diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index dc6f1ba..3118205 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -31,7 +31,7 @@ jobs: - name: Run linters uses: golangci/golangci-lint-action@v9 with: - version: v2.5.0 + version: v2.10.1 lint-prettier: name: Lint non-Golang codebase diff --git a/pkg/modules/exiftool/exiftool.go b/pkg/modules/exiftool/exiftool.go index a00ba65..21f473a 100644 --- a/pkg/modules/exiftool/exiftool.go +++ b/pkg/modules/exiftool/exiftool.go @@ -175,7 +175,7 @@ func (engine *ExifTool) WriteMetadata(ctx context.Context, logger *zap.Logger, m strs[i] = str continue } - return fmt.Errorf("write PDF metadata with ExifTool: %s %+v %s %w", key, val, reflect.TypeFor[[]interface{}](), gotenberg.ErrPdfEngineMetadataValueNotSupported) + return fmt.Errorf("write PDF metadata with ExifTool: %s %+v %s %w", key, val, reflect.TypeFor[[]any](), gotenberg.ErrPdfEngineMetadataValueNotSupported) } fileMetadata[0].SetStrings(key, strs) case bool: diff --git a/pkg/modules/libreoffice/api/api.go b/pkg/modules/libreoffice/api/api.go index 33b7106..90d2689 100644 --- a/pkg/modules/libreoffice/api/api.go +++ b/pkg/modules/libreoffice/api/api.go @@ -54,7 +54,7 @@ type Api struct { // See: https://help.libreoffice.org/latest/en-US/text/shared/guide/pdf_params.html. type Options struct { // Password specifies the password for opening the source file. - Password string + Password string // #nosec // Landscape allows changing the orientation of the resulting PDF. Landscape bool diff --git a/pkg/modules/logging/logging.go b/pkg/modules/logging/logging.go index 91f591b..9d4220d 100644 --- a/pkg/modules/logging/logging.go +++ b/pkg/modules/logging/logging.go @@ -177,7 +177,7 @@ func newLogLevel(level string) (zapcore.Level, error) { } func newLogEncoder(format string, gcpFields bool) (zapcore.Encoder, error) { - isTerminal := term.IsTerminal(int(os.Stdout.Fd())) + isTerminal := term.IsTerminal(int(os.Stdout.Fd())) // #nosec encCfg := zap.NewProductionEncoderConfig() // Normalize the log format based on the output device. diff --git a/pkg/modules/pdfcpu/pdfcpu.go b/pkg/modules/pdfcpu/pdfcpu.go index dff13aa..c0de3fb 100644 --- a/pkg/modules/pdfcpu/pdfcpu.go +++ b/pkg/modules/pdfcpu/pdfcpu.go @@ -84,7 +84,7 @@ func (engine *PdfCpu) Debug() map[string]any { // Merge combines multiple PDFs into a single PDF. func (engine *PdfCpu) Merge(ctx context.Context, logger *zap.Logger, inputPaths []string, outputPath string) error { - var args []string + args := make([]string, 0, 2+len(inputPaths)) args = append(args, "merge", outputPath) args = append(args, inputPaths...) @@ -180,10 +180,8 @@ func (engine *PdfCpu) EmbedFiles(ctx context.Context, logger *zap.Logger, filePa logger.Debug(fmt.Sprintf("embedding %d file(s) to %s: %v", len(filePaths), inputPath, filePaths)) - args := []string{ - "attachments", "add", - inputPath, - } + args := make([]string, 0, 3+len(filePaths)) + args = append(args, "attachments", "add", inputPath) args = append(args, filePaths...) cmd, err := gotenberg.CommandContext(ctx, logger, engine.binPath, args...) @@ -209,7 +207,7 @@ func (engine *PdfCpu) Encrypt(ctx context.Context, logger *zap.Logger, inputPath ownerPassword = userPassword } - var args []string + args := make([]string, 0, 11) args = append(args, "encrypt") args = append(args, "-mode", "aes") args = append(args, "-upw", userPassword) diff --git a/pkg/modules/pdftk/pdftk.go b/pkg/modules/pdftk/pdftk.go index 68965f2..fa5bebd 100644 --- a/pkg/modules/pdftk/pdftk.go +++ b/pkg/modules/pdftk/pdftk.go @@ -108,7 +108,7 @@ func (engine *PdfTk) Split(ctx context.Context, logger *zap.Logger, mode gotenbe // Merge combines multiple PDFs into a single PDF. func (engine *PdfTk) Merge(ctx context.Context, logger *zap.Logger, inputPaths []string, outputPath string) error { - var args []string + args := make([]string, 0, 3+len(inputPaths)) args = append(args, inputPaths...) args = append(args, "cat", "output", outputPath) @@ -158,7 +158,7 @@ func (engine *PdfTk) Encrypt(ctx context.Context, logger *zap.Logger, inputPath, // Create a temp output file in the same directory. tmpPath := inputPath + ".tmp" - var args []string + args := make([]string, 0, 8) args = append(args, inputPath) args = append(args, "output", tmpPath) args = append(args, "encrypt_128bit") diff --git a/pkg/modules/qpdf/qpdf.go b/pkg/modules/qpdf/qpdf.go index 64e0b61..07a5a35 100644 --- a/pkg/modules/qpdf/qpdf.go +++ b/pkg/modules/qpdf/qpdf.go @@ -114,7 +114,7 @@ func (engine *QPdf) Split(ctx context.Context, logger *zap.Logger, mode gotenber // Merge combines multiple PDFs into a single PDF. func (engine *QPdf) Merge(ctx context.Context, logger *zap.Logger, inputPaths []string, outputPath string) error { - var args []string + args := make([]string, 0, 4+len(engine.globalArgs)+len(inputPaths)) args = append(args, "--empty") args = append(args, engine.globalArgs...) args = append(args, "--pages") @@ -137,7 +137,7 @@ func (engine *QPdf) Merge(ctx context.Context, logger *zap.Logger, inputPaths [] // Flatten merges annotation appearances with page content, deleting the // original annotations. func (engine *QPdf) Flatten(ctx context.Context, logger *zap.Logger, inputPath string) error { - var args []string + args := make([]string, 0, 4+len(engine.globalArgs)) args = append(args, inputPath) args = append(args, "--generate-appearances") args = append(args, "--flatten-annotations=all") @@ -182,7 +182,7 @@ func (engine *QPdf) Encrypt(ctx context.Context, logger *zap.Logger, inputPath, ownerPassword = userPassword } - var args []string + args := make([]string, 0, 7+len(engine.globalArgs)) args = append(args, inputPath) args = append(args, engine.globalArgs...) args = append(args, "--replace-input") diff --git a/test/integration/scenario/http.go b/test/integration/scenario/http.go index 7d88d02..6fd47b2 100644 --- a/test/integration/scenario/http.go +++ b/test/integration/scenario/http.go @@ -20,6 +20,7 @@ func doRequest(method, url string, headers map[string]string, body io.Reader) (* req.Header.Set(header, value) } + // #nosec resp, err := http.DefaultClient.Do(req) if err != nil { return nil, fmt.Errorf("send a request: %w", err) @@ -74,6 +75,7 @@ func doFormDataRequest(method, url string, fields map[string]string, files map[s } req.Header.Set("Content-Type", writer.FormDataContentType()) + // #nosec resp, err := http.DefaultClient.Do(req) if err != nil { return nil, fmt.Errorf("send a request: %w", err) diff --git a/test/integration/scenario/server.go b/test/integration/scenario/server.go index 861d70f..41b6729 100644 --- a/test/integration/scenario/server.go +++ b/test/integration/scenario/server.go @@ -79,12 +79,14 @@ func newServer(ctx context.Context, workdir string) (*server, error) { } dirPath := fmt.Sprintf("%s/%s", workdir, s.req.Header.Get("Gotenberg-Trace")) + // #nosec err = os.MkdirAll(dirPath, 0o755) if err != nil { return webhookErr(fmt.Errorf("create working directory: %w", err)) } fpath := fmt.Sprintf("%s/%s", dirPath, filename) + // #nosec file, err := os.Create(fpath) if err != nil { return webhookErr(fmt.Errorf("create file %q: %w", fpath, err))