chore: use gofumpt for code formatting

internal/configuration/settings/dnsblacklist.go

@@ -76,7 +76,8 @@ func (b *DNSBlacklist) overrideWith(other DNSBlacklist) {
 }
 
 func (b DNSBlacklist) ToBlockBuilderSettings(client *http.Client) (
-	settings blockbuilder.Settings) {
+	settings blockbuilder.Settings,
+) {
 	return blockbuilder.Settings{
 		Client:               client,
 		BlockMalicious:       b.BlockMalicious,
@@ -159,12 +160,11 @@ func (b *DNSBlacklist) read(r *reader.Reader) (err error) {
 	return nil
 }
 
-var (
-	ErrPrivateAddressNotValid = errors.New("private address is not a valid IP or CIDR range")
-)
+var ErrPrivateAddressNotValid = errors.New("private address is not a valid IP or CIDR range")
 
 func readDoTPrivateAddresses(reader *reader.Reader) (ips []netip.Addr,
-	ipPrefixes []netip.Prefix, err error) {
+	ipPrefixes []netip.Prefix, err error,
+) {
 	privateAddresses := reader.CSV("DOT_PRIVATE_ADDRESS")
 	if len(privateAddresses) == 0 {
 		return nil, nil, nil

internal/configuration/settings/dot.go

@@ -35,9 +35,7 @@ type DoT struct {
 	Blacklist DNSBlacklist
 }
 
-var (
-	ErrDoTUpdatePeriodTooShort = errors.New("update period is too short")
-)
+var ErrDoTUpdatePeriodTooShort = errors.New("update period is too short")
 
 func (d DoT) validate() (err error) {
 	const minUpdatePeriod = 30 * time.Second

internal/configuration/settings/nordvpn_retro.go

@@ -4,7 +4,8 @@ package settings
 // and SERVER_REGIONS is now the continent field for servers.
 // TODO v4 remove.
 func nordvpnRetroRegion(selection ServerSelection, validRegions, validCountries []string) (
-	updatedSelection ServerSelection) {
+	updatedSelection ServerSelection,
+) {
 	validRegionsMap := stringSliceToMap(validRegions)
 	validCountriesMap := stringSliceToMap(validCountries)
 

internal/configuration/settings/openvpn.go

@@ -155,7 +155,8 @@ func (o OpenVPN) validate(vpnProvider string) (err error) {
 }
 
 func validateOpenVPNConfigFilepath(isCustom bool,
-	confFile string) (err error) {
+	confFile string,
+) (err error) {
 	if !isCustom {
 		return nil
 	}
@@ -179,7 +180,8 @@ func validateOpenVPNConfigFilepath(isCustom bool,
 }
 
 func validateOpenVPNClientCertificate(vpnProvider,
-	clientCert string) (err error) {
+	clientCert string,
+) (err error) {
 	switch vpnProvider {
 	case
 		providers.Airvpn,
@@ -226,7 +228,8 @@ func validateOpenVPNClientKey(vpnProvider, clientKey string) (err error) {
 }
 
 func validateOpenVPNEncryptedKey(vpnProvider,
-	encryptedPrivateKey string) (err error) {
+	encryptedPrivateKey string,
+) (err error) {
 	if vpnProvider == providers.VPNSecure && encryptedPrivateKey == "" {
 		return fmt.Errorf("%w", ErrMissingValue)
 	}

internal/configuration/settings/publicip.go

@@ -122,7 +122,8 @@ func (p *PublicIP) read(r *reader.Reader, warner Warner) (err error) {
 }
 
 func readPublicIPEnabled(r *reader.Reader, warner Warner) (
-	enabled *bool, err error) {
+	enabled *bool, err error,
+) {
 	periodPtr, err := r.DurationPtr("PUBLICIP_PERIOD") // Retro-compatibility
 	if err != nil {
 		return nil, err

internal/configuration/settings/serverselection.go

@@ -91,7 +91,8 @@ var (
 )
 
 func (ss *ServerSelection) validate(vpnServiceProvider string,
-	filterChoicesGetter FilterChoicesGetter, warner Warner) (err error) {
+	filterChoicesGetter FilterChoicesGetter, warner Warner,
+) (err error) {
 	switch ss.VPN {
 	case vpn.OpenVPN, vpn.Wireguard:
 	default:
@@ -143,7 +144,8 @@ func (ss *ServerSelection) validate(vpnServiceProvider string,
 
 func getLocationFilterChoices(vpnServiceProvider string,
 	ss *ServerSelection, filterChoicesGetter FilterChoicesGetter, warner Warner) (
-	filterChoices models.FilterChoices, err error) {
+	filterChoices models.FilterChoices, err error,
+) {
 	filterChoices = filterChoicesGetter.GetFilterChoices(vpnServiceProvider)
 
 	if vpnServiceProvider == providers.Surfshark {
@@ -165,7 +167,8 @@ func getLocationFilterChoices(vpnServiceProvider string,
 // validateServerFilters validates filters against the choices given as arguments.
 // Set an argument to nil to pass the check for a particular filter.
 func validateServerFilters(settings ServerSelection, filterChoices models.FilterChoices,
-	vpnServiceProvider string, warner Warner) (err error) {
+	vpnServiceProvider string, warner Warner,
+) (err error) {
 	err = atLeastOneIsOneOfCaseInsensitive(settings.Countries, filterChoices.Countries, warner)
 	if err != nil {
 		return fmt.Errorf("%w: %w", ErrCountryNotValid, err)
@@ -219,7 +222,8 @@ func validateServerFilters(settings ServerSelection, filterChoices models.Filter
 }
 
 func atLeastOneIsOneOfCaseInsensitive(values, choices []string,
-	warner Warner) (err error) {
+	warner Warner,
+) (err error) {
 	if len(values) > 0 && len(choices) == 0 {
 		return fmt.Errorf("%w", validate.ErrNoChoice)
 	}
@@ -456,7 +460,8 @@ func (ss ServerSelection) WithDefaults(provider string) ServerSelection {
 }
 
 func (ss *ServerSelection) read(r *reader.Reader,
-	vpnProvider, vpnType string) (err error) {
+	vpnProvider, vpnType string,
+) (err error) {
 	ss.VPN = vpnType
 
 	ss.TargetIP, err = r.NetipAddr("OPENVPN_ENDPOINT_IP",

internal/configuration/settings/settings.go

@@ -38,7 +38,8 @@ type FilterChoicesGetter interface {
 // if one of them is not valid.
 // TODO v4 remove pointer for receiver (because of Surfshark).
 func (s *Settings) Validate(filterChoicesGetter FilterChoicesGetter, ipv6Supported bool,
-	warner Warner) (err error) {
+	warner Warner,
+) (err error) {
 	nameToValidation := map[string]func() error{
 		"control server":  s.ControlServer.validate,
 		"dns":             s.DNS.validate,
@@ -88,7 +89,8 @@ func (s *Settings) copy() (copied Settings) {
 }
 
 func (s *Settings) OverrideWith(other Settings,
-	filterChoicesGetter FilterChoicesGetter, ipv6Supported bool, warner Warner) (err error) {
+	filterChoicesGetter FilterChoicesGetter, ipv6Supported bool, warner Warner,
+) (err error) {
 	patchedSettings := s.copy()
 	patchedSettings.ControlServer.overrideWith(other.ControlServer)
 	patchedSettings.DNS.overrideWith(other.DNS)

internal/configuration/settings/surfshark_retro.go

@@ -7,7 +7,8 @@ import (
 )
 
 func surfsharkRetroRegion(selection ServerSelection) (
-	updatedSelection ServerSelection) {
+	updatedSelection ServerSelection,
+) {
 	locationData := servers.LocationData()
 
 	retroToLocation := make(map[string]servers.ServerLocation, len(locationData))

internal/configuration/sources/files/wireguard.go

@@ -34,9 +34,7 @@ type WireguardConfig struct {
 	EndpointPort *string
 }
 
-var (
-	regexINISectionNotExist = regexp.MustCompile(`^section ".+" does not exist$`)
-)
+var regexINISectionNotExist = regexp.MustCompile(`^section ".+" does not exist$`)
 
 func ParseWireguardConf(path string) (config WireguardConfig, err error) {
 	iniFile, err := ini.InsensitiveLoad(path)
@@ -68,18 +66,18 @@ func ParseWireguardConf(path string) (config WireguardConfig, err error) {
 }
 
 func parseWireguardInterfaceSection(interfaceSection *ini.Section) (
-	privateKey, addresses *string) {
+	privateKey, addresses *string,
+) {
 	privateKey = getINIKeyFromSection(interfaceSection, "PrivateKey")
 	addresses = getINIKeyFromSection(interfaceSection, "Address")
 	return privateKey, addresses
 }
 
-var (
-	ErrEndpointHostNotIP = errors.New("endpoint host is not an IP")
-)
+var ErrEndpointHostNotIP = errors.New("endpoint host is not an IP")
 
 func parseWireguardPeerSection(peerSection *ini.Section) (
-	preSharedKey, publicKey, endpointIP, endpointPort *string) {
+	preSharedKey, publicKey, endpointIP, endpointPort *string,
+) {
 	preSharedKey = getINIKeyFromSection(peerSection, "PresharedKey")
 	publicKey = getINIKeyFromSection(peerSection, "PublicKey")
 	endpoint := getINIKeyFromSection(peerSection, "Endpoint")
@@ -96,9 +94,7 @@ func parseWireguardPeerSection(peerSection *ini.Section) (
 	return preSharedKey, publicKey, endpointIP, endpointPort
 }
 
-var (
-	regexINIKeyNotExist = regexp.MustCompile(`key ".*" not exists$`)
-)
+var regexINIKeyNotExist = regexp.MustCompile(`key ".*" not exists$`)
 
 func getINIKeyFromSection(section *ini.Section, key string) (value *string) {
 	iniKey, err := section.GetKey(key)

internal/configuration/sources/files/wireguard_test.go

@@ -77,7 +77,7 @@ PresharedKey = YJ680VN+dGrdsWNjSFqZ6vvwuiNhbq502ZL3G7Q3o3g=
 			t.Parallel()
 
 			configFile := filepath.Join(t.TempDir(), "wg.conf")
-			const permission = fs.FileMode(0600)
+			const permission = fs.FileMode(0o600)
 			err := os.WriteFile(configFile, []byte(testCase.fileContent), permission)
 			require.NoError(t, err)
 

internal/configuration/sources/secrets/reader_test.go

@@ -39,7 +39,7 @@ func Test_Source_Get(t *testing.T) {
 		"empty_secret_file": {
 			makeSource: func(tempDir string) (source *Source, err error) {
 				secretFilepath := filepath.Join(tempDir, "test_file")
-				const permission = fs.FileMode(0600)
+				const permission = fs.FileMode(0o600)
 				err = os.WriteFile(secretFilepath, nil, permission)
 				if err != nil {
 					return nil, err
@@ -55,7 +55,7 @@ func Test_Source_Get(t *testing.T) {
 		"default_secret_file": {
 			makeSource: func(tempDir string) (source *Source, err error) {
 				secretFilepath := filepath.Join(tempDir, "test_file")
-				const permission = fs.FileMode(0600)
+				const permission = fs.FileMode(0o600)
 				err = os.WriteFile(secretFilepath, []byte{'A'}, permission)
 				if err != nil {
 					return nil, err
@@ -72,7 +72,7 @@ func Test_Source_Get(t *testing.T) {
 		"env_specified_secret_file": {
 			makeSource: func(tempDir string) (source *Source, err error) {
 				secretFilepath := filepath.Join(tempDir, "test_file_custom")
-				const permission = fs.FileMode(0600)
+				const permission = fs.FileMode(0o600)
 				err = os.WriteFile(secretFilepath, []byte{'A'}, permission)
 				if err != nil {
 					return nil, err