chore(ci): add golangci-linter and run a fix

.github/workflows/test.yaml

@@ -25,6 +25,17 @@ jobs:
       with:
         token: ${{ secrets.CODECOV_TOKEN }}
         codecov_yml_path: .github/codecov.yml
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+    - name: Install Task
+      uses: arduino/setup-task@v2
+      with:
+        repo-token: ${{ secrets.GITHUB_TOKEN }}
+    - name: Lint
+      run: task lint
   compatibility:
     name: Backward compatibility with Sprig v3 (template output)
     runs-on: ubuntu-latest

.golangci.yaml

@@ -5,11 +5,12 @@ linters:
     - gocritic
     - gofumpt
     - misspell
-    - nonamedreturns
     - testifylint
     - errcheck
 
 linters-settings:
+  gofumpt:
+    module-path: github.com/go-sprout/sprout
   errorlint:
     # Check whether fmt.Errorf uses the %w verb for formatting errors.
     # See the https://github.com/polyfloyd/go-errorlint for caveats.

docs/migration-from-sprig.md

@@ -262,7 +262,7 @@ Move critical operations outside of templates to maintain security.
 Perform cryptographic operations (listed in `crypto` package) outside of templates.
 {% endhint %}
 
-All deprecated features are flagged with <mark style="color:red;">`//! DEPRECATED`</mark> in codebase. \
+All deprecated features are flagged with <mark style="color:red;">`// ! DEPRECATED`</mark> in codebase. \
 A complete list will be available here when the v1 of Sprout are released.&#x20;
 
 ## <mark style="color:purple;">Conclusion</mark>

handler.go

@@ -111,7 +111,7 @@ func (dh *DefaultHandler) Build() FunctionMap {
 	// If safe functions are enabled, wrap all functions with a safe wrapper
 	// that logs any errors that occur during function execution.
 	if dh.wantSafeFuncs {
-		var safeFuncs = make(FunctionMap)
+		safeFuncs := make(FunctionMap)
 		for funcName, fn := range dh.cachedFuncsMap {
 			safeFuncs[safeFuncName(funcName)] = dh.safeWrapper(funcName, fn)
 		}

registry/_example/_example.go

@@ -16,7 +16,7 @@ func NewRegistry() *ExampleRegistry {
 
 // Uid returns the unique identifier of the registry.
 func (or *ExampleRegistry) Uid() string {
-	return "example" //! Must be unique and in camel case
+	return "example" // ! Must be unique and in camel case
 }
 
 // LinkHandler links the handler to the registry at runtime.

registry/backward/backward.go

@@ -36,7 +36,7 @@ func NewRegistry() *BackwardCompatibilityRegistry {
 
 // Uid returns the unique identifier of the registry.
 func (bcr *BackwardCompatibilityRegistry) Uid() string {
-	return "backwardCompatibilityWithSprig" //! Must be unique and in camel case
+	return "backwardCompatibilityWithSprig" // ! Must be unique and in camel case
 }
 
 // LinkHandler links the handler to the registry at runtime.

registry/checksum/functions_test.go

@@ -19,7 +19,7 @@ func TestSha1Sum(t *testing.T) {
 	soloHash := sha1.Sum([]byte("a"))
 	multiHash := sha1.Sum([]byte("hello world"))
 
-	var tc = []pesticide.TestCase{
+	tc := []pesticide.TestCase{
 		{Name: "TestEmptyInput", Input: `{{sha1Sum ""}}`, ExpectedOutput: hex.EncodeToString(noHash[:])},
 		{Name: "TestSingleByteInput", Input: `{{sha1Sum "a"}}`, ExpectedOutput: hex.EncodeToString(soloHash[:])},
 		{Name: "TestMultiByteInput", Input: `{{sha1Sum "hello world"}}`, ExpectedOutput: hex.EncodeToString(multiHash[:])},
@@ -32,7 +32,7 @@ func TestSha256Sum(t *testing.T) {
 	soloHash := sha256.Sum256([]byte("a"))
 	multiHash := sha256.Sum256([]byte("hello world"))
 
-	var tc = []pesticide.TestCase{
+	tc := []pesticide.TestCase{
 		{Name: "TestEmptyInput", Input: `{{sha256Sum ""}}`, ExpectedOutput: hex.EncodeToString(noHash[:])},
 		{Name: "TestSingleByteInput", Input: `{{sha256Sum "a"}}`, ExpectedOutput: hex.EncodeToString(soloHash[:])},
 		{Name: "TestMultiByteInput", Input: `{{sha256Sum "hello world"}}`, ExpectedOutput: hex.EncodeToString(multiHash[:])},
@@ -45,7 +45,7 @@ func TestSha512sum(t *testing.T) {
 	soloHash := sha512.Sum512([]byte("a"))
 	multiHash := sha512.Sum512([]byte("hello world"))
 
-	var tc = []pesticide.TestCase{
+	tc := []pesticide.TestCase{
 		{Name: "TestEmptyInput", Input: `{{sha512Sum ""}}`, ExpectedOutput: hex.EncodeToString(noHash[:])},
 		{Name: "TestSingleByteInput", Input: `{{sha512Sum "a"}}`, ExpectedOutput: hex.EncodeToString(soloHash[:])},
 		{Name: "TestMultiByteInput", Input: `{{sha512Sum "hello world"}}`, ExpectedOutput: hex.EncodeToString(multiHash[:])},
@@ -58,7 +58,7 @@ func TestAdler32Sum(t *testing.T) {
 	soloHash := adler32.Checksum([]byte("a"))
 	multiHash := adler32.Checksum([]byte("hello world"))
 
-	var tc = []pesticide.TestCase{
+	tc := []pesticide.TestCase{
 		{Name: "TestEmptyInput", Input: `{{adler32Sum ""}}`, ExpectedOutput: fmt.Sprint(noHash)},
 		{Name: "TestSingleByteInput", Input: `{{adler32Sum "a"}}`, ExpectedOutput: fmt.Sprint(soloHash)},
 		{Name: "TestMultiByteInput", Input: `{{adler32Sum "hello world"}}`, ExpectedOutput: fmt.Sprint(multiHash)},
@@ -71,7 +71,7 @@ func TestMD5Sum(t *testing.T) {
 	soloHash := md5.Sum([]byte("a"))
 	multiHash := md5.Sum([]byte("hello world"))
 
-	var tc = []pesticide.TestCase{
+	tc := []pesticide.TestCase{
 		{Name: "TestEmptyInput", Input: `{{md5Sum ""}}`, ExpectedOutput: hex.EncodeToString(noHash[:])},
 		{Name: "TestSingleByteInput", Input: `{{md5Sum "a"}}`, ExpectedOutput: hex.EncodeToString(soloHash[:])},
 		{Name: "TestMultiByteInput", Input: `{{md5Sum "hello world"}}`, ExpectedOutput: hex.EncodeToString(multiHash[:])},

registry/conversion/functions_test.go

@@ -9,7 +9,7 @@ import (
 )
 
 func TestToBool(t *testing.T) {
-	var tc = []pesticide.TestCase{
+	tc := []pesticide.TestCase{
 		{Name: "TestBool", Input: `{{$v := toBool .V }}{{kindOf $v}}-{{$v}}`, ExpectedOutput: "bool-true", Data: map[string]any{"V": true}},
 		{Name: "TestInt", Input: `{{$v := toBool .V }}{{kindOf $v}}-{{$v}}`, ExpectedOutput: "bool-true", Data: map[string]any{"V": 1}},
 		{Name: "TestInt32", Input: `{{$v := toBool .V }}{{kindOf $v}}-{{$v}}`, ExpectedOutput: "bool-true", Data: map[string]any{"V": int32(1)}},
@@ -23,7 +23,7 @@ func TestToBool(t *testing.T) {
 }
 
 func TestToInt(t *testing.T) {
-	var tc = []pesticide.TestCase{
+	tc := []pesticide.TestCase{
 		{Name: "TestInt", Input: `{{$v := toInt .V }}{{kindOf $v}}-{{$v}}`, ExpectedOutput: "int-1", Data: map[string]any{"V": 1}},
 		{Name: "TestInt32", Input: `{{$v := toInt .V }}{{kindOf $v}}-{{$v}}`, ExpectedOutput: "int-1", Data: map[string]any{"V": int32(1)}},
 		{Name: "TestFloat64", Input: `{{$v := toInt .V }}{{kindOf $v}}-{{$v}}`, ExpectedOutput: "int-1", Data: map[string]any{"V": float64(1.42)}},
@@ -36,7 +36,7 @@ func TestToInt(t *testing.T) {
 }
 
 func TestToInt64(t *testing.T) {
-	var tc = []pesticide.TestCase{
+	tc := []pesticide.TestCase{
 		{Name: "TestInt", Input: `{{$v := toInt64 .V }}{{typeOf $v}}-{{$v}}`, ExpectedOutput: "int64-1", Data: map[string]any{"V": 1}},
 		{Name: "TestInt32", Input: `{{$v := toInt64 .V }}{{typeOf $v}}-{{$v}}`, ExpectedOutput: "int64-1", Data: map[string]any{"V": int32(1)}},
 		{Name: "TestFloat64", Input: `{{$v := toInt64 .V }}{{typeOf $v}}-{{$v}}`, ExpectedOutput: "int64-1", Data: map[string]any{"V": float64(1.42)}},
@@ -49,7 +49,7 @@ func TestToInt64(t *testing.T) {
 }
 
 func TestToUint(t *testing.T) {
-	var tc = []pesticide.TestCase{
+	tc := []pesticide.TestCase{
 		{Name: "TestInt", Input: `{{$v := toUint .V }}{{kindOf $v}}-{{$v}}`, ExpectedOutput: "uint-1", Data: map[string]any{"V": 1}},
 		{Name: "TestInt32", Input: `{{$v := toUint .V }}{{kindOf $v}}-{{$v}}`, ExpectedOutput: "uint-1", Data: map[string]any{"V": int32(1)}},
 		{Name: "TestFloat64", Input: `{{$v := toUint .V }}{{kindOf $v}}-{{$v}}`, ExpectedOutput: "uint-1", Data: map[string]any{"V": float64(1.42)}},
@@ -62,7 +62,7 @@ func TestToUint(t *testing.T) {
 }
 
 func TestToUint64(t *testing.T) {
-	var tc = []pesticide.TestCase{
+	tc := []pesticide.TestCase{
 		{Name: "TestInt", Input: `{{$v := toUint64 .V }}{{typeOf $v}}-{{$v}}`, ExpectedOutput: "uint64-1", Data: map[string]any{"V": 1}},
 		{Name: "TestInt32", Input: `{{$v := toUint64 .V }}{{typeOf $v}}-{{$v}}`, ExpectedOutput: "uint64-1", Data: map[string]any{"V": int32(1)}},
 		{Name: "TestFloat64", Input: `{{$v := toUint64 .V }}{{typeOf $v}}-{{$v}}`, ExpectedOutput: "uint64-1", Data: map[string]any{"V": float64(1.42)}},
@@ -75,7 +75,7 @@ func TestToUint64(t *testing.T) {
 }
 
 func TestToFloat64(t *testing.T) {
-	var tc = []pesticide.TestCase{
+	tc := []pesticide.TestCase{
 		{Name: "TestInt", Input: `{{$v := toFloat64 .V }}{{typeOf $v}}-{{$v}}`, ExpectedOutput: "float64-1", Data: map[string]any{"V": 1}},
 		{Name: "TestInt32", Input: `{{$v := toFloat64 .V }}{{typeOf $v}}-{{$v}}`, ExpectedOutput: "float64-1", Data: map[string]any{"V": int32(1)}},
 		{Name: "TestFloat64", Input: `{{$v := toFloat64 .V }}{{typeOf $v}}-{{$v}}`, ExpectedOutput: "float64-1.42", Data: map[string]any{"V": float64(1.42)}},
@@ -88,7 +88,7 @@ func TestToFloat64(t *testing.T) {
 }
 
 func TestToOctal(t *testing.T) {
-	var tc = []pesticide.TestCase{
+	tc := []pesticide.TestCase{
 		{Name: "TestInt", Input: `{{$v := toOctal .V }}{{typeOf $v}}-{{$v}}`, ExpectedOutput: "int64-511", Data: map[string]any{"V": 777}},
 		{Name: "TestInt32", Input: `{{$v := toOctal .V }}{{typeOf $v}}-{{$v}}`, ExpectedOutput: "int64-504", Data: map[string]any{"V": int32(770)}},
 		{Name: "TestString", Input: `{{$v := toOctal .V }}{{typeOf $v}}-{{$v}}`, ExpectedOutput: "int64-1", Data: map[string]any{"V": "1"}},
@@ -105,8 +105,7 @@ func (s testStringer) String() string {
 }
 
 func TestToString(t *testing.T) {
-
-	var tc = []pesticide.TestCase{
+	tc := []pesticide.TestCase{
 		{Name: "TestInt", Input: `{{$v := toString .V }}{{typeOf $v}}-{{$v}}`, ExpectedOutput: "string-1", Data: map[string]any{"V": 1}},
 		{Name: "TestInt32", Input: `{{$v := toString .V }}{{typeOf $v}}-{{$v}}`, ExpectedOutput: "string-1", Data: map[string]any{"V": int32(1)}},
 		{Name: "TestFloat64", Input: `{{$v := toString .V }}{{typeOf $v}}-{{$v}}`, ExpectedOutput: "string-1.42", Data: map[string]any{"V": float64(1.42)}},
@@ -121,7 +120,7 @@ func TestToString(t *testing.T) {
 }
 
 func TestToDate(t *testing.T) {
-	var tc = []pesticide.TestCase{
+	tc := []pesticide.TestCase{
 		{
 			Name:           "TestDate",
 			Input:          `{{$v := toDate "2006-01-02" .V }}{{typeOf $v}}-{{$v}}`,
@@ -152,7 +151,7 @@ func TestToDate(t *testing.T) {
 }
 
 func TestToDuration(t *testing.T) {
-	var tc = []pesticide.TestCase{
+	tc := []pesticide.TestCase{
 		{Name: "TestInt", Input: `{{$v := toDuration .V }}{{typeOf $v}}-{{$v}}`, ExpectedOutput: "time.Duration-1ns", Data: map[string]any{"V": 1}},
 		{Name: "TestInt32", Input: `{{$v := toDuration .V }}{{typeOf $v}}-{{$v}}`, ExpectedOutput: "time.Duration-1µs", Data: map[string]any{"V": int32(1000)}},
 		{Name: "TestFloat64", Input: `{{$v := toDuration .V }}{{typeOf $v}}-{{$v}}`, ExpectedOutput: "time.Duration-1.00042ms", Data: map[string]any{"V": float64(1000 * 1000.42)}},

registry/crypto/functions.go

@@ -4,7 +4,7 @@ import (
 	"bytes"
 	"crypto/aes"
 	"crypto/cipher"
-	"crypto/dsa"
+	"crypto/dsa" //nolint:staticcheck
 	"crypto/ecdsa"
 	"crypto/ed25519"
 	"crypto/elliptic"
@@ -36,7 +36,7 @@ import (
 func (ch *CryptoRegistry) Bcrypt(input string) (string, error) {
 	hash, err := bcrypt_lib.GenerateFromPassword([]byte(input), bcrypt_lib.DefaultCost)
 	if err != nil {
-		return "", fmt.Errorf("failed to encrypt string with bcrypt: %s", err)
+		return "", fmt.Errorf("failed to encrypt string with bcrypt: %w", err)
 	}
 
 	return string(hash), nil
@@ -88,7 +88,7 @@ func (ch *CryptoRegistry) DerivePassword(counter uint32, passwordType, password,
 	salt := buffer.Bytes()
 	key, err := scrypt.Key([]byte(password), salt, 32768, 8, 2, 64)
 	if err != nil {
-		return "", fmt.Errorf("failed to derive password: %s", err)
+		return "", fmt.Errorf("failed to derive password: %w", err)
 	}
 
 	buffer.Truncate(len(masterPasswordSeed))
@@ -101,7 +101,7 @@ func (ch *CryptoRegistry) DerivePassword(counter uint32, passwordType, password,
 	seed := hmacv.Sum(nil)
 	temp := templates[int(seed[0])%len(templates)]
 
-	buffer.Truncate(0)
+	buffer.Reset()
 	for i, element := range temp {
 		passChars := templateCharacters[element]
 		passChar := passChars[int(seed[i+1])%len(passChars)]
@@ -130,7 +130,7 @@ func (ch *CryptoRegistry) GeneratePrivateKey(typ string) (string, error) {
 		key := new(dsa.PrivateKey)
 		// again, good enough for government work
 		if err = dsa.GenerateParameters(&key.Parameters, cryptorand.Reader, dsa.L2048N256); err != nil {
-			return "", fmt.Errorf("failed to generate dsa params: %s", err)
+			return "", fmt.Errorf("failed to generate dsa params: %w", err)
 		}
 		err = dsa.GenerateKey(key, cryptorand.Reader)
 		priv = key
@@ -143,7 +143,7 @@ func (ch *CryptoRegistry) GeneratePrivateKey(typ string) (string, error) {
 		return "", fmt.Errorf("Unknown type %s", typ)
 	}
 	if err != nil {
-		return "", fmt.Errorf("failed to generate private key: %s", err)
+		return "", fmt.Errorf("failed to generate private key: %w", err)
 	}
 
 	return string(pem.EncodeToMemory(ch.pemBlockForKey(priv))), nil
@@ -178,17 +178,14 @@ func (ch *CryptoRegistry) BuildCustomCertificate(b64cert string, b64key string)
 	_, err = x509.ParseCertificate(decodedCert.Bytes)
 	if err != nil {
 		return crt, fmt.Errorf(
-			"error parsing certificate: decodedCert.Bytes: %s",
+			"error parsing certificate: decodedCert.Bytes: %w",
 			err,
 		)
 	}
 
 	_, err = ch.parsePrivateKeyPEM(string(key))
 	if err != nil {
-		return crt, fmt.Errorf(
-			"error parsing private key: %s",
-			err,
-		)
+		return crt, fmt.Errorf("error parsing private key: %w", err)
 	}
 
 	crt.Cert = string(cert)
@@ -216,7 +213,7 @@ func (ch *CryptoRegistry) GenerateCertificateAuthority(
 ) (Certificate, error) {
 	priv, err := rsa.GenerateKey(cryptorand.Reader, 2048)
 	if err != nil {
-		return Certificate{}, fmt.Errorf("error generating rsa key: %s", err)
+		return Certificate{}, fmt.Errorf("error generating rsa key: %w", err)
 	}
 
 	return ch.generateCertificateAuthorityWithKeyInternal(cn, daysValid, priv)
@@ -243,7 +240,7 @@ func (ch *CryptoRegistry) GenerateCertificateAuthorityWithPEMKey(
 ) (Certificate, error) {
 	priv, err := ch.parsePrivateKeyPEM(privPEM)
 	if err != nil {
-		return Certificate{}, fmt.Errorf("parsing private key: %s", err)
+		return Certificate{}, fmt.Errorf("parsing private key: %w", err)
 	}
 	return ch.generateCertificateAuthorityWithKeyInternal(cn, daysValid, priv)
 }
@@ -271,7 +268,7 @@ func (ch *CryptoRegistry) GenerateSelfSignedCertificate(
 ) (Certificate, error) {
 	priv, err := rsa.GenerateKey(cryptorand.Reader, 2048)
 	if err != nil {
-		return Certificate{}, fmt.Errorf("error generating rsa key: %s", err)
+		return Certificate{}, fmt.Errorf("error generating rsa key: %w", err)
 	}
 	return ch.generateSelfSignedCertificateWithKeyInternal(cn, ips, alternateDNS, daysValid, priv)
 }
@@ -301,7 +298,7 @@ func (ch *CryptoRegistry) GenerateSelfSignedCertificateWithPEMKey(
 ) (Certificate, error) {
 	priv, err := ch.parsePrivateKeyPEM(privPEM)
 	if err != nil {
-		return Certificate{}, fmt.Errorf("parsing private key: %s", err)
+		return Certificate{}, fmt.Errorf("parsing private key: %w", err)
 	}
 	return ch.generateSelfSignedCertificateWithKeyInternal(cn, ips, alternateDNS, daysValid, priv)
 }
@@ -331,7 +328,7 @@ func (ch *CryptoRegistry) GenerateSignedCertificate(
 ) (Certificate, error) {
 	priv, err := rsa.GenerateKey(cryptorand.Reader, 2048)
 	if err != nil {
-		return Certificate{}, fmt.Errorf("error generating rsa key: %s", err)
+		return Certificate{}, fmt.Errorf("error generating rsa key: %w", err)
 	}
 	return ch.generateSignedCertificateWithKeyInternal(cn, ips, alternateDNS, daysValid, ca, priv)
 }
@@ -363,7 +360,7 @@ func (ch *CryptoRegistry) GenerateSignedCertificateWithPEMKey(
 ) (Certificate, error) {
 	priv, err := ch.parsePrivateKeyPEM(privPEM)
 	if err != nil {
-		return Certificate{}, fmt.Errorf("parsing private key: %s", err)
+		return Certificate{}, fmt.Errorf("parsing private key: %w", err)
 	}
 	return ch.generateSignedCertificateWithKeyInternal(cn, ips, alternateDNS, daysValid, ca, priv)
 }