gosec: impact on performances (v1.58.2) #4735
Description
Welcome
- Yes, I'm using a binary release within 2 latest major releases. Only such installations are supported.
- Yes, I've searched similar issues on GitHub and didn't find any.
- Yes, I've read the typecheck section of the FAQ (https://golangci-lint.run/welcome/faq/#why-do-you-have-typecheck-errors).
- Yes, I've tried with the standalone linter if available (e.g., gocritic, go vet, etc.). (https://golangci-lint.run/usage/linters/)
Description of the problem
The way to detect the Go version has been changed since gosec v2.20.0, this has an impact on performances inside golangci-lint.
v1.58.2
$ golangci-lint run --print-issued-lines=false --enable-only gosec
Time (mean ± σ): 3.185 s ± 0.047 s [User: 8.912 s, System: 6.396 s]
Range (min … max): 3.112 s … 3.288 s 10 runsv1.58.1
$ golangci-lint run --print-issued-lines=false --enable-only gosec
Time (mean ± σ): 606.8 ms ± 18.7 ms [User: 2388.6 ms, System: 1018.3 ms]
Range (min … max): 584.4 ms … 648.8 ms 10 runsRelated to #4724
Related to securego/gosec#1119
Workaround:
linters-settings:
gosec:
excludes:
- G601
- G113Version of golangci-lint
$ golangci-lint --version
golangci-lint has version 1.58.2 built with go1.22.3 from 8c4cfb61 on 2024-05-19T18:08:33ZConfiguration
linters:
disable-all: true
enable:
- gosec
Go environment
$ go version
go version go1.22.3 linux/amd64Verbose output of running
$ golangci-lint cache clean
$ golangci-lint run -v --enable-only gosec
INFO [config_reader] Config search paths: [./ /home/ldez/sources/go/src/github.com/golangci/golangci-lint /home/ldez/sources/go/src/github.com/golangci /home/ldez/sources/go/src/github.com /home/ldez/sources/go/src /home/ldez/sources/go /home/ldez/sources /home/ldez /home /]
INFO [config_reader] Used config file .golangci.yml
WARN [config_reader] The configuration option `linters.errcheck.ignore` is deprecated, please use `linters.errcheck.exclude-functions`.
INFO [lintersdb] Active 1 linters: [gosec]
INFO [loader] Go packages loading at mode 575 (types_sizes|compiled_files|exports_file|files|imports|deps|name) took 276.209269ms
INFO [runner/filename_unadjuster] Pre-built 0 adjustments in 10.74175ms
INFO [linters_context/goanalysis] analyzers took 13.796849767s with top 10 stages: gosec: 13.792391088s, typecheck: 4.458679ms
INFO [runner/skip_dirs] Skipped 1 issues from dir internal/robustio by pattern internal/robustio
INFO [runner/skip_dirs] Skipped 7 issues from dir internal/renameio by pattern internal/renameio
INFO [runner/skip_dirs] Skipped 30 issues from dir internal/cache by pattern internal/cache
INFO [runner] Issues before processing: 84, after processing: 0
INFO [runner] Processors filtering stat (out/in): autogenerated_exclude: 46/46, identifier_marker: 46/46, exclude: 46/46, skip_files: 84/84, skip_dirs: 46/84, exclude-rules: 7/46, nolint: 0/7, invalid_issue: 84/84, path_prettifier: 84/84, cgo: 84/84, filename_unadjuster: 84/84
INFO [runner] processing took 2.523228ms with stages: nolint: 863.927µs, exclude-rules: 520.538µs, path_prettifier: 440.397µs, identifier_marker: 356.908µs, autogenerated_exclude: 178.835µs, skip_dirs: 129.274µs, cgo: 22.382µs, invalid_issue: 5.406µs, filename_unadjuster: 2.21µs, max_same_issues: 679ns, uniq_by_line: 345ns, fixer: 313ns, skip_files: 294ns, source_code: 263ns, max_from_linter: 255ns, exclude: 255ns, path_shortener: 248ns, diff: 214ns, sort_results: 213ns, severity-rules: 94ns, max_per_file_from_linter: 90ns, path_prefixer: 88ns
INFO [runner] linters took 2.995897903s with stages: goanalysis_metalinter: 2.993321711s
INFO File cache stats: 0 entries of total size 0B
INFO Memory: 34 samples, avg is 153.0MB, max is 182.6MB
INFO Execution took 3.286362057s A minimal reproducible example or link to a public repository
Validation
- Yes, I've included all information above (version, config, etc.).