diff options
| author | Adin Scannell <ascannell@google.com> | 2020-10-26 11:09:34 -0700 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2020-10-26 11:11:46 -0700 |
| commit | 7926a9e28da8852954961af2aea0a280b6bbd210 (patch) | |
| tree | d2c87f7108aa207b0c2c87410d12c3f952a56689 /nogo.yaml | |
| parent | e2dce046037c30b585cc62db45d517f59d1a08fc (diff) | |
Add nogo configuration.
This splits the nogo rules into a separate configuration yaml file, and
allows for multiple files to be provided.
Because attrs cannot be passed down to aspects, this required that all
findings are propagated up the aspect Provider. This doesn't mean that
any extra work must be done, just that this information must be carried
through the graph, and some additional starlark complexity is required.
PiperOrigin-RevId: 339076357
Diffstat (limited to 'nogo.yaml')
| -rw-r--r-- | nogo.yaml | 495 |
1 files changed, 495 insertions, 0 deletions
diff --git a/nogo.yaml b/nogo.yaml new file mode 100644 index 000000000..07fd9aa4d --- /dev/null +++ b/nogo.yaml @@ -0,0 +1,495 @@ +groups: + # We define three basic groups: generated (all generated files), + # exteranl (all files outside the repository), and internal (all + # files within the local repository). We can't enforce many style + # checks on generated and external code, so enable those cases + # selectively for analyzers below. + - name: generated + regex: "^(bazel-genfiles|bazel-out|bazel-bin)/" + default: true + - name: external + regex: "^external/" + default: false + - name: internal + regex: ".*" + default: true +global: + generated: + suppress: + # Suppress the basic style checks for + # generated code, but keep the analysis + # that are required for quality & security. + - "should not use ALL_CAPS in Go names" + - "should not use underscores" + - "comment on exported" + - "methods on the same type should have the same receiver name" + - "at least one file in a package" + - "package comment should be of the form" + # Generated code may have dead code paths. + - "identical build constraints" + - "no value of type" + - "is never used" + # go_embed_data rules generate unicode literals. + - "string literal contains the Unicode format character" + - "string literal contains the Unicode control character" + # Some external code will generate protov1 + # implementations. These should be ignored. + - "proto.* is deprecated" + - "xxx_messageInfo_.*" + - "receiver name should be a reflection of its identity" + # Generated gRPC code is not compliant either. + - "error strings should not be capitalized" + - "grpc.Errorf is deprecated" + internal: + suppress: + # We use ALL_CAPS for system definitions, + # which are common enough in the code base + # that we shouldn't annotate exceptions. + # + # Same story for underscores. + - "should not use ALL_CAPS in Go names" + - "should not use underscores in Go names" + exclude: + # A variety of staticcheck and stylecheck + # rules apply here. These should be fixed + # and removed from here, and the global + # rules should be used sparingly. + - pkg/abi/linux/fuse.go:22 + - pkg/abi/linux/fuse.go:25 + - pkg/abi/linux/socket.go:113 + - pkg/abi/linux/tty.go:73 + - pkg/bpf/decoder.go:112 + - pkg/cpuid/cpuid_x86.go:675 + - pkg/eventchannel/event.go:193 + - pkg/eventchannel/event.go:27 + - pkg/eventchannel/event_test.go:22 + - pkg/eventchannel/rate.go:19 + - pkg/gohacks/gohacks_unsafe.go:33 + - pkg/log/json.go:30 + - pkg/log/log.go:359 + - pkg/merkletree/merkletree.go:230 + - pkg/merkletree/merkletree.go:243 + - pkg/merkletree/merkletree.go:249 + - pkg/merkletree/merkletree.go:266 + - pkg/merkletree/merkletree.go:355 + - pkg/merkletree/merkletree.go:369 + - pkg/metric/metric_test.go:20 + - pkg/p9/p9test/client_test.go:687 + - pkg/p9/transport_test.go:196 + - pkg/pool/pool.go:15 + - pkg/refs/refcounter.go:510 + - pkg/refs/refcounter_test.go:169 + - pkg/refs_vfs2/refs.go:16 + - pkg/safemem/block_unsafe.go:89 + - pkg/seccomp/seccomp.go:82 + - pkg/segment/test/set_functions.go:15 + - pkg/sentry/arch/signal.go:166 + - pkg/sentry/arch/signal.go:171 + - pkg/sentry/control/pprof.go:196 + - pkg/sentry/devices/memdev/full.go:58 + - pkg/sentry/devices/memdev/null.go:59 + - pkg/sentry/devices/memdev/random.go:68 + - pkg/sentry/devices/memdev/zero.go:86 + - pkg/sentry/fdimport/fdimport.go:15 + - pkg/sentry/fs/attr.go:257 + - pkg/sentry/fsbridge/fs.go:116 + - pkg/sentry/fsbridge/vfs.go:124 + - pkg/sentry/fsbridge/vfs.go:70 + - pkg/sentry/fs/copy_up.go:365 + - pkg/sentry/fs/copy_up_test.go:65 + - pkg/sentry/fs/dev/net_tun.go:161 + - pkg/sentry/fs/dev/net_tun.go:63 + - pkg/sentry/fs/dev/null.go:97 + - pkg/sentry/fs/dirent_cache.go:64 + - pkg/sentry/fs/file_overlay.go:327 + - pkg/sentry/fs/file_overlay.go:524 + - pkg/sentry/fs/filetest/filetest.go:55 + - pkg/sentry/fs/filetest/filetest.go:60 + - pkg/sentry/fs/fs.go:77 + - pkg/sentry/fs/fsutil/file.go:290 + - pkg/sentry/fs/fsutil/file.go:346 + - pkg/sentry/fs/fsutil/host_file_mapper.go:105 + - pkg/sentry/fs/fsutil/inode_cached.go:676 + - pkg/sentry/fs/fsutil/inode_cached.go:772 + - pkg/sentry/fs/gofer/attr.go:120 + - pkg/sentry/fs/gofer/fifo.go:33 + - pkg/sentry/fs/gofer/inode.go:410 + - pkg/sentry/fsimpl/devpts/devpts.go:110 + - pkg/sentry/fsimpl/devpts/devpts.go:246 + - pkg/sentry/fsimpl/devpts/devpts.go:50 + - pkg/sentry/fsimpl/devpts/master.go:110 + - pkg/sentry/fsimpl/devpts/master.go:55 + - pkg/sentry/fsimpl/devpts/replica.go:113 + - pkg/sentry/fsimpl/devpts/replica.go:57 + - pkg/sentry/fsimpl/devtmpfs/devtmpfs.go:54 + - pkg/sentry/fsimpl/ext/disklayout/superblock_64.go:97 + - pkg/sentry/fsimpl/ext/disklayout/superblock_old.go:92 + - pkg/sentry/fsimpl/ext/disklayout/block_group_32.go:44 + - pkg/sentry/fsimpl/ext/disklayout/inode_new.go:91 + - pkg/sentry/fsimpl/ext/disklayout/inode_old.go:93 + - pkg/sentry/fsimpl/ext/disklayout/superblock_32.go:66 + - pkg/sentry/fsimpl/ext/disklayout/block_group_64.go:53 + - pkg/sentry/fsimpl/eventfd/eventfd.go:268 + - pkg/sentry/fsimpl/ext/directory.go:163 + - pkg/sentry/fsimpl/ext/directory.go:164 + - pkg/sentry/fsimpl/ext/extent_file.go:142 + - pkg/sentry/fsimpl/ext/extent_file.go:143 + - pkg/sentry/fsimpl/ext/ext.go:105 + - pkg/sentry/fsimpl/ext/filesystem.go:287 + - pkg/sentry/fsimpl/ext/regular_file.go:153 + - pkg/sentry/fsimpl/ext/symlink.go:113 + - pkg/sentry/fsimpl/fuse/connection_control.go:194 + - pkg/sentry/fsimpl/fuse/dev.go:387 + - pkg/sentry/fsimpl/fuse/dev_test.go:318 + - pkg/sentry/fsimpl/fuse/fusefs.go:102 + - pkg/sentry/fsimpl/fuse/read_write.go:129 + - pkg/sentry/fsimpl/fuse/request_response.go:71 + - pkg/sentry/fsimpl/gofer/directory.go:135 + - pkg/sentry/fsimpl/gofer/filesystem.go:679 + - pkg/sentry/fsimpl/gofer/gofer.go:1694 + - pkg/sentry/fsimpl/gofer/gofer.go:276 + - pkg/sentry/fsimpl/gofer/regular_file.go:81 + - pkg/sentry/fsimpl/gofer/special_file.go:141 + - pkg/sentry/fsimpl/host/host.go:184 + - pkg/sentry/fsimpl/kernfs/dynamic_bytes_file.go:50 + - pkg/sentry/fsimpl/kernfs/dynamic_bytes_file.go:90 + - pkg/sentry/fsimpl/kernfs/fd_impl_util.go:273 + - pkg/sentry/fsimpl/kernfs/filesystem.go:247 + - pkg/sentry/fsimpl/kernfs/inode_impl_util.go:320 + - pkg/sentry/fsimpl/kernfs/inode_impl_util.go:497 + - pkg/sentry/fsimpl/kernfs/synthetic_directory.go:52 + - pkg/sentry/fsimpl/overlay/directory.go:119 + - pkg/sentry/fsimpl/overlay/filesystem.go:527 + - pkg/sentry/fsimpl/overlay/non_directory.go:152 + - pkg/sentry/fsimpl/overlay/overlay.go:115 + - pkg/sentry/fsimpl/overlay/overlay.go:719 + - pkg/sentry/fsimpl/pipefs/pipefs.go:74 + - pkg/sentry/fsimpl/proc/filesystem.go:52 + - pkg/sentry/fsimpl/proc/filesystem.go:81 + - pkg/sentry/fsimpl/proc/subtasks.go:126 + - pkg/sentry/fsimpl/proc/subtasks.go:189 + - pkg/sentry/fsimpl/proc/task_fds.go:168 + - pkg/sentry/fsimpl/proc/task_fds.go:228 + - pkg/sentry/fsimpl/proc/task_fds.go:301 + - pkg/sentry/fsimpl/proc/task_fds.go:318 + - pkg/sentry/fsimpl/proc/task_fds.go:67 + - pkg/sentry/fsimpl/proc/task_files.go:112 + - pkg/sentry/fsimpl/proc/task_files.go:158 + - pkg/sentry/fsimpl/proc/task_files.go:259 + - pkg/sentry/fsimpl/proc/task_files.go:285 + - pkg/sentry/fsimpl/proc/task_files.go:305 + - pkg/sentry/fsimpl/proc/task_files.go:384 + - pkg/sentry/fsimpl/proc/task_files.go:403 + - pkg/sentry/fsimpl/proc/task_files.go:428 + - pkg/sentry/fsimpl/proc/task_files.go:691 + - pkg/sentry/fsimpl/proc/task_files.go:770 + - pkg/sentry/fsimpl/proc/task_files.go:797 + - pkg/sentry/fsimpl/proc/task_files.go:828 + - pkg/sentry/fsimpl/proc/task_files.go:879 + - pkg/sentry/fsimpl/proc/task_files.go:910 + - pkg/sentry/fsimpl/proc/task_files.go:961 + - pkg/sentry/fsimpl/proc/task.go:127 + - pkg/sentry/fsimpl/proc/task.go:193 + - pkg/sentry/fsimpl/proc/task_net.go:134 + - pkg/sentry/fsimpl/proc/task_net.go:475 + - pkg/sentry/fsimpl/proc/task_net.go:491 + - pkg/sentry/fsimpl/proc/task_net.go:508 + - pkg/sentry/fsimpl/proc/task_net.go:665 + - pkg/sentry/fsimpl/proc/task_net.go:715 + - pkg/sentry/fsimpl/proc/task_net.go:779 + - pkg/sentry/fsimpl/proc/tasks_files.go:113 + - pkg/sentry/fsimpl/proc/tasks_files.go:388 + - pkg/sentry/fsimpl/proc/tasks.go:232 + - pkg/sentry/fsimpl/proc/tasks_sys.go:145 + - pkg/sentry/fsimpl/proc/tasks_sys.go:181 + - pkg/sentry/fsimpl/proc/tasks_sys.go:239 + - pkg/sentry/fsimpl/proc/tasks_sys.go:291 + - pkg/sentry/fsimpl/proc/tasks_sys.go:375 + - pkg/sentry/fsimpl/signalfd/signalfd.go:124 + - pkg/sentry/fsimpl/signalfd/signalfd.go:15 + - pkg/sentry/fsimpl/signalfd/signalfd.go:126 + - pkg/sentry/fsimpl/sockfs/sockfs.go:36 + - pkg/sentry/fsimpl/sockfs/sockfs.go:79 + - pkg/sentry/fsimpl/sys/kcov.go:49 + - pkg/sentry/fsimpl/sys/kcov.go:99 + - pkg/sentry/fsimpl/sys/sys.go:118 + - pkg/sentry/fsimpl/sys/sys.go:56 + - pkg/sentry/fsimpl/testutil/testutil.go:257 + - pkg/sentry/fsimpl/testutil/testutil.go:260 + - pkg/sentry/fsimpl/timerfd/timerfd.go:87 + - pkg/sentry/fsimpl/tmpfs/directory.go:112 + - pkg/sentry/fsimpl/tmpfs/filesystem.go:195 + - pkg/sentry/fsimpl/tmpfs/regular_file.go:226 + - pkg/sentry/fsimpl/tmpfs/regular_file.go:346 + - pkg/sentry/fsimpl/tmpfs/tmpfs.go:103 + - pkg/sentry/fsimpl/tmpfs/tmpfs.go:733 + - pkg/sentry/fsimpl/verity/filesystem.go:490 + - pkg/sentry/fsimpl/verity/verity.go:156 + - pkg/sentry/fsimpl/verity/verity.go:629 + - pkg/sentry/fsimpl/verity/verity.go:672 + - pkg/sentry/fs/mount.go:162 + - pkg/sentry/fs/mount.go:256 + - pkg/sentry/fs/mount_overlay.go:144 + - pkg/sentry/fs/mounts.go:432 + - pkg/sentry/fs/proc/exec_args.go:104 + - pkg/sentry/fs/proc/exec_args.go:73 + - pkg/sentry/fs/proc/fds.go:269 + - pkg/sentry/fs/proc/loadavg.go:33 + - pkg/sentry/fs/proc/meminfo.go:39 + - pkg/sentry/fs/proc/mounts.go:193 + - pkg/sentry/fs/proc/mounts.go:84 + - pkg/sentry/fs/proc/net.go:125 + - pkg/sentry/fs/proc/proc.go:146 + - pkg/sentry/fs/proc/proc.go:204 + - pkg/sentry/fs/proc/seqfile/seqfile.go:210 + - pkg/sentry/fs/proc/sys.go:146 + - pkg/sentry/fs/proc/sys.go:43 + - pkg/sentry/fs/proc/sys_net.go:113 + - pkg/sentry/fs/proc/sys_net.go:205 + - pkg/sentry/fs/proc/sys_net.go:233 + - pkg/sentry/fs/proc/sys_net.go:307 + - pkg/sentry/fs/proc/sys_net.go:335 + - pkg/sentry/fs/proc/sys_net.go:446 + - pkg/sentry/fs/proc/sys_net.go:456 + - pkg/sentry/fs/proc/sys_net.go:89 + - pkg/sentry/fs/proc/task.go:170 + - pkg/sentry/fs/proc/task.go:322 + - pkg/sentry/fs/proc/task.go:427 + - pkg/sentry/fs/proc/task.go:467 + - pkg/sentry/fs/proc/task.go:500 + - pkg/sentry/fs/proc/task.go:784 + - pkg/sentry/fs/proc/task.go:839 + - pkg/sentry/fs/proc/task.go:920 + - pkg/sentry/fs/proc/uid_gid_map.go:108 + - pkg/sentry/fs/proc/uid_gid_map.go:79 + - pkg/sentry/fs/proc/uptime.go:75 + - pkg/sentry/fs/ramfs/dir.go:447 + - pkg/sentry/fs/tmpfs/inode_file.go:436 + - pkg/sentry/fs/tmpfs/inode_file.go:537 + - pkg/sentry/fs/tty/dir.go:313 + - pkg/sentry/fs/tty/master.go:131 + - pkg/sentry/fs/tty/master.go:91 + - pkg/sentry/fs/tty/replica.go:116 + - pkg/sentry/fs/tty/replica.go:88 + - pkg/sentry/kernel/auth/id_map.go:269 + - pkg/sentry/kernel/fasync/fasync.go:67 + - pkg/sentry/kernel/kcov.go:209 + - pkg/sentry/kernel/kcov.go:223 + - pkg/sentry/kernel/kernel.go:343 + - pkg/sentry/kernel/kernel.go:368 + - pkg/sentry/kernel/pipe/node_test.go:112 + - pkg/sentry/kernel/pipe/node_test.go:119 + - pkg/sentry/kernel/pipe/node_test.go:130 + - pkg/sentry/kernel/pipe/node_test.go:137 + - pkg/sentry/kernel/pipe/node_test.go:149 + - pkg/sentry/kernel/pipe/node_test.go:150 + - pkg/sentry/kernel/pipe/node_test.go:158 + - pkg/sentry/kernel/pipe/node_test.go:174 + - pkg/sentry/kernel/pipe/node_test.go:180 + - pkg/sentry/kernel/pipe/node_test.go:193 + - pkg/sentry/kernel/pipe/node_test.go:202 + - pkg/sentry/kernel/pipe/node_test.go:205 + - pkg/sentry/kernel/pipe/node_test.go:216 + - pkg/sentry/kernel/pipe/node_test.go:219 + - pkg/sentry/kernel/pipe/node_test.go:271 + - pkg/sentry/kernel/pipe/node_test.go:290 + - pkg/sentry/kernel/pipe/pipe_test.go:93 + - pkg/sentry/kernel/pipe/reader_writer.go:65 + - pkg/sentry/kernel/posixtimer.go:157 + - pkg/sentry/kernel/ptrace.go:218 + - pkg/sentry/kernel/semaphore/semaphore.go:323 + - pkg/sentry/kernel/sessions.go:123 + - pkg/sentry/kernel/sessions.go:508 + - pkg/sentry/kernel/signal_handlers.go:57 + - pkg/sentry/kernel/task_context.go:72 + - pkg/sentry/kernel/task_exit.go:67 + - pkg/sentry/kernel/task_sched.go:255 + - pkg/sentry/kernel/task_sched.go:280 + - pkg/sentry/kernel/task_sched.go:323 + - pkg/sentry/kernel/task_stop.go:192 + - pkg/sentry/kernel/thread_group.go:530 + - pkg/sentry/kernel/timekeeper.go:316 + - pkg/sentry/kernel/vdso.go:106 + - pkg/sentry/kernel/vdso.go:118 + - pkg/sentry/memmap/memmap.go:103 + - pkg/sentry/memmap/memmap.go:163 + - pkg/sentry/mm/address_space.go:42 + - pkg/sentry/mm/address_space.go:42 + - pkg/sentry/mm/aio_context.go:208 + - pkg/sentry/mm/aio_context.go:288 + - pkg/sentry/mm/pma.go:683 + - pkg/sentry/mm/special_mappable.go:80 + - pkg/sentry/syscalls/linux/sys_sem.go:62 + - pkg/sentry/syscalls/linux/sys_time.go:189 + - pkg/sentry/usage/cpu.go:42 + - pkg/sentry/vfs/anonfs.go:302 + - pkg/sentry/vfs/anonfs.go:99 + - pkg/sentry/vfs/dentry.go:214 + - pkg/sentry/vfs/epoll.go:168 + - pkg/sentry/vfs/epoll.go:314 + - pkg/sentry/vfs/file_description.go:549 + - pkg/sentry/vfs/file_description_impl_util.go:304 + - pkg/sentry/vfs/file_description_impl_util.go:412 + - pkg/sentry/vfs/filesystem.go:76 + - pkg/sentry/vfs/lock.go:15 + - pkg/sentry/vfs/lock.go:47 + - pkg/sentry/vfs/memxattr/xattr.go:37 + - pkg/sentry/vfs/mount.go:510 + - pkg/sentry/vfs/mount.go:667 + - pkg/sentry/vfs/mount_test.go:106 + - pkg/sentry/vfs/mount_test.go:160 + - pkg/sentry/vfs/mount_test.go:215 + - pkg/sentry/vfs/mount_unsafe.go:153 + - pkg/sentry/vfs/resolving_path.go:228 + - pkg/sentry/vfs/vfs.go:897 + - pkg/shim/runsc/runsc.go:16 + - pkg/shim/runsc/utils.go:16 + - pkg/shim/v1/proc/deleted_state.go:16 + - pkg/shim/v1/proc/exec.go:16 + - pkg/shim/v1/proc/exec_state.go:16 + - pkg/shim/v1/proc/init.go:16 + - pkg/shim/v1/proc/init_state.go:16 + - pkg/shim/v1/proc/io.go:16 + - pkg/shim/v1/proc/process.go:16 + - pkg/shim/v1/proc/types.go:16 + - pkg/shim/v1/proc/utils.go:16 + - pkg/shim/v1/shim/api.go:16 + - pkg/shim/v1/shim/platform.go:16 + - pkg/shim/v1/shim/service.go:16 + - pkg/shim/v1/utils/annotations.go:15 + - pkg/shim/v1/utils/utils.go:15 + - pkg/shim/v1/utils/volumes.go:15 + - pkg/shim/v2/api.go:16 + - pkg/shim/v2/epoll.go:18 + - pkg/shim/v2/options/options.go:15 + - pkg/shim/v2/options/options.go:24 + - pkg/shim/v2/options/options.go:26 + - pkg/shim/v2/runtimeoptions/runtimeoptions.go:16 + - pkg/shim/v2/runtimeoptions/runtimeoptions_cri.go # Generated: exempt all. + - pkg/shim/v2/runtimeoptions/runtimeoptions_test.go:22 + - pkg/shim/v2/service.go:15 + - pkg/shim/v2/service_linux.go:18 + - pkg/state/tests/integer_test.go:23 + - pkg/state/tests/integer_test.go:28 + - pkg/sync/rwmutex_test.go:105 + - pkg/syserr/host_linux.go:35 + - pkg/unet/unet_test.go:634 + - pkg/unet/unet_test.go:662 + - pkg/unet/unet_test.go:703 + - pkg/unet/unet_test.go:98 + - pkg/usermem/addr.go:34 + - pkg/usermem/usermem.go:171 + - pkg/usermem/usermem.go:170 + - runsc/boot/compat.go:22 + - runsc/boot/compat.go:56 + - runsc/boot/loader.go:1115 + - runsc/boot/loader.go:1120 + - runsc/cmd/checkpoint.go:151 + - runsc/config/flags.go:32 + - runsc/container/container.go:641 + - runsc/container/container.go:988 + - runsc/specutils/specutils.go:172 + - runsc/specutils/specutils.go:428 + - runsc/specutils/specutils.go:436 + - runsc/specutils/specutils.go:442 + - runsc/specutils/specutils.go:447 + - runsc/specutils/specutils.go:454 + - test/cmd/test_app/fds.go:171 + - test/iptables/filter_output.go:251 + - test/packetimpact/testbench/connections.go:77 + - tools/bigquery/bigquery.go:106 + - tools/checkescape/test1/test1.go:108 + - tools/checkescape/test1/test1.go:122 + - tools/checkescape/test1/test1.go:137 + - tools/checkescape/test1/test1.go:151 + - tools/checkescape/test1/test1.go:170 + - tools/checkescape/test1/test1.go:39 + - tools/checkescape/test1/test1.go:45 + - tools/checkescape/test1/test1.go:50 + - tools/checkescape/test1/test1.go:64 + - tools/checkescape/test1/test1.go:80 + - tools/checkescape/test1/test1.go:94 + - tools/go_generics/imports.go:51 + - tools/go_generics/imports.go:75 + - tools/go_marshal/gomarshal/generator.go:177 + - tools/go_marshal/gomarshal/generator.go:81 + - tools/go_marshal/gomarshal/generator.go:85 + - tools/go_marshal/test/escape/escape.go:15 + - tools/go_marshal/test/test.go:164 +analyzers: + asmdecl: + external: # Enabled. + assign: + external: + exclude: + - gazelle/walk/walk.go + atomic: + external: # Enabled. + bools: + external: # Enabled. + buildtag: + external: # Enabled. + cgocall: + external: # Enabled. + shadow: # Disable for now. + generated: + exclude: [".*"] + internal: + exclude: [".*"] + composites: # Disable for now. + generated: + exclude: [".*"] + internal: + exclude: [".*"] + errorsas: + external: # Enabled. + httpresponse: + external: # Enabled. + loopclosure: + external: # Enabled. + nilfunc: + external: # Enabled. + nilness: + internal: + exclude: + - pkg/sentry/platform/kvm/kvm_test.go # Intentional. + - tools/bigquery/bigquery.go # False positive. + printf: + external: # Enabled. + shift: + external: # Enabled. + stringintconv: + external: + exclude: + - ".*protobuf/.*.go" # Bad conversions. + - ".*flate/huffman_bit_writer.go" # Bad conversion. + # Runtime internal violations. + - ".*reflect/value.go" + - ".*encoding/xml/xml.go" + - ".*runtime/pprof/internal/profile/proto.go" + - ".*fmt/scan.go" + - ".*go/types/conversions.go" + - ".*golang.org/x/net/dns/dnsmessage/message.go" + tests: + external: # Enabled. + unmarshal: + external: # Enabled. + unreachable: + external: # Enabled. + unsafeptr: + internal: + exclude: + - ".*_test.go" # Exclude tests. + - "pkg/flipcall/.*_unsafe.go" # Special case. + - pkg/gohacks/gohacks_unsafe.go # Special case. + - pkg/sentry/fs/fsutil/host_file_mapper_unsafe.go # Special case. + - pkg/sentry/platform/kvm/bluepill_unsafe.go # Special case. + - pkg/sentry/platform/kvm/machine_unsafe.go # Special case. + - pkg/sentry/platform/ring0/pagetables/allocator_unsafe.go # Special case. + - pkg/sentry/platform/safecopy/safecopy_unsafe.go # Special case. + - pkg/sentry/vfs/mount_unsafe.go # Special case. + - pkg/state/decode_unsafe.go # Special case. + unusedresult: + external: # Enabled. + checkescape: + external: # Enabled. |