diff options
author | Patrick Steinhardt <psteinhardt@gitlab.com> | 2021-11-11 15:43:39 +0300 |
---|---|---|
committer | Patrick Steinhardt <psteinhardt@gitlab.com> | 2021-11-12 17:39:42 +0300 |
commit | f8fb50aa1610d9f2cdeab79ddf2d46ae671f8cee (patch) | |
tree | 258eeb32e2cb6b0cc86a8c421e72089ce46417aa /.golangci.yml | |
parent | f670482dcb4fb6cacc81308e91ec7f194da4e820 (diff) |
lint: Enable bidichk linter
With golangci-lint v1.43, a new bidichk linter has been added. This
linter checks sources for bidirectional control characters which can be
abused to conceal adversary code behind seemingly benign code. This
issue (CVE-2021-42694, Trojan Source [1]), makes it easy for an
adversary to get changes through code review.
Enable the bidichk linter to detect any use of such characters to
protect us against such supply chain attacks.
[1]: https://trojansource.codes/
Diffstat (limited to '.golangci.yml')
-rw-r--r-- | .golangci.yml | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/.golangci.yml b/.golangci.yml index 4b7eeab90..6eefcc7f3 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -8,6 +8,7 @@ run: linters: disable-all: true enable: + - bidichk - deadcode - errcheck - exportloopref |