chore(lint): upgrade linter to v1.56.2

.golangci.yml

@@ -9,6 +9,7 @@ issues:
         - dupl
         - goerr113
         - containedctx
+        - goconst
     - path: "internal\\/server\\/.+\\.go"
       linters:
         - dupl
@@ -33,6 +34,18 @@ issues:
       text: "newCipherDESCBCBlock returns interface \\(github\\.com\\/youmark\\/pkcs8\\.Cipher\\)"
       linters:
         - ireturn
+    - path: "internal\\/firewall\\/.*\\.go"
+      text: "string `-i ` has [1-9][0-9]* occurrences, make it a constant"
+      linters:
+        - goconst
+    - path: "internal\\/provider\\/ipvanish\\/updater\\/servers.go"
+      text: "string ` in ` has 3 occurrences, make it a constant"
+      linters:
+        - goconst
+    - path: "internal\\/vpn\\/portforward.go"
+      text: 'directive `//nolint:ireturn` is unused for linter "ireturn"'
+      linters:
+        - nolintlint
 
 linters:
   enable:

Dockerfile

@@ -2,7 +2,7 @@ ARG ALPINE_VERSION=3.18
 ARG GO_ALPINE_VERSION=3.18
 ARG GO_VERSION=1.21
 ARG XCPUTRANSLATE_VERSION=v0.6.0
-ARG GOLANGCI_LINT_VERSION=v1.54.1
+ARG GOLANGCI_LINT_VERSION=v1.56.2
 ARG MOCKGEN_VERSION=v1.6.0
 ARG BUILDPLATFORM=linux/amd64
 

internal/firewall/enable.go

@@ -180,8 +180,7 @@ func (c *Config) allowOutboundSubnets(ctx context.Context) (err error) {
 		}
 
 		if !firewallUpdated {
-			c.logger.Info(fmt.Sprintf("ignoring subnet %s which has "+
-				"no default route matching its family", subnet))
+			c.logIgnoredSubnetFamily(subnet)
 		}
 	}
 	return nil

internal/firewall/logger.go

@@ -1,7 +1,17 @@
 package firewall
 
+import (
+	"fmt"
+	"net/netip"
+)
+
 type Logger interface {
 	Debug(s string)
 	Info(s string)
 	Error(s string)
 }
+
+func (c *Config) logIgnoredSubnetFamily(subnet netip.Prefix) {
+	c.logger.Info(fmt.Sprintf("ignoring subnet %s which has "+
+		"no default route matching its family", subnet))
+}

internal/firewall/outboundsubnets.go

@@ -57,8 +57,7 @@ func (c *Config) removeOutboundSubnets(ctx context.Context, subnets []netip.Pref
 		}
 
 		if !firewallUpdated {
-			c.logger.Info(fmt.Sprintf("ignoring subnet %s which has "+
-				"no default route matching its family", subNet))
+			c.logIgnoredSubnetFamily(subNet)
 			continue
 		}
 		c.outboundSubnets = subnet.RemoveSubnetFromSubnets(c.outboundSubnets, subNet)
@@ -86,8 +85,7 @@ func (c *Config) addOutboundSubnets(ctx context.Context, subnets []netip.Prefix)
 		}
 
 		if !firewallUpdated {
-			c.logger.Info(fmt.Sprintf("ignoring subnet %s which has "+
-				"no default route matching its family", subnet))
+			c.logIgnoredSubnetFamily(subnet)
 			continue
 		}
 		c.outboundSubnets = append(c.outboundSubnets, subnet)

internal/firewall/support_test.go

@@ -216,7 +216,7 @@ func Test_testIptablesPath(t *testing.T) {
 				runner.EXPECT().Run(newAppendTestRuleMatcher(path)).Return("", nil)
 				runner.EXPECT().Run(newDeleteTestRuleMatcher(path)).Return("", nil)
 				runner.EXPECT().Run(newListInputRulesMatcher(path)).
-					Return("\nChain INPUT (policy "+inputPolicy+")\nxx\n", nil)
+					Return("\nChain INPUT (policy "+inputPolicy+")\nAA\n", nil)
 				runner.EXPECT().Run(newSetPolicyMatcher(path, inputPolicy)).
 					Return("Permission denied (you must be root)", errDummy)
 				return runner
@@ -229,7 +229,7 @@ func Test_testIptablesPath(t *testing.T) {
 				runner.EXPECT().Run(newAppendTestRuleMatcher(path)).Return("", nil)
 				runner.EXPECT().Run(newDeleteTestRuleMatcher(path)).Return("", nil)
 				runner.EXPECT().Run(newListInputRulesMatcher(path)).
-					Return("\nChain INPUT (policy "+inputPolicy+")\nxx\n", nil)
+					Return("\nChain INPUT (policy "+inputPolicy+")\nBB\n", nil)
 				runner.EXPECT().Run(newSetPolicyMatcher(path, inputPolicy)).
 					Return("some output", errDummy)
 				return runner
@@ -242,7 +242,7 @@ func Test_testIptablesPath(t *testing.T) {
 				runner.EXPECT().Run(newAppendTestRuleMatcher(path)).Return("", nil)
 				runner.EXPECT().Run(newDeleteTestRuleMatcher(path)).Return("", nil)
 				runner.EXPECT().Run(newListInputRulesMatcher(path)).
-					Return("\nChain INPUT (policy "+inputPolicy+")\nxx\n", nil)
+					Return("\nChain INPUT (policy "+inputPolicy+")\nCC\n", nil)
 				runner.EXPECT().Run(newSetPolicyMatcher(path, inputPolicy)).
 					Return("some output", nil)
 				return runner

internal/models/servers.go

@@ -11,7 +11,7 @@ import (
 	"github.com/qdm12/gluetun/internal/constants/providers"
 )
 
-type AllServers struct { //nolint:musttag
+type AllServers struct {
 	Version           uint16 // used for migration of the top level scheme
 	ProviderToServers map[string]Servers
 }

internal/provider/ipvanish/updater/servers_test.go

@@ -41,19 +41,19 @@ func Test_Updater_GetServers(t *testing.T) {
 		err     error
 	}{
 		"unzipper error": {
-			warnerBuilder: func(ctrl *gomock.Controller) common.Warner { return nil },
+			warnerBuilder: func(_ *gomock.Controller) common.Warner { return nil },
 			unzipErr:      errors.New("dummy"),
 			err:           errors.New("dummy"),
 		},
 		"not enough unzip contents": {
 			minServers:    1,
-			warnerBuilder: func(ctrl *gomock.Controller) common.Warner { return nil },
+			warnerBuilder: func(_ *gomock.Controller) common.Warner { return nil },
 			unzipContents: map[string][]byte{},
 			err:           errors.New("not enough servers found: 0 and expected at least 1"),
 		},
 		"no openvpn file": {
 			minServers:    1,
-			warnerBuilder: func(ctrl *gomock.Controller) common.Warner { return nil },
+			warnerBuilder: func(_ *gomock.Controller) common.Warner { return nil },
 			unzipContents: map[string][]byte{"somefile.txt": {}},
 			err:           errors.New("not enough servers found: 0 and expected at least 1"),
 		},

internal/provider/ivpn/updater/servers_test.go

@@ -45,7 +45,7 @@ func Test_Updater_GetServers(t *testing.T) {
 		err     error
 	}{
 		"http response error": {
-			warnerBuilder:  func(ctrl *gomock.Controller) common.Warner { return nil },
+			warnerBuilder:  func(_ *gomock.Controller) common.Warner { return nil },
 			responseStatus: http.StatusNoContent,
 			err:            errors.New("fetching API: HTTP status code not OK: 204 No Content"),
 		},
@@ -77,7 +77,7 @@ func Test_Updater_GetServers(t *testing.T) {
 		},
 		"not enough servers": {
 			minServers:    2,
-			warnerBuilder: func(ctrl *gomock.Controller) common.Warner { return nil },
+			warnerBuilder: func(_ *gomock.Controller) common.Warner { return nil },
 			responseBody: `{"servers":[
 				{"hostnames":{"openvpn":"hosta"}}
 			]}`,

internal/server/dns.go

@@ -32,10 +32,10 @@ func (h *dnsHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		case http.MethodPut:
 			h.setStatus(w, r)
 		default:
-			http.Error(w, "method "+r.Method+" not supported", http.StatusBadRequest)
+			errMethodNotSupported(w, r.Method)
 		}
 	default:
-		http.Error(w, "route "+r.RequestURI+" not supported", http.StatusBadRequest)
+		errRouteNotSupported(w, r.RequestURI)
 	}
 }
 

internal/server/helpers.go

@@ -0,0 +1,13 @@
+package server
+
+import (
+	"net/http"
+)
+
+func errMethodNotSupported(w http.ResponseWriter, method string) {
+	http.Error(w, "method "+method+" not supported", http.StatusBadRequest)
+}
+
+func errRouteNotSupported(w http.ResponseWriter, route string) {
+	http.Error(w, "route "+route+" not supported", http.StatusBadRequest)
+}

internal/server/openvpn.go

@@ -34,24 +34,24 @@ func (h *openvpnHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		case http.MethodPut:
 			h.setStatus(w, r)
 		default:
-			http.Error(w, "method "+r.Method+" not supported", http.StatusBadRequest)
+			errMethodNotSupported(w, r.Method)
 		}
 	case "/settings":
 		switch r.Method {
 		case http.MethodGet:
 			h.getSettings(w)
 		default:
-			http.Error(w, "method "+r.Method+" not supported", http.StatusBadRequest)
+			errMethodNotSupported(w, r.Method)
 		}
 	case "/portforwarded":
 		switch r.Method {
 		case http.MethodGet:
 			h.getPortForwarded(w)
 		default:
-			http.Error(w, "method "+r.Method+" not supported", http.StatusBadRequest)
+			errMethodNotSupported(w, r.Method)
 		}
 	default:
-		http.Error(w, "route "+r.RequestURI+" not supported", http.StatusBadRequest)
+		errRouteNotSupported(w, r.RequestURI)
 	}
 }
 

internal/server/publicip.go

@@ -26,10 +26,10 @@ func (h *publicIPHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		case http.MethodGet:
 			h.getPublicIP(w)
 		default:
-			http.Error(w, "method "+r.Method+" not supported", http.StatusBadRequest)
+			errMethodNotSupported(w, r.Method)
 		}
 	default:
-		http.Error(w, "route "+r.RequestURI+" not supported", http.StatusBadRequest)
+		errRouteNotSupported(w, r.RequestURI)
 	}
 }
 

internal/server/updater.go

@@ -44,10 +44,10 @@ func (h *updaterHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		case http.MethodPut:
 			h.setStatus(w, r)
 		default:
-			http.Error(w, "method "+r.Method+" not supported", http.StatusBadRequest)
+			errMethodNotSupported(w, r.Method)
 		}
 	default:
-		http.Error(w, "route "+r.RequestURI+" not supported", http.StatusBadRequest)
+		errRouteNotSupported(w, r.RequestURI)
 	}
 }
 

internal/server/vpn.go

@@ -38,7 +38,7 @@ func (h *vpnHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		case http.MethodPut:
 			h.setStatus(w, r)
 		default:
-			http.Error(w, "method "+r.Method+" not supported", http.StatusBadRequest)
+			errMethodNotSupported(w, r.Method)
 		}
 	case "/settings":
 		switch r.Method {
@@ -47,10 +47,10 @@ func (h *vpnHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		case http.MethodPut:
 			h.patchSettings(w, r)
 		default:
-			http.Error(w, "method "+r.Method+" not supported", http.StatusBadRequest)
+			errMethodNotSupported(w, r.Method)
 		}
 	default:
-		http.Error(w, "route "+r.RequestURI+" not supported", http.StatusBadRequest)
+		errRouteNotSupported(w, r.RequestURI)
 	}
 }
 

internal/storage/helpers.go

@@ -0,0 +1,8 @@
+package storage
+
+import "fmt"
+
+func panicOnProviderMissingHardcoded(provider string) {
+	panic(fmt.Sprintf("provider %s not found in hardcoded servers map; "+
+		"did you add the provider key in the embedded servers.json?", provider))
+}

internal/storage/read.go

@@ -51,8 +51,7 @@ func (s *Storage) extractServersFromBytes(b []byte, hardcodedVersions map[string
 	for _, provider := range allProviders {
 		hardcodedVersion, ok := hardcodedVersions[provider]
 		if !ok {
-			panic(fmt.Sprintf("provider %s not found in hardcoded servers map; "+
-				"did you add the provider key in the embedded servers.json?", provider))
+			panicOnProviderMissingHardcoded(provider)
 		}
 
 		rawMessage, ok := rawMessages[provider]

internal/storage/servers.go

@@ -112,8 +112,7 @@ func (s *Storage) ServersAreEqual(provider string, servers []models.Server) (equ
 func (s *Storage) getMergedServersObject(provider string) (serversObject models.Servers) {
 	serversObject, ok := s.mergedServers.ProviderToServers[provider]
 	if !ok {
-		panic(fmt.Sprintf("provider %s not found in hardcoded servers map; "+
-			"did you add the provider key in the embedded servers.json?", provider))
+		panicOnProviderMissingHardcoded(provider)
 	}
 	return serversObject
 }

internal/updater/resolver/net.go

@@ -10,7 +10,7 @@ func newResolver(resolverAddress string) *net.Resolver {
 	resolverAddress = net.JoinHostPort(resolverAddress, "53")
 	return &net.Resolver{
 		PreferGo: true,
-		Dial: func(ctx context.Context, network, address string) (net.Conn, error) {
+		Dial: func(ctx context.Context, _, _ string) (net.Conn, error) {
 			return d.DialContext(ctx, "udp", resolverAddress)
 		},
 	}

internal/wireguard/address_test.go

@@ -83,7 +83,7 @@ func Test_Wireguard_addAddresses(t *testing.T) {
 		},
 		"ignore IPv6": {
 			addrs: []netip.Prefix{ipNetTwo},
-			wgBuilder: func(ctrl *gomock.Controller, link netlink.Link) *Wireguard {
+			wgBuilder: func(_ *gomock.Controller, _ netlink.Link) *Wireguard {
 				return &Wireguard{
 					settings: Settings{
 						IPv6: ptrTo(false),