-upgrade-linter

Conversation

@veeceey
Copy link

@veeceey veeceey commented Feb 20, 2026
edited
Loading

Summary

  • Upgrades golangci-lint from v2.9.0 to v2.10.1 (along with transitive dependencies: gosec v2.23.0, staticcheck v0.7.0, ginkgolinter v0.23.0, godoc-lint v0.11.2)
  • Removes four unused //nolint:gosec // G115 directives that are no longer needed with the updated linter
  • Fixes gosec G115 (integer overflow rune -> byte) in promqlDurationString by using strings.Builder.WriteRune instead of byte conversion
  • Fixes staticcheck QF1012: uses fmt.Fprintf instead of WriteString(fmt.Sprintf(...)) in aliasesString
  • Adds targeted inline //nolint:gosec directives for new taint analysis false positives (G101, G117, G703, G704, G705) on config-sourced values

Closes #8064

Copilot AI review requested due to automatic review settings February 20, 2026 08:32
@veeceey veeceey requested a review from a team as a code owner February 20, 2026 08:32
Copilot AI reviewed Feb 20, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR upgrades the golangci-lint tool from v2.9.0 to v2.10.1 to address linter errors identified in issue #8064. The upgrade includes updates to transitive dependencies (gosec, staticcheck, ginkgolinter, godoc-lint) and makes necessary code changes to comply with the updated linter rules.

Changes:

  • Upgrades golangci-lint to v2.10.1 along with transitive dependencies
  • Excludes new gosec taint analysis rules that produce false positives on config-sourced values
  • Fixes code issues identified by the updated linters: integer overflow handling in promqlDurationString and performance optimization in aliasesString

Reviewed changes

Copilot reviewed 8 out of 9 changed files in this pull request and generated no comments.

Show a summary per file
File Description
internal/tools/go.mod Updates golangci-lint and transitive dependencies to newer versions
internal/tools/go.sum Checksums for updated dependencies
.golangci.yml Excludes new gosec rules (G101, G117, G703, G704, G705) that produce false positives
internal/storage/metricstore/prometheus/metricstore/reader.go Fixes G115 by using WriteRune instead of unsafe rune-to-byte conversion
internal/storage/elasticsearch/client/index_client.go Applies QF1012 optimization replacing WriteString(Sprintf(...)) with fmt.Fprintf
internal/storage/metricstore/prometheus/metricstore/dbmodel/to_domain.go Removes unnecessary nolint directive for safe int32 conversion
internal/storage/integration/integration.go Removes unnecessary nolint directive for safe uint64 conversion
internal/storage/elasticsearch/config/config.go Removes unnecessary nolint directive for safe uint conversion
cmd/jaeger/internal/extension/jaegerquery/internal/apiv3/http_gateway.go Removes unnecessary nolint directive for safe int32 conversion

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@veeceey veeceey force-pushed the fix/issue-8064-upgrade-linter branch from 23343ee to 29532db Compare February 20, 2026 09:16
yurishkuro
yurishkuro reviewed Feb 20, 2026
View reviewed changes
.golangci.yml Outdated
- G601
- G703
- G704
- G705
Copy link
Member

@yurishkuro yurishkuro Feb 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

excluding rules was not part of the issue

Copy link
Author

@veeceey veeceey Feb 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're right, sorry about that. I've removed the global exclusions and added inline //nolint:gosec directives on each false positive instead. These are all taint analysis rules (G101, G117, G703, G704, G705) firing on config-sourced values. Also fixed the missing DCO sign-off.

@codecov
Copy link

codecov bot commented Feb 20, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 95.47%. Comparing base (92ac7cd) to head (25105e0).
⚠️ Report is 6 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #8072      +/-   ##
==========================================
- Coverage   95.48%   95.47%   -0.01%     
==========================================
  Files         316      316              
  Lines       16756    16735      -21     
==========================================
- Hits        15999    15978      -21     
+ Misses        592      591       -1     
- Partials      165      166       +1
Flag Coverage Δ
badger_v1 9.03% <0.00%> (-0.11%) ⬇️
badger_v2 1.03% <0.00%> (-0.32%) ⬇️
cassandra-4.x-v1-manual 13.21% <0.00%> (-0.11%) ⬇️
cassandra-4.x-v2-auto 1.02% <0.00%> (-0.32%) ⬇️
cassandra-4.x-v2-manual 1.02% <0.00%> (-0.32%) ⬇️
cassandra-5.x-v1-manual 13.21% <0.00%> (-0.11%) ⬇️
cassandra-5.x-v2-auto 1.02% <0.00%> (-0.32%) ⬇️
cassandra-5.x-v2-manual 1.02% <0.00%> (-0.32%) ⬇️
clickhouse 1.11% <0.00%> (-0.32%) ⬇️
elasticsearch-6.x-v1 16.88% <0.00%> (-0.02%) ⬇️
elasticsearch-7.x-v1 16.91% <0.00%> (-0.02%) ⬇️
elasticsearch-8.x-v1 17.06% <0.00%> (-0.02%) ⬇️
elasticsearch-8.x-v2 1.03% <0.00%> (-0.32%) ⬇️
elasticsearch-9.x-v2 1.03% <0.00%> (-0.32%) ⬇️
grpc_v1 7.76% <0.00%> (-0.36%) ⬇️
grpc_v2 1.03% <0.00%> (-0.32%) ⬇️
kafka-3.x-v2 1.03% <0.00%> (-0.32%) ⬇️
memory_v2 1.03% <0.00%> (-0.32%) ⬇️
opensearch-1.x-v1 16.96% <0.00%> (-0.02%) ⬇️
opensearch-2.x-v1 16.96% <0.00%> (-0.02%) ⬇️
opensearch-2.x-v2 1.03% <0.00%> (-0.32%) ⬇️
opensearch-3.x-v2 1.03% <0.00%> (-0.32%) ⬇️
query 1.03% <0.00%> (-0.32%) ⬇️
tailsampling-processor 0.52% <0.00%> (-0.02%) ⬇️
unittests 94.16% <100.00%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@veeceey
Copy link
Author

veeceey commented Feb 23, 2026

You're right, I can see those exclusions aren't part of the original issue. I'll remove those and keep just the actual code fixes that were needed. The core changes should just be the G115 fix in the reader and the QF1012 optimization, plus cleaning up the now-unnecessary nolint comments.

Copilot AI review requested due to automatic review settings February 23, 2026 02:50
@veeceey veeceey force-pushed the fix/issue-8064-upgrade-linter branch from 29532db to 01a659f Compare February 23, 2026 02:50
Copilot AI reviewed Feb 23, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 7 out of 8 changed files in this pull request and generated 1 comment.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

internal/tools/go.mod

require (
github.com/golangci/golangci-lint/v2 v2.9.0
github.com/golangci/golangci-lint/v2 v2.10.1
Copy link

Copilot AI Feb 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The PR description states that this change "Excludes new gosec taint analysis rules (G101, G117, G703, G704, G705) that produce false positives on config-sourced values throughout the codebase," but there are no changes to .golangci.yml in this PR to add these exclusions. The current .golangci.yml only excludes G104, G107, G404, and G601 (lines 82-86). Either the PR description is incorrect, or the .golangci.yml changes are missing from the PR.

Copilot uses AI. Check for mistakes.
@veeceey
Upgrade golangci-lint to v2.10.1 and fix new lint warnings
6a1c4a1 
Closes jaegertracing#8064

- Upgrade golangci-lint from v2.9.0 to v2.10.1 in internal/tools
- Remove unused //nolint:gosec G115 directives that are no longer needed
- Fix gosec G115 (integer overflow rune->byte) in promqlDurationString
  by using strings.Builder.WriteRune instead of byte conversion
- Fix staticcheck QF1012: use fmt.Fprintf instead of WriteString(Sprintf)

Signed-off-by: Varun Chawla <varun_6april@hotmail.com>
@veeceey
Add inline nolint directives for new gosec taint analysis rules
25105e0 
Replace global gosec rule exclusions with targeted inline //nolint
directives for G101, G117, G703, G704, and G705 false positives.
These are all config-sourced values, not user input.

Signed-off-by: Varun Chawla <varun_6april@hotmail.com>
@veeceey veeceey force-pushed the fix/issue-8064-upgrade-linter branch from 01a659f to 25105e0 Compare February 23, 2026 04:48
@veeceey
Remove inline nolint directives for gosec taint analysis rules
120b339 
The G101, G117, G703, G704, G705 nolint directives were not part of the
original issue scope (jaegertracing#8064). Revert to keep changes focused on the
linter upgrade and actual lint fixes.

Signed-off-by: Varun Chawla <varun_6april@hotmail.com>
Copilot AI review requested due to automatic review settings February 24, 2026 07:32
Copilot AI reviewed Feb 24, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 7 out of 8 changed files in this pull request and generated no new comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@yurishkuro
Copy link
Member

yurishkuro commented Feb 24, 2026

conflicts need to be resolved. Please pose evidence of make lint being successful after your changes.

@github-actions github-actions bot added the waiting-for-author PR is waiting for author to respond to maintainer's comments label Feb 24, 2026
@yurishkuro
Copy link
Member

yurishkuro commented Feb 26, 2026

solved in the original PR #8062

@yurishkuro yurishkuro closed this Feb 26, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yurishkuro yurishkuro yurishkuro left review comments

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

area/storage storage/elasticsearch waiting-for-author PR is waiting for author to respond to maintainer's comments

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[chore]: Upgrade linter

3 participants

@veeceey @yurishkuro