chore: update linter, dependencies, and CI

.github/workflows/go-cross.yml

@@ -3,8 +3,12 @@ name: Go Matrix
 on:
   push:
     branches:
+      - main
       - master
   pull_request:
+    branches:
+      - main
+      - master
 
 jobs:
 
@@ -22,13 +26,8 @@ jobs:
         # os: [ubuntu-latest, macos-latest, windows-latest]
 
     steps:
-      # https://github.com/marketplace/actions/checkout
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      # https://github.com/marketplace/actions/setup-go-environment
-      - name: Set up Go ${{ matrix.go-version }}
-        uses: actions/setup-go@v5
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
         with:
           go-version: ${{ matrix.go-version }}
 

.github/workflows/pr.yml

@@ -1,7 +1,14 @@
 name: Main
 
 on:
+  push:
+    branches:
+      - main
+      - master
   pull_request:
+    branches:
+      - main
+      - master
 
 jobs:
 
@@ -10,20 +17,11 @@ jobs:
     runs-on: ubuntu-latest
     env:
       GO_VERSION: stable
-      GOLANGCI_LINT_VERSION: v1.57.2
+      GOLANGCI_LINT_VERSION: v1.59.1
 
     steps:
-
-      # https://github.com/marketplace/actions/checkout
-      - name: Check out code
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-
-      # https://github.com/marketplace/actions/setup-go-environment
-      - name: Set up Go ${{ env.GO_VERSION }}
-        uses: actions/setup-go@v5
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
         with:
           go-version: ${{ env.GO_VERSION }}
 

.golangci.yml

@@ -49,38 +49,33 @@ linters-settings:
   testifylint:
     disable:
       - go-require
+  perfsprint:
+    err-error: true
+    errorf: true
+    sprintf1: true
+    strconcat: false
 
 linters:
   enable-all: true
   disable:
-    - deadcode # deprecated
-    - exhaustivestruct # deprecated
-    - golint # deprecated
-    - ifshort # deprecated
-    - interfacer # deprecated
-    - maligned # deprecated
-    - nosnakecase # deprecated
-    - scopelint # deprecated
-    - structcheck # deprecated
-    - varcheck # deprecated
+    - gomnd # deprecated
+    - execinquery # deprecated
     - sqlclosecheck # not relevant (SQL)
     - rowserrcheck # not relevant (SQL)
-    - execinquery # not relevant (SQL)
     - cyclop # duplicate of gocyclo
     - lll
     - dupl
     - wsl
     - nlreturn
-    - gomnd
-    - goerr113
+    - mnd
+    - err113
     - wrapcheck
     - exhaustive
     - exhaustruct
     - testpackage
     - tparallel
     - paralleltest
     - prealloc
-    - ifshort
     - forcetypeassert
     - bodyclose # Too many false positives: https://github.com/timakin/bodyclose/issues/30
     - varnamelen
@@ -92,9 +87,6 @@ linters:
     - gochecknoglobals # TODO(ldez) should be use on the project
     - nestif # TODO(ldez) should be use on the project
     - musttag
-    - perfsprint # TODO(ldez) should be use on the project
-    - copyloopvar # TODO(ldez) should be use on the project (only for go>=1.22)
-    - intrange # TODO(ldez) should be use on the project (only for go>=1.22)
 
 output:
   show-stats: true
@@ -115,14 +107,14 @@ issues:
     - 'Error return value of .((os\\.)?std(out|err)\\..*|.*Close|.*Flush|os\\.Remove(All)?|.*printf?|os\\.(Un)?Setenv). is not checked'
     - 'SA1019: http.CloseNotifier has been deprecated'
     - 'exported: func name will be used as roundrobin.RoundRobinRequestRewriteListener by other packages'# TODO(ldez) must be fixed
-    - 'G101: Potential hardcoded credentials' # TODO(ldez) https://github.com/golangci/golangci-lint/issues/4037
 
   exclude-rules:
     - path: .*_test.go
       linters:
         - funlen
         - gosec
         - goconst
+        - canonicalheader
     - path: testutils/.+
       linters:
         - gosec

cbreaker/cbreaker_test.go

@@ -1,6 +1,7 @@
 package cbreaker
 
 import (
+	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -115,7 +116,7 @@ func TestRedirectWithPath(t *testing.T) {
 
 	client := &http.Client{
 		CheckRedirect: func(_ *http.Request, _ []*http.Request) error {
-			return fmt.Errorf("no redirects")
+			return errors.New("no redirects")
 		},
 	}
 
@@ -145,7 +146,7 @@ func TestRedirect(t *testing.T) {
 
 	client := &http.Client{
 		CheckRedirect: func(_ *http.Request, _ []*http.Request) error {
-			return fmt.Errorf("no redirects")
+			return errors.New("no redirects")
 		},
 	}
 

cbreaker/effect.go

@@ -2,7 +2,7 @@ package cbreaker
 
 import (
 	"bytes"
-	"fmt"
+	"errors"
 	"io"
 	"net/http"
 	"net/url"
@@ -35,7 +35,7 @@ type WebhookSideEffect struct {
 // NewWebhookSideEffectsWithLogger creates a new WebhookSideEffect.
 func NewWebhookSideEffectsWithLogger(w Webhook, l utils.Logger) (*WebhookSideEffect, error) {
 	if w.Method == "" {
-		return nil, fmt.Errorf("supply method")
+		return nil, errors.New("supply method")
 	}
 	_, err := url.Parse(w.URL)
 	if err != nil {

connlimit/connlimit.go

@@ -2,6 +2,7 @@
 package connlimit
 
 import (
+	"errors"
 	"fmt"
 	"net/http"
 	"sync"
@@ -28,7 +29,7 @@ type ConnLimiter struct {
 // New creates a new ConnLimiter.
 func New(next http.Handler, extract utils.SourceExtractor, maxConnections int64, options ...Option) (*ConnLimiter, error) {
 	if extract == nil {
-		return nil, fmt.Errorf("extract function can not be nil")
+		return nil, errors.New("extract function can not be nil")
 	}
 
 	cl := &ConnLimiter{

connlimit/connlimit_test.go

@@ -1,7 +1,7 @@
 package connlimit
 
 import (
-	"fmt"
+	"errors"
 	"net/http"
 	"net/http/httptest"
 	"testing"
@@ -104,7 +104,7 @@ func headerLimiter(req *http.Request) (string, int64, error) {
 }
 
 func faultyExtractor(_ *http.Request) (string, int64, error) {
-	return "", -1, fmt.Errorf("oops")
+	return "", -1, errors.New("oops")
 }
 
 var headerLimit = utils.ExtractorFunc(headerLimiter)

go.mod

@@ -4,12 +4,12 @@ go 1.19
 
 require (
 	github.com/HdrHistogram/hdrhistogram-go v1.1.2
-	github.com/gorilla/websocket v1.5.1
+	github.com/gorilla/websocket v1.5.3
 	github.com/mailgun/multibuf v0.1.2
 	github.com/segmentio/fasthash v1.0.3
 	github.com/stretchr/testify v1.9.0
 	github.com/vulcand/predicate v1.2.0
-	golang.org/x/net v0.24.0
+	golang.org/x/net v0.26.0
 )
 
 require (
@@ -18,8 +18,8 @@ require (
 	github.com/jonboulle/clockwork v0.4.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
-	golang.org/x/crypto v0.22.0 // indirect
-	golang.org/x/sys v0.19.0 // indirect
-	golang.org/x/term v0.19.0 // indirect
+	golang.org/x/crypto v0.24.0 // indirect
+	golang.org/x/sys v0.21.0 // indirect
+	golang.org/x/term v0.21.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

go.sum

@@ -23,8 +23,8 @@ github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5y
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
 github.com/google/go-cmp v0.5.4 h1:L8R9j+yAqZuZjsqh/z+F1NCffTKKLShY6zXTItVIZ8M=
 github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY=
-github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY=
+github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
+github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
 github.com/gravitational/trace v1.1.16-0.20220114165159-14a9a7dd6aaf h1:C1GPyPJrOlJlIrcaBBiBpDsqZena2Ks8spa5xZqr1XQ=
 github.com/gravitational/trace v1.1.16-0.20220114165159-14a9a7dd6aaf/go.mod h1:zXqxTI6jXDdKnlf8s+nT+3c8LrwUEy3yNpO4XJL90lA=
 github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8=
@@ -59,8 +59,8 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk
 golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30=
-golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
+golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI=
+golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM=
 golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
@@ -83,8 +83,8 @@ golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w=
-golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8=
+golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ=
+golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -96,10 +96,10 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
-golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q=
-golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk=
+golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws=
+golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.21.0 h1:WVXCp+/EBEHOj53Rvu+7KiT/iElMrO8ACK16SMZ3jaA=
+golang.org/x/term v0.21.0/go.mod h1:ooXLefLobQVslOqselCNF4SxFAaoS6KujMbsGzSDmX0=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=

memmetrics/counter.go

@@ -1,7 +1,7 @@
 package memmetrics
 
 import (
-	"fmt"
+	"errors"
 	"time"
 
 	"github.com/vulcand/oxy/v2/internal/holsterv4/clock"
@@ -23,10 +23,10 @@ type RollingCounter struct {
 // By default, creates a bucket with 10 buckets and 1 second resolution.
 func NewCounter(buckets int, resolution time.Duration, options ...rcOption) (*RollingCounter, error) {
 	if buckets <= 0 {
-		return nil, fmt.Errorf("buckets should be >= 0")
+		return nil, errors.New("buckets should be >= 0")
 	}
 	if resolution < clock.Second {
-		return nil, fmt.Errorf("resolution should be larger than a second")
+		return nil, errors.New("resolution should be larger than a second")
 	}
 
 	rc := &RollingCounter{

memmetrics/histogram.go

@@ -1,6 +1,7 @@
 package memmetrics
 
 import (
+	"errors"
 	"fmt"
 	"time"
 
@@ -73,7 +74,7 @@ func (h *HDRHistogram) RecordValues(v, n int64) error {
 // Merge merges a HDRHistogram.
 func (h *HDRHistogram) Merge(other *HDRHistogram) error {
 	if other == nil {
-		return fmt.Errorf("other is nil")
+		return errors.New("other is nil")
 	}
 	h.h.Merge(other.h)
 	return nil
@@ -145,7 +146,7 @@ func (r *RollingHDRHistogram) Export() *RollingHDRHistogram {
 // Append appends a RollingHDRHistogram.
 func (r *RollingHDRHistogram) Append(o *RollingHDRHistogram) error {
 	if r.bucketCount != o.bucketCount || r.period != o.period || r.low != o.low || r.high != o.high || r.sigfigs != o.sigfigs {
-		return fmt.Errorf("can't merge")
+		return errors.New("can't merge")
 	}
 
 	for i := range r.buckets {

ratelimit/bucket.go

@@ -1,6 +1,7 @@
 package ratelimit
 
 import (
+	"errors"
 	"fmt"
 	"time"
 
@@ -66,7 +67,7 @@ func (tb *tokenBucket) consume(tokens int64) (time.Duration, error) {
 	tb.updateAvailableTokens()
 	tb.lastConsumed = 0
 	if tokens > tb.burst {
-		return UndefinedDelay, fmt.Errorf("requested tokens larger than max tokens")
+		return UndefinedDelay, errors.New("requested tokens larger than max tokens")
 	}
 	if tb.availableTokens < tokens {
 		return tb.timeTillAvailable(tokens), nil

ratelimit/tokenlimiter.go

@@ -2,6 +2,7 @@
 package ratelimit
 
 import (
+	"errors"
 	"fmt"
 	"net/http"
 	"sync"
@@ -77,10 +78,10 @@ type TokenLimiter struct {
 // New constructs a `TokenLimiter` middleware instance.
 func New(next http.Handler, extract utils.SourceExtractor, defaultRates *RateSet, opts ...TokenLimiterOption) (*TokenLimiter, error) {
 	if defaultRates == nil || len(defaultRates.m) == 0 {
-		return nil, fmt.Errorf("provide default rates")
+		return nil, errors.New("provide default rates")
 	}
 	if extract == nil {
-		return nil, fmt.Errorf("provide extract function")
+		return nil, errors.New("provide extract function")
 	}
 	tl := &TokenLimiter{
 		next:         next,