all: more linters (#24783)

This enables the following linters

- typecheck
- unused
- staticcheck
- bidichk
- durationcheck
- exportloopref
- gosec

With a few exceptions.

- We use a deprecated protobuf in trezor. I didn't want to mess with that, since I cannot meaningfully test any changes there.
- The deprecated TypeMux is used in a few places still, so the warning for it is silenced for now.
- Using string type in context.WithValue is apparently wrong, one should use a custom type, to prevent collisions between different places in the hierarchy of callers. That should be fixed at some point, but may require some attention.
- The warnings for using weak random generator are squashed, since we use a lot of random without need for cryptographic guarantees.

Some amendments from ethereum/go-ethereum@a907d7e

Author: antonydenyer

.golangci.yml

@@ -1,7 +1,7 @@
 # This file configures github.com/golangci/golangci-lint.
 
 run:
-  timeout: 5m
+  timeout: 20m
   tests: true
   # default is true. Enables skipping of directories:
   #   vendor$, third_party$, testdata$, examples$, Godeps$, builtin$
@@ -27,6 +27,15 @@ linters:
     - exportloopref
     - whitespace
 
+    # - structcheck # lots of false positives
+    # - errcheck #lot of false positives
+    # - contextcheck
+    # - errchkjson # lots of false positives
+    # - errorlint # this check crashes
+    # - exhaustive # silly check
+    # - makezero # false positives
+    # - nilerr # several intentional
+
 linters-settings:
   gofmt:
     simplify: true
@@ -35,20 +44,27 @@ linters-settings:
     min-occurrences: 6 # minimum number of occurrences
 
 issues:
-  new-from-rev: c4e9657
   exclude-rules:
-    - path: crypto/blake2b/
-      linters:
-        - deadcode
-    - path: crypto/bn256/cloudflare
-      linters:
-        - deadcode
-    - path: p2p/discv5/
-      linters:
-        - deadcode
-    - path: core/vm/instructions_test.go
-      linters:
-        - goconst
-    - path: cmd/faucet/
+    - path: crypto/bn256/cloudflare/optate.go
       linters:
         - deadcode
+        - staticcheck
+    - path: internal/build/pgp.go
+      text: 'SA1019: "golang.org/x/crypto/openpgp" is deprecated: this package is unmaintained except for security fixes.'
+    - path: core/vm/contracts.go
+      text: 'SA1019: "golang.org/x/crypto/ripemd160" is deprecated: RIPEMD-160 is a legacy hash and should not be used for new applications.'
+    - path: accounts/usbwallet/trezor.go
+      text: 'SA1019: "github.com/golang/protobuf/proto" is deprecated: Use the "google.golang.org/protobuf/proto" package instead.'
+    - path: accounts/usbwallet/trezor/
+      text: 'SA1019: "github.com/golang/protobuf/proto" is deprecated: Use the "google.golang.org/protobuf/proto" package instead.'
+    - path: plugin/account/internal/testutils/matchers.go
+      text: 'SA1019: "github.com/golang/protobuf/proto" is deprecated: Use the "google.golang.org/protobuf/proto" package instead.'
+    - path: rpc/
+      text: 'SA1019: "github.com/golang/protobuf/proto" is deprecated: Use the "google.golang.org/protobuf/proto" package instead.'
+    - path: rpc/
+      text: 'SA1019: "github.com/golang/protobuf/ptypes" is deprecated: Well-known types have specialized functionality directly injected into the generated packages for each message type. See the deprecation notice for each function for the suggested alternative'
+  exclude:
+    - 'SA1019: event.TypeMux is deprecated: use Feed'
+    - 'SA1019: strings.Title is deprecated'
+    - 'SA1019: strings.Title has been deprecated since Go 1.18 and an alternative has been available since Go 1.0: The rule Title uses for word boundaries does not handle Unicode punctuation properly. Use golang.org/x/text/cases instead.'
+    - 'SA1029: should not use built-in type string as key for value'

accounts/abi/abi_test.go

@@ -1028,9 +1028,7 @@ func TestABI_EventById(t *testing.T) {
 		}
 		if event == nil {
 			t.Errorf("We should find a event for topic %s, test #%d", topicID.Hex(), testnum)
-		}
-
-		if event.ID != topicID {
+		} else if event.ID != topicID {
 			t.Errorf("Event id %s does not match topic %s, test #%d", event.ID.Hex(), topicID.Hex(), testnum)
 		}
 

accounts/abi/bind/backends/simulated.go

@@ -165,11 +165,11 @@ func (b *SimulatedBackend) CodeAt(ctx context.Context, contract common.Address,
 	b.mu.Lock()
 	defer b.mu.Unlock()
 
-	stateDB, err := b.stateByBlockNumber(ctx, blockNumber)
+	_, err := b.stateByBlockNumber(ctx, blockNumber)
 	if err != nil {
 		return nil, err
 	}
-	stateDB, _, _ = b.blockchain.State()
+	stateDB, _, _ := b.blockchain.State()
 	return stateDB.GetCode(contract), nil
 }
 
@@ -178,11 +178,11 @@ func (b *SimulatedBackend) BalanceAt(ctx context.Context, contract common.Addres
 	b.mu.Lock()
 	defer b.mu.Unlock()
 
-	stateDB, err := b.stateByBlockNumber(ctx, blockNumber)
+	_, err := b.stateByBlockNumber(ctx, blockNumber)
 	if err != nil {
 		return nil, err
 	}
-	stateDB, _, _ = b.blockchain.State()
+	stateDB, _, _ := b.blockchain.State()
 	return stateDB.GetBalance(contract), nil
 }
 
@@ -191,11 +191,11 @@ func (b *SimulatedBackend) NonceAt(ctx context.Context, contract common.Address,
 	b.mu.Lock()
 	defer b.mu.Unlock()
 
-	stateDB, err := b.stateByBlockNumber(ctx, blockNumber)
+	_, err := b.stateByBlockNumber(ctx, blockNumber)
 	if err != nil {
 		return 0, err
 	}
-	stateDB, _, _ = b.blockchain.State()
+	stateDB, _, _ := b.blockchain.State()
 	return stateDB.GetNonce(contract), nil
 }
 
@@ -204,11 +204,11 @@ func (b *SimulatedBackend) StorageAt(ctx context.Context, contract common.Addres
 	b.mu.Lock()
 	defer b.mu.Unlock()
 
-	stateDB, err := b.stateByBlockNumber(ctx, blockNumber)
+	_, err := b.stateByBlockNumber(ctx, blockNumber)
 	if err != nil {
 		return nil, err
 	}
-	stateDB, _, _ = b.blockchain.State()
+	stateDB, _, _ := b.blockchain.State()
 	val := stateDB.GetState(contract, key)
 	return val[:], nil
 }

accounts/abi/bind/backends/simulated_test.go

@@ -78,7 +78,7 @@ func TestSimulatedBackend(t *testing.T) {
 	}
 
 	sim.Commit()
-	tx, isPending, err = sim.TransactionByHash(context.Background(), txHash)
+	_, isPending, err = sim.TransactionByHash(context.Background(), txHash)
 	if err != nil {
 		t.Fatalf("error getting transaction with hash: %v", txHash.String())
 	}
@@ -621,8 +621,7 @@ func TestSimulatedBackend_HeaderByNumber(t *testing.T) {
 	}
 	if latestBlockHeader == nil {
 		t.Errorf("received a nil block header")
-	}
-	if latestBlockHeader.Number.Uint64() != uint64(0) {
+	} else if latestBlockHeader.Number.Uint64() != uint64(0) {
 		t.Errorf("expected block header number 0, instead got %v", latestBlockHeader.Number.Uint64())
 	}
 

accounts/abi/bind/base_test.go

@@ -60,7 +60,6 @@ func (mc *mockCaller) PendingCallContract(ctx context.Context, call ethereum.Cal
 	return nil, nil
 }
 func TestPassingBlockNumber(t *testing.T) {
-
 	mc := &mockCaller{}
 
 	bc := bind.NewBoundContract(common.HexToAddress("0x0"), abi.ABI{

accounts/abi/error.go

@@ -73,7 +73,6 @@ func typeCheck(t Type, value reflect.Value) error {
 	} else {
 		return nil
 	}
-
 }
 
 // typeErr returns a formatted type casting error.

accounts/abi/event_test.go

@@ -161,7 +161,6 @@ func TestEventMultiValueWithArrayUnpack(t *testing.T) {
 }
 
 func TestEventTupleUnpack(t *testing.T) {
-
 	type EventTransfer struct {
 		Value *big.Int
 	}

accounts/abi/reflect.go

@@ -233,7 +233,6 @@ func mapArgNamesToStructFields(argNames []string, value reflect.Value) (map[stri
 
 	// second round ~~~
 	for _, argName := range argNames {
-
 		structFieldName := ToCamelCase(argName)
 
 		if structFieldName == "" {

accounts/abi/unpack.go

@@ -115,7 +115,6 @@ func ReadFixedBytes(t Type, word []byte) (interface{}, error) {
 
 	reflect.Copy(array, reflect.ValueOf(word[0:t.Size]))
 	return array.Interface(), nil
-
 }
 
 // forEachUnpack iteratively unpack elements.

accounts/external/backend.go

@@ -152,11 +152,6 @@ func (api *ExternalSigner) SelfDerive(bases []accounts.DerivationPath, chain eth
 	log.Error("operation SelfDerive not supported on external signers")
 }
 
-func (api *ExternalSigner) signHash(account accounts.Account, hash []byte) ([]byte, error) {
-	return []byte{}, fmt.Errorf("operation not supported on external signers")
-}
-
-// SignData signs keccak256(data). The mimetype parameter describes the type of data being signed
 func (api *ExternalSigner) SignData(account accounts.Account, mimeType string, data []byte) ([]byte, error) {
 	var res hexutil.Bytes
 	var signAddress = common.NewMixedcaseAddress(account.Address)

accounts/keystore/keystore_test.go

@@ -389,7 +389,6 @@ func TestImportExport(t *testing.T) {
 	if _, err = ks2.Import(json, "new", "new"); err == nil {
 		t.Errorf("importing a key twice succeeded")
 	}
-
 }
 
 // TestImportRace tests the keystore on races.
@@ -416,7 +415,6 @@ func TestImportRace(t *testing.T) {
 			if _, err := ks2.Import(json, "new", "new"); err != nil {
 				atomic.AddUint32(&atom, 1)
 			}
-
 		}()
 	}
 	wg.Wait()

accounts/keystore/passphrase.go

@@ -139,7 +139,6 @@ func (ks keyStorePassphrase) JoinPath(filename string) string {
 
 // Encryptdata encrypts the data given as 'data' with the password 'auth'.
 func EncryptDataV3(data, auth []byte, scryptN, scryptP int) (CryptoJSON, error) {
-
 	salt := make([]byte, 32)
 	if _, err := io.ReadFull(rand.Reader, salt); err != nil {
 		panic("reading from crypto/rand failed: " + err.Error())
@@ -342,7 +341,6 @@ func getKDFKey(cryptoJSON CryptoJSON, auth string) ([]byte, error) {
 		r := ensureInt(cryptoJSON.KDFParams["r"])
 		p := ensureInt(cryptoJSON.KDFParams["p"])
 		return scrypt.Key(authArray, salt, n, r, p, dkLen)
-
 	} else if cryptoJSON.KDF == "pbkdf2" {
 		c := ensureInt(cryptoJSON.KDFParams["c"])
 		prf := cryptoJSON.KDFParams["prf"].(string)

accounts/usbwallet/wallet.go

@@ -527,7 +527,6 @@ func (w *wallet) signHash(account accounts.Account, hash []byte) ([]byte, error)
 
 // SignData signs keccak256(data). The mimetype parameter describes the type of data being signed
 func (w *wallet) SignData(account accounts.Account, mimeType string, data []byte) ([]byte, error) {
-
 	// Unless we are doing 712 signing, simply dispatch to signHash
 	if !(mimeType == accounts.MimetypeTypedData && len(data) == 66 && data[0] == 0x19 && data[1] == 0x01) {
 		return w.signHash(account, crypto.Keccak256(data))

cmd/clef/main.go

@@ -897,7 +897,6 @@ func confirm(text string) bool {
 }
 
 func testExternalUI(api *core.SignerAPI) {
-
 	ctx := context.WithValue(context.Background(), "remote", "clef binary")
 	ctx = context.WithValue(ctx, "scheme", "in-proc")
 	ctx = context.WithValue(ctx, "local", "main")
@@ -997,7 +996,6 @@ func testExternalUI(api *core.SignerAPI) {
 		expectDeny("signdata - text", err)
 	}
 	{ // Sign transaction
-
 		api.UI.ShowInfo("Please reject next transaction")
 		time.Sleep(delay)
 		data := hexutil.Bytes([]byte{})
@@ -1040,7 +1038,6 @@ func testExternalUI(api *core.SignerAPI) {
 	}
 	result := fmt.Sprintf("Tests completed. %d errors:\n%s\n", len(errs), strings.Join(errs, "\n"))
 	api.UI.ShowInfo(result)
-
 }
 
 type encryptedSeedStorage struct {
@@ -1077,7 +1074,6 @@ func decryptSeed(keyjson []byte, auth string) ([]byte, error) {
 
 // GenDoc outputs examples of all structures used in json-rpc communication
 func GenDoc(ctx *cli.Context) {
-
 	var (
 		a    = common.HexToAddress("0xdeadbeef000000000000000000000000deadbeef")
 		b    = common.HexToAddress("0x1111111122222222222233333333334444444444")
@@ -1187,7 +1183,6 @@ func GenDoc(ctx *cli.Context) {
 		var tx types.Transaction
 		tx.UnmarshalBinary(rlpdata)
 		add("OnApproved - SignTransactionResult", desc, &ethapi.SignTransactionResult{Raw: rlpdata, Tx: &tx})
-
 	}
 	{ // User input
 		add("UserInputRequest", "Sent when clef needs the user to provide data. If 'password' is true, the input field should be treated accordingly (echo-free)",

cmd/devp2p/internal/ethtest/chain.go

@@ -108,7 +108,6 @@ func (c *Chain) GetHeaders(req GetBlockHeaders) (BlockHeaders, error) {
 		for i := 1; i < int(req.Amount); i++ {
 			blockNumber -= (1 - req.Skip)
 			headers[i] = c.blocks[blockNumber].Header()
-
 		}
 
 		return headers, nil

cmd/devp2p/internal/ethtest/eth66_suite.go

@@ -365,7 +365,6 @@ func (s *Suite) TestMaliciousTx_66(t *utesting.T) {
 		if err := sendConn.Write(&Transactions{tx}); err != nil {
 			t.Fatalf("could not write to connection: %v", err)
 		}
-
 	}
 	// check to make sure bad txs aren't propagated
 	waitForTxPropagation(t, s, badTxs, recvConn)

cmd/devp2p/internal/ethtest/suite.go

@@ -543,7 +543,6 @@ func (s *Suite) TestMaliciousTx(t *utesting.T) {
 		if err := sendConn.Write(&Transactions{tx}); err != nil {
 			t.Fatalf("could not write to connection: %v", err)
 		}
-
 	}
 	// check to make sure bad txs aren't propagated
 	waitForTxPropagation(t, s, badTxs, recvConn)

cmd/devp2p/internal/v5test/framework.go

@@ -60,11 +60,9 @@ type conn struct {
 	remoteAddr *net.UDPAddr
 	listeners  []net.PacketConn
 
-	log           logger
-	codec         *v5wire.Codec
-	lastRequest   v5wire.Packet
-	lastChallenge *v5wire.Whoareyou
-	idCounter     uint32
+	log       logger
+	codec     *v5wire.Codec
+	idCounter uint32
 }
 
 type logger interface {

cmd/evm/internal/t8ntool/execution.go

@@ -83,7 +83,6 @@ type stEnvMarshaling struct {
 func (pre *Prestate) Apply(vmConfig vm.Config, chainConfig *params.ChainConfig,
 	txs types.Transactions, miningReward int64,
 	getTracerFn func(txIndex int, txHash common.Hash) (tracer vm.Tracer, err error)) (*state.StateDB, *ExecutionResult, error) {
-
 	// Capture errors for BLOCKHASH operation, if we haven't been supplied the
 	// required blockhashes
 	var hashError error

cmd/evm/internal/t8ntool/transition.go

@@ -221,7 +221,6 @@ func Main(ctx *cli.Context) error {
 	collector := make(Alloc)
 	state.DumpToCollector(collector, false, false, false, nil, -1)
 	return dispatchOutput(ctx, baseDir, result, collector, body)
-
 }
 
 // txWithKey is a helper-struct, to allow us to use the types.Transaction along with

cmd/geth/accountcmd.go

@@ -240,14 +240,15 @@ func ambiguousAddrRecovery(ks *keystore.KeyStore, err *keystore.AmbiguousAddrErr
 	}
 	fmt.Println("Testing your password against all of them...")
 	var match *accounts.Account
-	for _, a := range err.Matches {
-		if err := ks.Unlock(a, auth); err == nil {
-			match = &a
+	for i, a := range err.Matches {
+		if e := ks.Unlock(a, auth); e == nil {
+			match = &err.Matches[i]
 			break
 		}
 	}
 	if match == nil {
 		utils.Fatalf("None of the listed files could be unlocked.")
+		return accounts.Account{}
 	}
 	fmt.Printf("Your password unlocked %s\n", match.URL)
 	fmt.Println("In order to avoid this warning, you need to remove the following duplicate key files:")

cmd/geth/config_test.go

@@ -252,7 +252,7 @@ func TestFlagsConfig(t *testing.T) {
 		case cli.UintFlag:
 			set.Uint(f.Name, f.Value+10, f.Usage)
 		default:
-			t.Log(fmt.Sprintf("unknown %t", f))
+			t.Logf("unknown %t", f)
 			t.Fail()
 		}
 	}