Open-source projects audit (0.3.4)

[quasilyte]

As a part of checkers stabilization and testing process, I'm going to check several projects with latest gocritic. Everyone are welcome to join this activity.

✔️ Go/CL135835 assignOp
✔️ Go/CL135836 boolExprSimplify
✔️ Go/CL135837 unlabelStmt
✔️ Go/CL135838 dupSubExpr

microsoft/go-winio#97 namedConst

✔️ inkyblackness/hacked#43 unlambda
✔️ inkyblackness/hacked#44 commentedOutCode
✔️ inkyblackness/hacked#45 assignOp
✖️ inkyblackness/hacked#46 namedConst
✔️ inkyblackness/hacked#47 rangeExprCopy
✔️ inkyblackness/hacked#48 hugeParam

✔️ graphql-go/graphql#395 emptyFallthrough
✔️ graphql-go/graphql#396 commentedOutCode

✔️ gin-gonic/gin#1540 commentedOutCode
✔️ gin-gonic/gin#1541 unslice

✔️ valyala/fasthttp#413 deprecatedComment

✔️ dgraph-io/dgraph#2587 commentedOutCode
✔️ dgraph-io/dgraph#2588 unslice
✔️ dgraph-io/dgraph#2589 assignOp
✔️ dgraph-io/dgraph#2590 namedConst
✔️ dgraph-io/dgraph#2591 deadCodeAfterLogFatal
✔️ dgraph-io/dgraph#2592 typeSwitchVar
✔️ dgraph-io/dgraph#2593 sloppyLen

✔️ snail007/goproxy#140 emptyFallthrough
✔️ snail007/goproxy#141 commentedOutCode
✔️ snail007/goproxy#142 underef

✔️ json-iterator/go#304 emptyFallthrough
✔️ json-iterator/go#305 assignOp
✔️ json-iterator/go#306 underef
✔️ json-iterator/go#307 commentedOutCode

coyove/goflyway#91 caseOrder
coyove/goflyway#92 typeSwitchVar
coyove/goflyway#93 switchTrue
coyove/goflyway#94 commentedOutCode
coyove/goflyway#95 commentedOutCode

✖️ qustavo/httplab#80 namedConst
✔️ qustavo/httplab#81 unlambda
✔️ qustavo/httplab#82 assignOp

✔️ shirou/gopsutil#583 emptyFallthrough
✔️ shirou/gopsutil#584 commentedOutCode

btcsuite/btcd#1290 rangeExprCopy
btcsuite/btcd#1291 deprecatedComment
btcsuite/btcd#1292 regexpMust
btcsuite/btcd#1293 emptyFallthrough
btcsuite/btcd#1294 unslice
btcsuite/btcd#1295 namedConst
btcsuite/btcd#1296 commentedOutCode

✔️appleboy/gorush#370 rangeValCopy
✔️ appleboy/gorush#371 deadCodeAfterFatal
✔️ appleboy/gorush#372 unlambda

✔️ casbin/casbin#131 typeUnparen
✔️ casbin/casbin#132 typeSwitchVar
✔️ casbin/casbin#133 commentedOutCode

✔️ goby-lang/goby#741 typeSwitchVar
✔️ goby-lang/goby#742 dupArg
✔️ goby-lang/goby#743 unlambda

✔️ golang/protobuf#704 commentedOutCode
✔️ golang/protobuf#705 stdExpr
✔️ golang/protobuf#706 sloppyLen

✔️ hybridgroup/gobot#617 dupSubExpr

robertkrimen/otto#320 unlambda
robertkrimen/otto#321 underef
robertkrimen/otto#322 singleCaseSwitch
robertkrimen/otto#323 commentedOutCode
robertkrimen/otto#324 unslice

✖️ umputun/remark42#203 commentedOutCode
✖️ umputun/remark42#204 singleCaseSwitch

✔️ oxequa/realize#212 sloppyLen
oxequa/realize#213 hugeParam, rangeValCopy
✔️ oxequa/realize#214 deadCodeAfterLogFatal
✔️ oxequa/realize#215 unlambda
oxequa/realize#216 appendAssign

✔️ #646 deadCodeAfterLogFatal

[cristaloleg]

blevesearch/bleve#995 builtinShadow, typeSwitchVar, singleCaseSwitch
blevesearch/bleve#996 sloppyLen

[quasilyte]

@cristaloleg, I still think that doing multiple PR, one per each kind of an issue, is preferable, since some of the checks might not match maintainers tastes, so they can easily decline one PR and you don't have to send new patch sets. It also easier to review and can be done incrementally (approve simplest checks, review more complex changes later).

[quasilyte]

Also found a case that is not handled with gosimple S1009.
Reported to the maintainers.

[ludweeg]

btcsuite/btcd/pull/1297 assignOp

✔️ ethereum/go-ethereum/pull/17673 unslice

✔️ square/certstrap/pull/59 unslice

✔️ google/keytransparency/pull/1036 unslice

[quasilyte]

I'll do some manual audits later, probably somewhere near the weekend, to find new checkers ideas or to find false negatives that were not found by any of our (or external) linters.