Merge remote-tracking branch 'benma/golangci'

Author: benma

.github/workflows/ci.yml

@@ -21,7 +21,7 @@ env:
   # https://docs.github.com/en/packages/guides/pushing-and-pulling-docker-images
   #
   # Keep this in sync with default in scripts/github-ci.sh.
-  CI_IMAGE: ghcr.io/digitalbitbox/bitbox-wallet-app-ci:19
+  CI_IMAGE: ghcr.io/digitalbitbox/bitbox-wallet-app-ci:20
   GITHUB_BUILD_DIR: ${{github.workspace}}
 
 jobs:

.golangci.yml

@@ -3,7 +3,7 @@
 
 # options for analysis running
 run:
-  go: 1.20
+  go: 1.21
 
   # default concurrency is a available CPU number
   concurrency: 4
@@ -141,6 +141,12 @@ linters:
     - structcheck
     - deadcode
     - varcheck
+    - depguard
+    - inamedparam
+    - protogetter
+    - gosmopolitan
+    # todo: enable this, but there are a lot of hits
+    - testifylint
   disable-all: false
 
 issues:

Makefile

@@ -21,7 +21,7 @@ catch:
 	@echo "Choose a make target."
 envinit:
 	# Keep golangci-lint version in sync with what's in .github/workflows/ci.yml.
-	curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh| sh -s -- -b $(GOPATH)/bin v1.51.1
+	curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh| sh -s -- -b $(GOPATH)/bin v1.55.2
 	go install github.com/vektra/mockery/v2@latest
 	go install github.com/matryer/moq@latest
 	go install golang.org/x/tools/cmd/goimports@latest
@@ -33,7 +33,7 @@ envinit:
 # Initializiation on MacOS
 #  - run make from $GOPATH/src/github.com/digitalbitbox/bitbox-wallet-app
 #  - additional dependencies: Qt 5.15 & Xcode command line tools
-#  - add to $PATH: /usr/local/opt/go@1.20/bin
+#  - add to $PATH: /usr/local/opt/go@1.21/bin
 osx-init:
 	./scripts/osx-brew.sh
 	$(MAKE) envinit

README.md

@@ -47,7 +47,7 @@ The below instructions assume a unix environment.
 
 To build the app or run the development workflow, the following dependencies need to be installed:
 
-- [Go](https://golang.org/doc/install) version 1.20
+- [Go](https://golang.org/doc/install) version 1.21
 - [Node.js](https://nodejs.org/) version 18.x
 - [NPM](https://docs.npmjs.com/about-npm-versions) version 9.x or newer
 - [Qt5](https://www.qt.io) version 5.15.2
@@ -193,4 +193,4 @@ Get Ethereum Goerli coins here: https://goerlifaucet.com/
 
 Get Ethereum Sepolia coins here: https://faucet.sepolia.dev/
 
-In case any of the Ethereum faucets are not working, you can try others from here: https://faucetlink.to (some require account creation)
+In case any of the Ethereum faucets are not working, you can try others from here: https://faucetlink.to (some require account creation)

appveyor.yml

@@ -11,7 +11,7 @@ environment:
 
 # https://www.appveyor.com/docs/windows-images-software/#golang
 # If you change this, also change the GOROOT variable above to point to the right installation folder.
-stack: go 1.20
+stack: go 1.21
 
 install:
   - ps: Install-Product node $env:nodejs_version

backend/aopp_test.go

@@ -36,6 +36,8 @@ import (
 const dummyMsg = "message to be signed"
 const dummySignature = "signature"
 
+const uriPrefix = "aopp:?"
+
 var rootFingerprint = []byte{0x55, 0x055, 0x55, 0x55}
 var rootFingerprint2 = []byte{0x66, 0x066, 0x66, 0x66}
 
@@ -195,7 +197,7 @@ func TestAOPPSuccess(t *testing.T) {
 			params.Set("callback", callback)
 
 			require.Equal(t, AOPP{State: aoppStateInactive}, b.AOPP())
-			b.HandleURI("aopp:?" + params.Encode())
+			b.HandleURI(uriPrefix + params.Encode())
 			require.Equal(t,
 				AOPP{
 					State:    aoppStateUserApproval,
@@ -268,7 +270,7 @@ func TestAOPPSuccess(t *testing.T) {
 		defer b.Close()
 		params := defaultParams()
 		params.Set("callback", server.URL)
-		b.HandleURI("aopp:?" + params.Encode())
+		b.HandleURI(uriPrefix + params.Encode())
 		require.Equal(t, aoppStateUserApproval, b.AOPP().State)
 		b.AOPPApprove()
 		require.Equal(t, aoppStateAwaitingKeystore, b.AOPP().State)
@@ -288,7 +290,7 @@ func TestAOPPSuccess(t *testing.T) {
 		params := defaultParams()
 		params.Set("callback", server.URL)
 		b.registerKeystore(makeKeystore(t, scriptTypeRef(signing.ScriptTypeP2WPKH), keystoreHelper.ExtendedPublicKey))
-		b.HandleURI("aopp:?" + params.Encode())
+		b.HandleURI(uriPrefix + params.Encode())
 		require.Equal(t, aoppStateUserApproval, b.AOPP().State)
 		b.AOPPApprove()
 		require.Equal(t, aoppStateSuccess, b.AOPP().State)
@@ -300,7 +302,7 @@ func TestAOPPSuccess(t *testing.T) {
 		defer b.Close()
 		params := defaultParams()
 		b.registerKeystore(makeKeystore(t, scriptTypeRef(signing.ScriptTypeP2WPKH), keystoreHelper.ExtendedPublicKey))
-		b.HandleURI("aopp:?" + params.Encode())
+		b.HandleURI(uriPrefix + params.Encode())
 		require.Equal(t, aoppStateUserApproval, b.AOPP().State)
 		b.DeregisterKeystore()
 		b.AOPPApprove()
@@ -349,7 +351,7 @@ func TestAOPPFailures(t *testing.T) {
 		defer b.Close()
 		params := defaultParams()
 		params.Set("v", "1")
-		b.HandleURI("aopp:?" + params.Encode())
+		b.HandleURI(uriPrefix + params.Encode())
 		require.Equal(t, aoppStateError, b.AOPP().State)
 		require.Equal(t, errAOPPVersion, b.AOPP().ErrorCode)
 
@@ -359,7 +361,7 @@ func TestAOPPFailures(t *testing.T) {
 		defer b.Close()
 		params := defaultParams()
 		params.Del("callback")
-		b.HandleURI("aopp:?" + params.Encode())
+		b.HandleURI(uriPrefix + params.Encode())
 		require.Equal(t, aoppStateError, b.AOPP().State)
 		require.Equal(t, errAOPPInvalidRequest, b.AOPP().ErrorCode)
 	})
@@ -368,7 +370,7 @@ func TestAOPPFailures(t *testing.T) {
 		defer b.Close()
 		params := defaultParams()
 		params.Set("callback", ":not a valid url")
-		b.HandleURI("aopp:?" + params.Encode())
+		b.HandleURI(uriPrefix + params.Encode())
 		require.Equal(t, aoppStateError, b.AOPP().State)
 		require.Equal(t, errAOPPInvalidRequest, b.AOPP().ErrorCode)
 	})
@@ -377,7 +379,7 @@ func TestAOPPFailures(t *testing.T) {
 		defer b.Close()
 		params := defaultParams()
 		params.Del("msg")
-		b.HandleURI("aopp:?" + params.Encode())
+		b.HandleURI(uriPrefix + params.Encode())
 		require.Equal(t, aoppStateError, b.AOPP().State)
 		require.Equal(t, errAOPPInvalidRequest, b.AOPP().ErrorCode)
 	})
@@ -386,15 +388,15 @@ func TestAOPPFailures(t *testing.T) {
 		defer b.Close()
 		params := defaultParams()
 		params.Set("asset", "<invalid>")
-		b.HandleURI("aopp:?" + params.Encode())
+		b.HandleURI(uriPrefix + params.Encode())
 		require.Equal(t, aoppStateError, b.AOPP().State)
 		require.Equal(t, errAOPPUnsupportedAsset, b.AOPP().ErrorCode)
 	})
 	t.Run("cant_sign", func(t *testing.T) {
 		b := newBackend(t, testnetDisabled, regtestDisabled)
 		defer b.Close()
 		params := defaultParams()
-		b.HandleURI("aopp:?" + params.Encode())
+		b.HandleURI(uriPrefix + params.Encode())
 		b.AOPPApprove()
 		ks2 := makeKeystore(t, scriptTypeRef(signing.ScriptTypeP2WPKH), keystoreHelper.ExtendedPublicKey)
 		ks2.CanSignMessageFunc = func(coinpkg.Code) bool {
@@ -410,7 +412,7 @@ func TestAOPPFailures(t *testing.T) {
 		params := defaultParams()
 		b.registerKeystore(ks)
 		require.NoError(t, b.SetAccountActive("v0-55555555-btc-0", false))
-		b.HandleURI("aopp:?" + params.Encode())
+		b.HandleURI(uriPrefix + params.Encode())
 		b.AOPPApprove()
 		require.Equal(t, aoppStateError, b.AOPP().State)
 		require.Equal(t, errAOPPNoAccounts, b.AOPP().ErrorCode)
@@ -420,7 +422,7 @@ func TestAOPPFailures(t *testing.T) {
 		defer b.Close()
 		params := defaultParams()
 		params.Set("format", "p2pkh")
-		b.HandleURI("aopp:?" + params.Encode())
+		b.HandleURI(uriPrefix + params.Encode())
 		b.AOPPApprove()
 		b.registerKeystore(ks)
 		require.Equal(t, aoppStateError, b.AOPP().State)
@@ -430,7 +432,7 @@ func TestAOPPFailures(t *testing.T) {
 		b := newBackend(t, testnetDisabled, regtestDisabled)
 		defer b.Close()
 		params := defaultParams()
-		b.HandleURI("aopp:?" + params.Encode())
+		b.HandleURI(uriPrefix + params.Encode())
 		b.AOPPApprove()
 		ks2 := makeKeystore(t, scriptTypeRef(signing.ScriptTypeP2WPKH), keystoreHelper.ExtendedPublicKey)
 		ks2.SignBTCMessageFunc = func([]byte, signing.AbsoluteKeypath, signing.ScriptType) ([]byte, error) {
@@ -452,7 +454,7 @@ func TestAOPPFailures(t *testing.T) {
 
 		params := defaultParams()
 		params.Set("callback", server.URL)
-		b.HandleURI("aopp:?" + params.Encode())
+		b.HandleURI(uriPrefix + params.Encode())
 		b.AOPPApprove()
 		b.registerKeystore(ks)
 		b.AOPPChooseAccount("v0-55555555-btc-0")

backend/coins/btc/db/headersdb/headersdb_test.go

@@ -59,10 +59,10 @@ func TestFixTrailingZeroes(t *testing.T) {
 	require.NoError(t, err)
 	filename := f.Name()
 
-	_, err = f.Write([]byte(
+	_, err = f.WriteString(
 		"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
 			"bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
-	))
+	)
 	require.NoError(t, err)
 	// Add 10 zero-byte headers that will be stripped off.
 	_, err = f.Write(make([]byte, 80*10))

docs/BUILD.md

@@ -30,11 +30,11 @@ Build artifacts:
 
 ## MacOS
 
-Make sure you have `qt@5/bin`, `go@1.20/bin` and `go/bin` in your PATH, i.e. add to your `.zshrc`
+Make sure you have `qt@5/bin`, `go@1.21/bin` and `go/bin` in your PATH, i.e. add to your `.zshrc`
 
 ```bash
 export PATH="$PATH:/usr/local/opt/qt@5/bin"
-export PATH="$PATH:/usr/local/opt/go@1.20/bin"
+export PATH="$PATH:/usr/local/opt/go@1.21/bin"
 export PATH="$PATH:$HOME/go/bin"
 ```
 
@@ -67,7 +67,7 @@ $  xcrun altool --notarization-info NOTARIZATION_ID --username "APPLE_ID" --pass
 The build requires `Microsoft Visual Studio 2019 Community Edition`, with the `MSVC v142 - VS 2019 C++ x64/x86 build tools (Latest)`
 individual component.
 
-It also requires `mingw-w64`, `bash` (e.g. `git-bash`), `make`,`go 1.20`, `node@18`, `QT 5.15.2` with `qtwebengine`, `nsis`
+It also requires `mingw-w64`, `bash` (e.g. `git-bash`), `make`,`go 1.21`, `node@18`, `QT 5.15.2` with `qtwebengine`, `nsis`
 and possibly other tools.
 
 Some of the tools are easy to install with `choco`:

scripts/docker_install.sh

@@ -46,7 +46,7 @@ npm install -g npm@9.6.5
 npm install -g locize-cli
 
 mkdir -p /opt/go_dist
-curl https://dl.google.com/go/go1.20.1.linux-amd64.tar.gz | tar -xz -C /opt/go_dist
+curl https://dl.google.com/go/go1.21.6.linux-amd64.tar.gz | tar -xz -C /opt/go_dist
 
 # Needed for qt5. fuse is needed to run the linuxdeployqt appimage.
 apt-get install -y --no-install-recommends fuse

scripts/github-ci.sh

@@ -12,7 +12,7 @@ if [ "$OS_NAME" == "linux" ]; then
     # Which docker image to use to run the CI. Defaults to Docker Hub.
     # Overwrite with CI_IMAGE=docker/image/path environment variable.
     # Keep this in sync with .github/workflows/ci.yml.
-    : "${CI_IMAGE:=shiftcrypto/bitbox-wallet-app:19}"
+    : "${CI_IMAGE:=shiftcrypto/bitbox-wallet-app:20}"
     # Time image pull to compare in the future.
     time docker pull "$CI_IMAGE"