Address linter issues

pkg/api/login.go

@@ -154,7 +154,7 @@ func tryOAuthAutoLogin(c *models.ReqContext) bool {
 	}
 	for key := range setting.OAuthService.OAuthInfos {
 		redirectUrl := setting.AppSubUrl + "/login/" + key
-		log.Infof("OAuth auto login enabled. Redirecting to " + redirectUrl)
+		log.Infof("OAuth auto login enabled. Redirecting to %s", redirectUrl)
 		c.Redirect(redirectUrl, 307)
 		return true
 	}

pkg/api/user.go

@@ -299,7 +299,7 @@ func searchUser(c *models.ReqContext) (*models.SearchUsersQuery, error) {
 	for _, user := range query.Result.Users {
 		user.AvatarUrl = dtos.GetGravatarUrl(user.Email)
 		user.AuthLabels = make([]string, 0)
-		if user.AuthModule != nil && len(user.AuthModule) > 0 {
+		if len(user.AuthModule) > 0 {
 			for _, authModule := range user.AuthModule {
 				user.AuthLabels = append(user.AuthLabels, GetAuthProviderLabel(authModule))
 			}

pkg/components/securejsondata/securejsondata.go

@@ -16,7 +16,7 @@ func (s SecureJsonData) DecryptedValue(key string) (string, bool) {
 	if value, ok := s[key]; ok {
 		decryptedData, err := util.Decrypt(value, setting.SecretKey)
 		if err != nil {
-			log.Fatalf(4, err.Error())
+			log.Fatalf(4, "%s", err.Error())
 		}
 		return string(decryptedData), true
 	}
@@ -30,7 +30,7 @@ func (s SecureJsonData) Decrypt() map[string]string {
 	for key, data := range s {
 		decryptedData, err := util.Decrypt(data, setting.SecretKey)
 		if err != nil {
-			log.Fatalf(4, err.Error())
+			log.Fatalf(4, "%s", err.Error())
 		}
 
 		decrypted[key] = string(decryptedData)
@@ -44,7 +44,7 @@ func GetEncryptedJsonData(sjd map[string]string) SecureJsonData {
 	for key, data := range sjd {
 		encryptedData, err := util.Encrypt([]byte(data), setting.SecretKey)
 		if err != nil {
-			log.Fatalf(4, err.Error())
+			log.Fatalf(4, "%s", err.Error())
 		}
 
 		encrypted[key] = encryptedData

pkg/expr/mathexp/exp_test.go

@@ -38,7 +38,8 @@ func makeSeriesNullableTime(name string, labels data.Labels, points ...nullTimeT
 
 func makeSeries(name string, labels data.Labels, points ...tp) Series {
 	newSeries := NewSeries(name, labels, 0, false, 1, true, len(points))
-	for idx, p := range points {
+	for idx := range points {
+		p := points[idx]
 		err := newSeries.SetPoint(idx, &p.t, p.f)
 		if err != nil {
 			panic(err)
@@ -49,7 +50,8 @@ func makeSeries(name string, labels data.Labels, points ...tp) Series {
 
 func makeNoNullSeries(name string, labels data.Labels, points ...noNullTP) Series {
 	newSeries := NewSeries(name, labels, 0, false, 1, false, len(points))
-	for idx, p := range points {
+	for idx := range points {
+		p := points[idx]
 		err := newSeries.SetPoint(idx, &p.t, &p.f)
 		if err != nil {
 			panic(err)
@@ -60,7 +62,8 @@ func makeNoNullSeries(name string, labels data.Labels, points ...noNullTP) Serie
 
 func makeSeriesTimeSecond(name string, labels data.Labels, points ...timeSecondTP) Series {
 	newSeries := NewSeries(name, labels, 1, false, 0, true, len(points))
-	for idx, p := range points {
+	for idx := range points {
+		p := points[idx]
 		err := newSeries.SetPoint(idx, &p.t, p.f)
 		if err != nil {
 			panic(err)

pkg/infra/log/log.go

@@ -211,7 +211,7 @@ func ReadLoggingConfig(modes []string, logsPath string, cfg *ini.File) error {
 		case "file":
 			fileName := sec.Key("file_name").MustString(filepath.Join(logsPath, "plutono.log"))
 			dpath := filepath.Dir(fileName)
-			if err := os.MkdirAll(dpath, os.ModePerm); err != nil {
+			if err := os.MkdirAll(dpath, 0o750); err != nil {
 				Root.Error("Failed to create directory", "dpath", dpath, "err", err)
 				return errutil.Wrapf(err, "failed to create log directory %q", dpath)
 			}

pkg/login/social/common.go

@@ -64,7 +64,7 @@ func (s *SocialBase) httpGet(client *http.Client, url string) (response httpGetR
 	response = httpGetResponse{body, r.Header}
 
 	if r.StatusCode >= 300 {
-		err = fmt.Errorf(string(response.Body))
+		err = fmt.Errorf("%s", string(response.Body))
 		return
 	}
 

pkg/login/social/generic_oauth.go

@@ -351,7 +351,7 @@ func (s *SocialGenericOAuth) FetchPrivateEmail(client *http.Client) (string, err
 		IsConfirmed bool   `json:"is_confirmed"`
 	}
 
-	response, err := s.httpGet(client, fmt.Sprintf(s.apiUrl+"/emails"))
+	response, err := s.httpGet(client, s.apiUrl+"/emails")
 	if err != nil {
 		s.log.Error("Error getting email address", "url", s.apiUrl+"/emails", "error", err)
 		return "", errutil.Wrap("Error getting email address", err)
@@ -394,7 +394,7 @@ func (s *SocialGenericOAuth) FetchTeamMemberships(client *http.Client) ([]int, b
 		Id int `json:"id"`
 	}
 
-	response, err := s.httpGet(client, fmt.Sprintf(s.apiUrl+"/teams"))
+	response, err := s.httpGet(client, s.apiUrl+"/teams")
 	if err != nil {
 		s.log.Error("Error getting team memberships", "url", s.apiUrl+"/teams", "error", err)
 		return nil, false
@@ -423,7 +423,7 @@ func (s *SocialGenericOAuth) FetchOrganizations(client *http.Client) ([]string,
 		Login string `json:"login"`
 	}
 
-	response, err := s.httpGet(client, fmt.Sprintf(s.apiUrl+"/orgs"))
+	response, err := s.httpGet(client, s.apiUrl+"/orgs")
 	if err != nil {
 		s.log.Error("Error getting organizations", "url", s.apiUrl+"/orgs", "error", err)
 		return nil, false

pkg/login/social/github_oauth.go

@@ -91,7 +91,7 @@ func (s *SocialGithub) FetchPrivateEmail(client *http.Client) (string, error) {
 		Verified bool   `json:"verified"`
 	}
 
-	response, err := s.httpGet(client, fmt.Sprintf(s.apiUrl+"/emails"))
+	response, err := s.httpGet(client, s.apiUrl+"/emails")
 	if err != nil {
 		return "", fmt.Errorf("Error getting email address: %s", err)
 	}
@@ -114,7 +114,7 @@ func (s *SocialGithub) FetchPrivateEmail(client *http.Client) (string, error) {
 }
 
 func (s *SocialGithub) FetchTeamMemberships(client *http.Client) ([]GithubTeam, error) {
-	url := fmt.Sprintf(s.apiUrl + "/teams?per_page=100")
+	url := s.apiUrl + "/teams?per_page=100"
 	hasMore := true
 	teams := make([]GithubTeam, 0)
 
@@ -220,7 +220,7 @@ func (s *SocialGithub) UserInfo(client *http.Client, token *oauth2.Token) (*Basi
 		Role:   role,
 	}
 
-	organizationsUrl := fmt.Sprintf(s.apiUrl + "/orgs")
+	organizationsUrl := s.apiUrl + "/orgs"
 
 	if !s.IsTeamMember(client) {
 		return nil, ErrMissingTeamMembership

pkg/models/datasource_cache_test.go

@@ -134,7 +134,7 @@ func TestDataSource_GetHttpTransport(t *testing.T) {
 		require.NoError(t, err)
 
 		assert.False(t, tr.transport.TLSClientConfig.InsecureSkipVerify)
-		require.Len(t, tr.transport.TLSClientConfig.RootCAs.Subjects(), 1)
+		require.Len(t, tr.transport.TLSClientConfig.RootCAs.Subjects(), 1) //nolint:staticcheck
 		assert.Equal(t, "server-name", tr.transport.TLSClientConfig.ServerName)
 	})
 
@@ -377,6 +377,7 @@ AU6WWoaAIEhhbWQfth/Diz3mivl1ARB+YqiWca2mjRPLTPcKJEURDVddQ423el0Q
 llG/Sw5+FquFuChaA6l5KWy7F3bQyA==
 -----END CERTIFICATE-----`
 
+//nolint:gosec
 const clientKey string = `-----BEGIN RSA PRIVATE KEY-----
 MIIEpQIBAAKCAQEA4yWJpbI0RQkozfu9YKXlsa5veUyJzJECoZDJj+rEP3IoozYV
 u5xVyZaaDm+9OpBWXmuVD5zsYjw4Pqm2YWXxrbpygSSLtsWvxuSlLIFIRzmnbttn

pkg/plugins/datasource/wrapper/datasource_plugin_wrapper_v2.go

@@ -109,7 +109,7 @@ func (tw *DatasourcePluginWrapperV2) Query(ctx context.Context, ds *models.DataS
 			qr.Meta = simplejson.NewFromAny(pRes.JsonMeta)
 		}
 		if pRes.Error != "" {
-			qr.Error = fmt.Errorf(pRes.Error)
+			qr.Error = fmt.Errorf("%s", pRes.Error)
 			qr.ErrorString = pRes.Error
 		}
 		tR.Results[refID] = qr

pkg/plugins/plugins.go

@@ -108,7 +108,7 @@ func (pm *PluginManager) Init() error {
 		return err
 	}
 	if !exists {
-		if err = os.MkdirAll(pm.Cfg.PluginsPath, os.ModePerm); err != nil {
+		if err = os.MkdirAll(pm.Cfg.PluginsPath, 0o750); err != nil {
 			pm.log.Error("failed to create external plugins directory", "dir", pm.Cfg.PluginsPath, "error", err)
 		} else {
 			pm.log.Info("External plugins directory created", "directory", pm.Cfg.PluginsPath)

pkg/server/server.go

@@ -227,7 +227,7 @@ func (s *Server) ExitCode(reason error) int {
 	code := 1
 
 	if errors.Is(reason, context.Canceled) && s.shutdownReason != "" {
-		reason = fmt.Errorf(s.shutdownReason)
+		reason = fmt.Errorf("%s", s.shutdownReason)
 		code = 0
 	}
 

pkg/services/alerting/conditions/query.go

@@ -175,7 +175,7 @@ func (c *QueryCondition) executeQuery(context *alerting.EvalContext, timeRange *
 		}
 
 		// If there are dataframes but no series on the result
-		useDataframes := v.Dataframes != nil && (v.Series == nil || len(v.Series) == 0)
+		useDataframes := v.Dataframes != nil && len(v.Series) == 0
 
 		if useDataframes { // convert the dataframes to tsdb.TimeSeries
 			frames, err := v.Dataframes.Decoded()

pkg/services/guardian/guardian_util_test.go

@@ -234,7 +234,7 @@ func (sc *scenarioContext) reportFailure(desc string, expected interface{}, actu
 		buf.WriteString(fmt.Sprintf("\n  Update permission (%d): dashboardId=%d, userId=%d, teamId=%d, role=%v, permission=%s", i, p.DashboardID, p.UserID, p.TeamID, r, p.Permission.String()))
 	}
 
-	sc.t.Fatalf(buf.String())
+	sc.t.Fatalf("%s", buf.String())
 }
 
 func newCustomUserPermission(dashboardID int64, userID int64, permission models.PermissionType) *models.DashboardAcl {

pkg/services/provisioning/notifiers/config_reader.go

@@ -143,7 +143,7 @@ func validateRequiredField(notifications []*notificationsAsConfig) error {
 		}
 
 		if len(errStrings) != 0 {
-			return fmt.Errorf(strings.Join(errStrings, "\n"))
+			return fmt.Errorf("%s", strings.Join(errStrings, "\n"))
 		}
 	}
 

pkg/services/provisioning/plugins/config_reader.go

@@ -98,7 +98,7 @@ func validateRequiredField(apps []*pluginsAsConfig) error {
 		}
 
 		if len(errStrings) != 0 {
-			return fmt.Errorf(strings.Join(errStrings, "\n"))
+			return fmt.Errorf("%s", strings.Join(errStrings, "\n"))
 		}
 	}
 

pkg/services/sqlstore/sqlstore.go

@@ -262,7 +262,7 @@ func (ss *SQLStore) buildConnectionString() (string, error) {
 		if !filepath.IsAbs(ss.dbCfg.Path) {
 			ss.dbCfg.Path = filepath.Join(ss.Cfg.DataPath, ss.dbCfg.Path)
 		}
-		if err := os.MkdirAll(path.Dir(ss.dbCfg.Path), os.ModePerm); err != nil {
+		if err := os.MkdirAll(path.Dir(ss.dbCfg.Path), 0o750); err != nil {
 			return "", err
 		}
 

pkg/setting/setting.go

@@ -696,7 +696,7 @@ func (cfg *Cfg) loadConfiguration(args *CommandLineArgs) (*ini.File, error) {
 		if err2 != nil {
 			return nil, err2
 		}
-		log.Fatalf(3, err.Error())
+		log.Fatalf(3, "%s", err.Error())
 	}
 
 	// apply environment overrides

pkg/tsdb/influxdb/flux/executor.go

@@ -49,7 +49,7 @@ func executeQuery(ctx context.Context, query queryModel, runner queryRunner, max
 					text += " Try using the aggregateWindow() function in your query to reduce the number of points returned."
 				}
 
-				dr.Error = fmt.Errorf(text)
+				dr.Error = fmt.Errorf("%s", text)
 			}
 		}
 	}

scripts/go/configs/.golangci.toml

@@ -20,7 +20,6 @@ rules = "pkg/ruleguard.rules.go"
 disable-all = true
 enable = [
   "bodyclose",
-  "depguard",
   "dogsled",
   "errcheck",
   # "gochecknoinits",
@@ -35,7 +34,6 @@ enable = [
   "govet",
   "ineffassign",
   "misspell",
-  "nakedret",
   "rowserrcheck",
   "exportloopref",
   "staticcheck",
@@ -128,3 +126,15 @@ text = "ST1020"
 [[issues.exclude-rules]]
 linters = ["stylecheck"]
 text = "ST1021"
+
+[[issues.exclude-rules]]
+linters = ["staticcheck"]
+text = "SA1019: \"io/ioutil\" has been deprecated"
+
+[[issues.exclude-rules]]
+linters = ["staticcheck"]
+text = "SA1019: rand.Seed has been deprecated"
+
+[[issues.exclude-rules]]
+linters = ["gosec"]
+text = "G115"

scripts/go/configs/revive-strict.toml

@@ -14,7 +14,7 @@ warningCode = 1
 [rule.error-naming]
 [rule.exported]
 [rule.unexported-return]
-[rule.dot-imports]
+# [rule.dot-imports]
 [rule.receiver-naming]
 [rule.blank-imports]
 [rule.var-naming]