diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index c25fa9395..b5e2c89ac 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -1,13 +1,14 @@ name: Lint on: [pull_request] jobs: - golangci-lint: + golangci: + name: golangci-lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@master - - name: golangci-lint - uses: reviewdog/action-golangci-lint@master + - uses: actions/checkout@v2 + - uses: golangci/golangci-lint-action@master with: - github_token: ${{ secrets.github_token }} - reporter: github-pr-review - golangci_lint_flags: "--timeout 30m" + # Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version. + version: v1.26 + args: --timeout 10m + github-token: ${{ secrets.github_token }} diff --git a/.golangci.yml b/.golangci.yml index 6ff2d4b21..1c5fff613 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -38,7 +38,7 @@ linters: # - whitespace # - wsl # - gocognit - # - nolintlint + - nolintlint disable: - errcheck diff --git a/cmd/tendermint/commands/root_test.go b/cmd/tendermint/commands/root_test.go index a39f92d38..d1e5964b2 100644 --- a/cmd/tendermint/commands/root_test.go +++ b/cmd/tendermint/commands/root_test.go @@ -168,5 +168,5 @@ func WriteConfigVals(dir string, vals map[string]string) error { data += fmt.Sprintf("%s = \"%s\"\n", k, v) } cfile := filepath.Join(dir, "config.toml") - return ioutil.WriteFile(cfile, []byte(data), 0666) + return ioutil.WriteFile(cfile, []byte(data), 0600) } diff --git a/libs/cli/helper.go b/libs/cli/helper.go index a5014c16c..905bc8513 100644 --- a/libs/cli/helper.go +++ b/libs/cli/helper.go @@ -19,7 +19,7 @@ func WriteConfigVals(dir string, vals map[string]string) error { data += fmt.Sprintf("%s = \"%s\"\n", k, v) } cfile := filepath.Join(dir, "config.toml") - return ioutil.WriteFile(cfile, []byte(data), 0666) + return ioutil.WriteFile(cfile, []byte(data), 0600) } // RunWithArgs executes the given command with the specified command line args diff --git a/libs/tempfile/tempfile_test.go b/libs/tempfile/tempfile_test.go index c11009f72..c8604d24c 100644 --- a/libs/tempfile/tempfile_test.go +++ b/libs/tempfile/tempfile_test.go @@ -27,7 +27,7 @@ func TestWriteFileAtomic(t *testing.T) { } defer os.Remove(f.Name()) - if err = ioutil.WriteFile(f.Name(), old, 0664); err != nil { + if err = ioutil.WriteFile(f.Name(), old, 0600); err != nil { t.Fatal(err) } diff --git a/statesync/chunks.go b/statesync/chunks.go index bfbcdb8d8..0ce076baf 100644 --- a/statesync/chunks.go +++ b/statesync/chunks.go @@ -84,7 +84,7 @@ func (q *chunkQueue) Add(chunk *chunk) (bool, error) { } path := filepath.Join(q.dir, strconv.FormatUint(uint64(chunk.Index), 10)) - err := ioutil.WriteFile(path, chunk.Chunk, 0644) + err := ioutil.WriteFile(path, chunk.Chunk, 0600) if err != nil { return false, fmt.Errorf("failed to save chunk %v to file %v: %w", chunk.Index, path, err) } diff --git a/tools/tm-signer-harness/main.go b/tools/tm-signer-harness/main.go index bec0d4b39..c45b44b0c 100644 --- a/tools/tm-signer-harness/main.go +++ b/tools/tm-signer-harness/main.go @@ -136,7 +136,7 @@ func extractKey(tmhome, outputPath string) { stateFile := filepath.Join(internal.ExpandPath(tmhome), "data", "priv_validator_state.json") fpv := privval.LoadFilePV(keyFile, stateFile) pkb := [64]byte(fpv.Key.PrivKey.(ed25519.PrivKeyEd25519)) - if err := ioutil.WriteFile(internal.ExpandPath(outputPath), pkb[:32], 0644); err != nil { + if err := ioutil.WriteFile(internal.ExpandPath(outputPath), pkb[:32], 0600); err != nil { logger.Info("Failed to write private key", "output", outputPath, "err", err) os.Exit(1) }