PDOK-19191 Dual Ops: Lifecycle Go 1.26

.github/workflows/lint.yml

@@ -17,7 +17,7 @@ jobs:
 
       - uses: actions/setup-go@v4
         with:
-          go-version: '1.24'
+          go-version: '1.26'
           cache: false
 
       - uses: actions/checkout@v4
@@ -32,7 +32,7 @@ jobs:
           go install golang.org/x/vuln/cmd/govulncheck@latest
           govulncheck ./...
 
-      - name: golangci-lint
-        uses: golangci/golangci-lint-action@v3
+      - name: Run linter
+        uses: golangci/golangci-lint-action@v9
         with:
-          version: latest
+          version: v2.9.0

.golangci.yml

@@ -1,115 +1,203 @@
 ---
+version: "2"
+
 run:
   # Timeout for analysis.
   timeout: 5m
-
   # Modules download mode (do not modify go.mod)
-  module-download-mode: readonly
-
-  # Include test files (see below to exclude certain linters)
-  tests: true
-
-issues:
-  exclude-rules:
-    # Exclude certain linters for test code
-    - path: "_test\\.go"
-      linters:
-        - bodyclose
-        - dupl
-        - dogsled
-        - funlen
+  modules-download-mode: readonly
+  # Allow multiple parallel golangci-lint instances running.
+  allow-parallel-runners: true
 
 output:
-  formats: colored-line-number
-  print-issued-lines: true
-  print-linter-name: true
+  formats:
+    text:
+      print-linter-name: true
+      print-issued-lines: true
+      colors: true
 
-linters-settings:
-  depguard:
-    rules:
-      main:
-        # Packages that are not allowed where the value is a suggestion.
-        deny:
-          - pkg: "github.com/pkg/errors"
-            desc: Should be replaced by standard lib errors package
-  cyclop:
-    # The maximal code complexity to report.
-    max-complexity: 15
-    skip-tests: true
-  funlen:
-    lines: 100
-  nestif:
-    min-complexity: 6
-  forbidigo:
-    forbid:
-      - http\.NotFound.*  # return RFC 7807 problem details instead
-      - http\.Error.*  # return RFC 7807 problem details instead
-  gomoddirectives:
-    replace-allow-list:
-      - github.com/wk8/go-ordered-map/v2
-      - github.com/PDOK/gokoala
-      - github.com/docker/compose/v2
+formatters:
+  enable:
+    - gofmt      # checks if the code is formatted according to 'gofmt' command
+    - goimports  # in addition to fixing imports, goimports also formats your code in the same style as gofmt
+  exclusions:
+    generated: lax
+    paths:
+      - third_party$
+      - builtin$
+      - examples$
+  settings:
+    golines:
+      max-len: 150
 
 linters:
-  disable-all: true
+  default: none
   enable:
     # enabled by default by golangci-lint
-    - errcheck  # checking for unchecked errors, these unchecked errors can be critical bugs in some cases
-    - gosimple  # specializes in simplifying a code
-    - govet  # reports suspicious constructs, such as Printf calls whose arguments do not align with the format string
-    - ineffassign  # detects when assignments to existing variables are not used
-    - staticcheck  # is a go vet on steroids, applying a ton of static analysis checks
-    - typecheck  # like the front-end of a Go compiler, parses and type-checks Go code
-    - unused  # checks for unused constants, variables, functions and types
+    - errcheck                  # Errcheck is a program for checking for unchecked errors in Go code. These unchecked errors can be critical bugs in some cases.
+    - govet                     # Vet examines Go source code and reports suspicious constructs. It is roughly the same as 'go vet' and uses its passes.
+    - ineffassign               # Detects when assignments to existing variables are not used.
+    - staticcheck               # It's the set of rules from staticcheck.
+    - unused                    # Checks Go code for unused constants, variables, functions and types.
     # extra enabled by us
-    - asasalint  # checks for pass []any as any in variadic func(...any)
-    - asciicheck  # checks that your code does not contain non-ASCII identifiers
-    - bidichk  # checks for dangerous unicode character sequences
-    - bodyclose  # checks whether HTTP response body is closed successfully
-    - cyclop  # checks function and package cyclomatic complexity
-    - dupl  # tool for code clone detection
-    - durationcheck  # checks for two durations multiplied together
-    - dogsled  # find assignments/declarations with too many blank identifiers
-    - errname  # checks that sentinel errors are prefixed with the Err and error types are suffixed with the Error
-    - errorlint  # finds code that will cause problems with the error wrapping scheme introduced in Go 1.13
-    - exhaustive  # checks exhaustiveness of enum switch statements
-    - exptostd  # detects functions from golang.org/x/exp/ that can be replaced by std functions
-    - copyloopvar  # checks for pointers to enclosing loop variables
-    - fatcontext  # detects nested contexts in loops and function literals
-    - forbidigo  # forbids identifiers
-    - funlen  # tool for detection of long functions
-    - gocheckcompilerdirectives  # validates go compiler directive comments (//go:)
-    - goconst  # finds repeated strings that could be replaced by a constant
-    - gocritic  # provides diagnostics that check for bugs, performance and style issues
-    - gofmt  # checks if the code is formatted according to 'gofmt' command
-    - goimports  # in addition to fixing imports, goimports also formats your code in the same style as gofmt
-    - gomoddirectives  # manages the use of 'replace', 'retract', and 'excludes' directives in go.mod
-    - gomodguard  # allow and block lists linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations
-    - goprintffuncname  # checks that printf-like functions are named with f at the end
-    - gosec  # inspects source code for security problems
-    - loggercheck  # checks key value pairs for common logger libraries (kitlog,klog,logr,zap)
-    - makezero  # finds slice declarations with non-zero initial length
-    - mirror  # reports wrong mirror patterns of bytes/strings usage
-    - misspell  # finds commonly misspelled English words
-    - nakedret  # finds naked returns in functions greater than a specified function length
-    - nestif  # reports deeply nested if statements
-    - nilerr  # finds the code that returns nil even if it checks that the error is not nil
-    - nolintlint  # reports ill-formed or insufficient nolint directives
-    - nosprintfhostport  # checks for misuse of Sprintf to construct a host with port in a URL
-    - perfsprint  # Golang linter for performance, aiming at usages of fmt.Sprintf which have faster alternatives
-    - predeclared  # finds code that shadows one of Go's predeclared identifiers
-    - promlinter  # checks Prometheus metrics naming via promlint
-    - reassign  # checks that package variables are not reassigned
-    - revive  # fast, configurable, extensible, flexible, and beautiful linter for Go, drop-in replacement of golint
-    - rowserrcheck  # checks whether Err of rows is checked successfully
-    - sqlclosecheck  # checks that sql.Rows and sql.Stmt are closed
-    - sloglint  # A Go linter that ensures consistent code style when using log/slog
-    - tagliatelle  # checks the struct tags.
-    - usetesting  # detects using os.Setenv instead of t.Setenv since Go1.17
-    - testableexamples  # checks if examples are testable (have an expected output)
-    - tparallel  # detects inappropriate usage of t.Parallel() method in your Go test codes
-    - unconvert  # removes unnecessary type conversions
-    - unparam  # reports unused function parameters
-    - usestdlibvars  # detects the possibility to use variables/constants from the Go standard library
-    - wastedassign  # finds wasted assignment statements
-  fast: false
+    - asasalint                 # Check for pass []any as any in variadic func(...any).
+    - asciicheck                # Checks that all code identifiers does not have non-ASCII symbols in the name.
+    - bidichk                   # Checks for dangerous unicode character sequences.
+    - bodyclose                 # Checks whether HTTP response body is closed successfully.
+    - containedctx              # Containedctx is a linter that detects struct contained context.Context field.
+    - copyloopvar               # A linter detects places where loop variables are copied.
+    - cyclop                    # Checks function and package cyclomatic complexity.
+    - decorder                  # Check declaration order and count of types, constants, variables and functions.
+    - depguard                  # Go linter that checks if package imports are in a list of acceptable packages.
+    - dogsled                   # Checks assignments with too many blank identifiers (e.g. x, _, _, _,  #= f()).
+    - dupl                      # Detects duplicate fragments of code.
+    - dupword                   # Checks for duplicate words in the source code.
+    - durationcheck             # Check for two durations multiplied together.
+    - errchkjson                # Checks types passed to the json encoding functions. Reports unsupported types and reports occurrences where the check for the returned error can be omitted.
+    - errname                   # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`.
+    - errorlint                 # Find code that can cause problems with the error wrapping scheme introduced in Go 1.13.
+    - exhaustive                # Check exhaustiveness of enum switch statements.
+    - exptostd                  # Detects functions from golang.org/x/exp/ that can be replaced by std functions.
+    - fatcontext                # Detects nested contexts in loops and function literals.
+    - forbidigo                 # Forbids identifiers.
+    - funcorder                 # Checks the order of functions, methods, and constructors.
+    - funlen                    # Checks for long functions.
+    - ginkgolinter              # Enforces standards of using ginkgo and gomega.
+    - gocheckcompilerdirectives # Checks that go compiler directive comments (//go #) are valid.
+    - gochecksumtype            # Run exhaustiveness checks on Go "sum types".
+    - goconst                   # Finds repeated strings that could be replaced by a constant.
+    - gocritic                  # Provides diagnostics that check for bugs, performance and style issues.
+    - goheader                  # Check if file header matches to pattern.
+    - gomoddirectives           # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod.
+    - goprintffuncname          # Checks that printf-like functions are named with `f` at the end.
+    - gosec                     # Inspects source code for security problems.
+    - gosmopolitan              # Report certain i18n/l10n anti-patterns in your Go codebase.
+    - grouper                   # Analyze expression groups.
+    - importas                  # Enforces consistent import aliases.
+    - inamedparam               # Reports interfaces with unnamed method parameters.
+    - interfacebloat            # A linter that checks the number of methods inside an interface.
+    - intrange                  # Intrange is a linter to find places where for loops could make use of an integer range.
+    - loggercheck               # Checks key value pairs for common logger libraries (kitlog,klog,logr,slog,zap).
+    - maintidx                  # Maintidx measures the maintainability index of each function.
+    - makezero                  # Find slice declarations with non-zero initial length.
+    - mirror                    # Reports wrong mirror patterns of bytes/strings usage.
+    - misspell                  # Finds commonly misspelled English words.
+    - nakedret                  # Checks that functions with naked returns are not longer than a maximum size (can be zero).
+    - nestif                    # Reports deeply nested if statements.
+    - nilerr                    # Find the code that returns nil even if it checks that the error is not nil.
+    - nilnesserr                # Reports constructs that checks for err != nil, but returns a different nil value error.
+    - nolintlint                # Reports ill-formed or insufficient nolint directives.
+    - nosprintfhostport         # Checks for misuse of Sprintf to construct a host with port in a URL.
+    - perfsprint                # Checks that fmt.Sprintf can be replaced with a faster alternative.
+    - prealloc                  # Find slice declarations that could potentially be pre-allocated.
+    - predeclared               # Find code that shadows one of Go's predeclared identifiers.
+    - promlinter                # Check Prometheus metrics naming via promlint.
+    - protogetter               # Reports direct reads from proto message fields when getters should be used.
+    - reassign                  # Checks that package variables are not reassigned.
+    - recvcheck                 # Checks for receiver type consistency.
+    - revive                    # Fast, configurable, extensible, flexible, and beautiful linter for Go. Drop-in replacement of golint.
+    - rowserrcheck              # Checks whether Rows.Err of rows is checked successfully.
+    - sloglint                  # Ensure consistent code style when using log/slog.
+    - spancheck                 # Checks for mistakes with OpenTelemetry/Census spans.
+    - sqlclosecheck             # Checks that sql.Rows, sql.Stmt, sqlx.NamedStmt, pgx.Query are closed.
+    - tagliatelle               # Checks the struct tags.
+    - testableexamples          # Linter checks if examples are testable (have an expected output).
+    - testifylint               # Checks usage of github.com/stretchr/testify.
+    - thelper                   # Thelper detects tests helpers which is not start with t.Helper() method.
+    - tparallel                 # Tparallel detects inappropriate usage of t.Parallel() method in your Go test codes.
+    - unconvert                 # Remove unnecessary type conversions.
+    - unparam                   # Reports unused function parameters.
+    - usestdlibvars             # A linter that detect the possibility to use variables/constants from the Go standard library.
+    - usetesting                # Reports uses of functions with replacement inside the testing package.
+    - wastedassign              # Finds wasted assignment statements.
+    - zerologlint               # Detects the wrong usage of `zerolog` that a user forgets to dispatch with `Send` or `Msg`.
+  exclusions:
+    generated: lax
+    presets:
+      - comments
+      - common-false-positives
+      - legacy
+      - std-error-handling
+    rules:
+      - linters:
+          - bodyclose
+          - dogsled
+          - dupl
+          - funlen
+          - cyclop
+          - containedctx
+          - maintidx
+        path: _test\.go
+      - linters:
+          - cyclop
+        path: (.+)_test\.go
+    paths:
+      - third_party$
+      - builtin$
+      - examples$
+      - internal/ogc/features/cql/parser$
+  settings:
+    cyclop:
+      # The maximal code complexity to report.
+      # Default: 10
+      max-complexity: 15
+    depguard:
+      rules:
+        main:
+          deny:
+            - pkg: "math/rand$"
+              desc: use math/rand/v2
+            - pkg: "github.com/sirupsen/logrus"
+              desc: no longer maintained
+            - pkg: "github.com/pkg/errors"
+              desc: Should be replaced by standard lib errors package
+    forbidigo:
+      # Forbid the following identifiers (list of regexp).
+      # Default: ["^(fmt\\.Print(|f|ln)|print|println)$"]
+      forbid:
+        - pattern: ^(fmt\\.Print(|f|ln)|print|println)$
+        - pattern: http\.NotFound.*
+          msg: return RFC 7807 problem details instead
+        - pattern: http\.Error.*
+          msg: return RFC 7807 problem details instead
+    funlen:
+      # Checks the number of lines in a function.
+      # If lower than 0, disable the check.
+      # Default: 60
+      lines: 100
+    nestif:
+      # Minimal complexity of if statements to report.
+      # Default: 5
+      min-complexity: 6
+    revive:
+      rules:
+        # default rules
+        - name: blank-imports
+        - name: context-as-argument
+        - name: context-keys-type
+        - name: dot-imports
+        - name: empty-block
+        - name: error-naming
+        - name: error-return
+        - name: error-strings
+        - name: errorf
+        - name: exported
+        - name: increment-decrement
+        - name: indent-error-flow
+        - name: package-comments
+        - name: range
+        - name: receiver-naming
+        - name: redefines-builtin-id
+        - name: superfluous-else
+        - name: time-naming
+        - name: unexported-return
+        - name: unreachable-code
+        - name: unused-parameter
+        - name: var-declaration
+        # enabled or tweaked by us
+        - name: use-any
+        - name: var-naming
+          arguments:
+            - [ "ID" ] # AllowList
+            - [ "VM" ] # DenyList
+            - - skip-package-name-checks: true

Dockerfile

@@ -1,4 +1,4 @@
-FROM golang:1.24-alpine3.20 AS build-env
+FROM golang:1.26-alpine3.22 AS build-env
 
 RUN apk update && apk upgrade && \
    apk add --no-cache bash git pkgconfig gcc g++ libc-dev ca-certificates

feeds/process.go

@@ -8,7 +8,8 @@ import (
 
 // ProcessFeed func
 func ProcessFeeds(fs Feeds) []Feed {
-	var processedFeeds []Feed
+	processedFeeds := make([]Feed, 0, len(fs.Feeds))
+
 	for _, f := range fs.Feeds {
 		d := GetDefaultFeedProperties()
 		_ = mergo.Merge(&f, d)

go.mod

@@ -1,6 +1,6 @@
 module github.com/pdok/atom-generator
 
-go 1.24
+go 1.26.3
 
 require (
 	github.com/imdario/mergo v0.3.13