Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Apply gosec and unparam to the codebase #4102

Merged
merged 4 commits into from
Sep 23, 2020
Merged

Apply gosec and unparam to the codebase #4102

merged 4 commits into from
Sep 23, 2020

Conversation

markusthoemmes
Copy link
Contributor

Proposed Changes

We've added these to the serving codebase as means to point out potential simplifications (see for example the ability to drop some error returns in the diff) and to point out potential security concerns to make us think and at least document why we've chosen to ignore them.

@googlebot googlebot added the cla: yes Indicates the PR's author has signed the CLA. label Sep 23, 2020
@knative-prow-robot knative-prow-robot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Sep 23, 2020
@knative-metrics-robot
Copy link

The following is the coverage report on the affected files.
Say /test pull-knative-eventing-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/reconciler/inmemorychannel/controller/inmemorychannel.go 76.4% 76.1% -0.3
pkg/reconciler/source/crd/crd.go 15.8% 17.0% 1.2
pkg/reconciler/source/duck/duck.go 70.7% 72.5% 1.8

@knative-prow-robot
Copy link
Contributor

@markusthoemmes: The following test failed, say /retest to rerun all failed tests:

Test name Commit Details Rerun command
pull-knative-eventing-go-coverage d17c826 link /test pull-knative-eventing-go-coverage

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

aliok
aliok reviewed Sep 23, 2020
View reviewed changes
cmd/v0.17/pingsource-cleanup/main.go
Comment on lines -75 to +76
for _, ref := range cleanups {
for i := range cleanups {
ref := cleanups[i]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you know which linter does this? I am curious why this is better

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's gosec, see https://github.com/golang/go/wiki/CommonMistakes#using-reference-to-loop-iterator-variable.

It's not "better" per se, but the reference taken here might become invalid shortly, hence it ain't a good idea.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That is to say: This isn't necessary in many many cases, using the range clause is fine for most cases actually. Only if you're explicitly taking a reference to the iterator variable are you potentially going to have a bad time.

@markusthoemmes
Copy link
Contributor Author

The red X comes from a coverage check, so that shouldn't matter here.

/assign @matzew @vaikas @n3wscott

@vaikas
Copy link
Contributor

vaikas commented Sep 23, 2020

/lgtm
/approve
Thanks for doing this!

@knative-prow-robot knative-prow-robot added the lgtm Indicates that a PR is ready to be merged. label Sep 23, 2020
@knative-prow-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: markusthoemmes, vaikas

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [markusthoemmes,vaikas]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@knative-prow-robot knative-prow-robot merged commit f4482c5 into knative:master Sep 23, 2020
@aliok aliok mentioned this pull request Sep 25, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aliok aliok aliok left review comments

@grantr grantr Awaiting requested review from grantr

@vaikas vaikas Awaiting requested review from vaikas

Assignees

@matzew matzew

@vaikas vaikas

@n3wscott n3wscott

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cla: yes Indicates the PR's author has signed the CLA. lgtm Indicates that a PR is ready to be merged. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@markusthoemmes @knative-metrics-robot @knative-prow-robot @vaikas @aliok @matzew @googlebot @n3wscott