From 8f15e288282ddb68fe8b4ac2d85169b832f66fca Mon Sep 17 00:00:00 2001 From: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com> Date: Mon, 16 Mar 2026 16:35:08 +0530 Subject: [PATCH 01/13] - Upgraded manifest parser version to v0.1.2 --- go.mod | 2 +- go.sum | 6 ++---- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index 496beb980..d36e66cb1 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/Checkmarx/containers-types v1.0.9 github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63 github.com/Checkmarx/gen-ai-wrapper v1.0.3 - github.com/Checkmarx/manifest-parser v0.1.1 + github.com/Checkmarx/manifest-parser v0.1.2 github.com/Checkmarx/secret-detection v1.2.1 github.com/MakeNowJust/heredoc v1.0.0 github.com/alexbrainman/sspi v0.0.0-20210105120005-909beea2cc74 diff --git a/go.sum b/go.sum index 8f1c4c936..62a619c15 100644 --- a/go.sum +++ b/go.sum @@ -77,8 +77,8 @@ github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63 h1:SCuTcE github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63/go.mod h1:MI6lfLerXU+5eTV/EPTDavgnV3owz3GPT4g/msZBWPo= github.com/Checkmarx/gen-ai-wrapper v1.0.3 h1:p7lc/U4dFltsIxAEeWeDNW4+8ovvlJvdb5pVBLcbKs8= github.com/Checkmarx/gen-ai-wrapper v1.0.3/go.mod h1:xwRLefezwNNnRGu1EjGS6wNiR9FVV/eP9D+oXwLViVM= -github.com/Checkmarx/manifest-parser v0.1.1 h1:Yp/fy0NjeLxxcS8y9AA9yIzWafC/Zeqn36YjVSe91DU= -github.com/Checkmarx/manifest-parser v0.1.1/go.mod h1:hh5FX5FdDieU8CKQEkged4hfOaSylpJzub8PRFXa4kA= +github.com/Checkmarx/manifest-parser v0.1.2 h1:Sh2xkpeOWKu56Y7wo+ljckNGHAQX1uITEeH3cI2T0pg= +github.com/Checkmarx/manifest-parser v0.1.2/go.mod h1:hh5FX5FdDieU8CKQEkged4hfOaSylpJzub8PRFXa4kA= github.com/Checkmarx/secret-detection v1.2.1 h1:Hzpz74dcN/L14Q86ARvPOZpKBnERzGTpy6sl1RXKOTo= github.com/Checkmarx/secret-detection v1.2.1/go.mod h1:kbXbtIQisDdB/TNuV7r9HPclEznUyBHLQ5yr7IX7vBQ= github.com/CycloneDX/cyclonedx-go v0.9.2 h1:688QHn2X/5nRezKe2ueIVCt+NRqf7fl3AVQk+vaFcIo= @@ -297,8 +297,6 @@ github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5Qvfr github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= github.com/dlclark/regexp2 v1.11.0 h1:G/nrcoOa7ZXlpoa/91N3X7mM3r8eIlMBBJZvsz/mxKI= github.com/dlclark/regexp2 v1.11.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8= -github.com/docker/cli v29.0.3+incompatible h1:8J+PZIcF2xLd6h5sHPsp5pvvJA+Sr2wGQxHkRl53a1E= -github.com/docker/cli v29.0.3+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/cli v29.2.0+incompatible h1:9oBd9+YM7rxjZLfyMGxjraKBKE4/nVyvVfN4qNl9XRM= github.com/docker/cli v29.2.0+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= From f96ff1b1cdf8e1d125dc8334d684825cbcd96b8d Mon Sep 17 00:00:00 2001 From: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com> Date: Mon, 16 Mar 2026 20:30:13 +0530 Subject: [PATCH 02/13] - Upgraded go version to 1.25 --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index d36e66cb1..8f2f7d925 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/checkmarx/ast-cli -go 1.24.13 +go 1.25 require ( github.com/Checkmarx/containers-resolver v1.0.32 From 942f4949ee79087fc37c71605b57810f738048de Mon Sep 17 00:00:00 2001 From: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com> Date: Mon, 16 Mar 2026 20:58:36 +0530 Subject: [PATCH 03/13] - Fixed lint issue --- .github/workflows/ci-tests.yml | 2 +- .golangci.yml | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci-tests.yml b/.github/workflows/ci-tests.yml index af5ad5120..7c8c5df73 100644 --- a/.github/workflows/ci-tests.yml +++ b/.github/workflows/ci-tests.yml @@ -130,7 +130,7 @@ jobs: uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc #v3 with: skip-pkg-cache: true - version: v1.64.2 + version: v1.66.0 args: -c .golangci.yml --timeout 5m only-new-issues: true diff --git a/.golangci.yml b/.golangci.yml index 6e90bdd56..92242496b 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -10,6 +10,9 @@ run: - internal/renameio - internal/robustio +output: + format: colored-line-number - + linters: disable-all: true enable: @@ -38,7 +41,7 @@ linters: - unused # covers deadcode/varcheck/structcheck - whitespace -linters.settings: +linters-settings: depguard: list-type: blacklist rules: From d602a643e5dbe17899ed166ca7c5ae341e0aa822 Mon Sep 17 00:00:00 2001 From: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com> Date: Mon, 16 Mar 2026 21:03:32 +0530 Subject: [PATCH 04/13] - Fixed lint issue --- .github/workflows/ci-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-tests.yml b/.github/workflows/ci-tests.yml index 7c8c5df73..853c2f9e5 100644 --- a/.github/workflows/ci-tests.yml +++ b/.github/workflows/ci-tests.yml @@ -130,7 +130,7 @@ jobs: uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc #v3 with: skip-pkg-cache: true - version: v1.66.0 + version: v1.65.0 args: -c .golangci.yml --timeout 5m only-new-issues: true From 7b3c44ce669a09a99ed0781b815042cc781eff71 Mon Sep 17 00:00:00 2001 From: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com> Date: Mon, 16 Mar 2026 21:45:46 +0530 Subject: [PATCH 05/13] - Fixed lint version to 2.11.3 --- .github/workflows/ci-tests.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci-tests.yml b/.github/workflows/ci-tests.yml index 853c2f9e5..bc87e2fb5 100644 --- a/.github/workflows/ci-tests.yml +++ b/.github/workflows/ci-tests.yml @@ -127,10 +127,10 @@ jobs: - run: go version - run: go mod tidy - name: golangci-lint - uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc #v3 + uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 #v9.2.0 with: skip-pkg-cache: true - version: v1.65.0 + version: v2.11.3 args: -c .golangci.yml --timeout 5m only-new-issues: true From d37d91eb923004896eacbfd4af47160296a1d5f7 Mon Sep 17 00:00:00 2001 From: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com> Date: Mon, 16 Mar 2026 21:51:59 +0530 Subject: [PATCH 06/13] - Added version to golangci.yml --- .golangci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.golangci.yml b/.golangci.yml index 92242496b..ac8f460fd 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,6 +1,6 @@ # .golangci.yml - +version: 1 run: timeout: 5m issues: From 36d63fb27c74a2edf216d0596b2dad24331437e0 Mon Sep 17 00:00:00 2001 From: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com> Date: Mon, 16 Mar 2026 22:03:35 +0530 Subject: [PATCH 07/13] - Added version to golangci.yml --- .golangci.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.golangci.yml b/.golangci.yml index ac8f460fd..e77d44015 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,6 +1,6 @@ # .golangci.yml -version: 1 +version: 2 run: timeout: 5m issues: @@ -11,7 +11,7 @@ run: - internal/robustio output: - format: colored-line-number - + format: colored-line-number linters: disable-all: true @@ -41,11 +41,12 @@ linters: - unused # covers deadcode/varcheck/structcheck - whitespace -linters-settings: +settings: depguard: list-type: blacklist rules: main: + list-mode: lax allow: - $gostd - github.com/checkmarx/ast-cli/internal From 9d262577078bb41263c62fbb770a67c1456f8cd4 Mon Sep 17 00:00:00 2001 From: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com> Date: Mon, 16 Mar 2026 22:05:39 +0530 Subject: [PATCH 08/13] - removed unsupported lint configs in v2 --- .golangci.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.golangci.yml b/.golangci.yml index e77d44015..2b6a0a97d 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -35,7 +35,6 @@ linters: - rowserrcheck - staticcheck - stylecheck - - typecheck - unconvert - unparam - unused # covers deadcode/varcheck/structcheck From 0a69f386fe7853090bf7e80d5d69f0f2e8a1606a Mon Sep 17 00:00:00 2001 From: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com> Date: Mon, 16 Mar 2026 22:15:39 +0530 Subject: [PATCH 09/13] - Fixed all issues in golangci.yml --- .golangci.yml | 46 ++++++++++++++++------------------------------ 1 file changed, 16 insertions(+), 30 deletions(-) diff --git a/.golangci.yml b/.golangci.yml index 2b6a0a97d..5e5b95f73 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,20 +1,9 @@ # .golangci.yml -version: 2 run: timeout: 5m - issues: - exclude-dirs: - - test/testdata_etc - - internal/cache - - internal/renameio - - internal/robustio - -output: - format: colored-line-number linters: - disable-all: true enable: - bodyclose - depguard @@ -34,15 +23,23 @@ linters: - revive # replacement for golint - rowserrcheck - staticcheck - - stylecheck - unconvert - unparam - unused # covers deadcode/varcheck/structcheck - whitespace + exclusions: + paths: + - test/testdata_etc + - internal/cache + - internal/renameio + - internal/robustio + rules: + - path: _test\.go + linters: + - mnd -settings: +linters-settings: depguard: - list-type: blacklist rules: main: list-mode: lax @@ -97,9 +94,11 @@ settings: goimports: local-prefixes: github.com/golangci/golangci-lint mnd: - settings: - mnd: - checks: argument,case,condition,return + checks: + - argument + - case + - condition + - return revive: rules: - name: exported @@ -115,18 +114,5 @@ settings: - (github.com/golangci/golangci-lint/pkg/logutils.Log).Fatalf lll: line-length: 185 - maligned: - suggest-new: true misspell: locale: US - -issues: - exclude-rules: - - path: _test\.go - linters: - - mnd - -service: - golangci-lint-version: 1.64.2 - prepare: - - echo "No special prep steps needed" From 2f1ad5c6517fd14c98e28efbc0e33a57c0c36109 Mon Sep 17 00:00:00 2001 From: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com> Date: Mon, 16 Mar 2026 22:20:59 +0530 Subject: [PATCH 10/13] - Fixed all issues in golangci.yml --- .golangci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.golangci.yml b/.golangci.yml index 5e5b95f73..ecc0144a3 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,5 +1,6 @@ # .golangci.yml +version: "2" run: timeout: 5m From 45356032497a620c57189b8d3d10388608a3946b Mon Sep 17 00:00:00 2001 From: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com> Date: Mon, 16 Mar 2026 22:24:25 +0530 Subject: [PATCH 11/13] - Fixed all issues in golangci.yml --- .golangci.yml | 157 +++++++++++++++++++++++++------------------------- 1 file changed, 78 insertions(+), 79 deletions(-) diff --git a/.golangci.yml b/.golangci.yml index ecc0144a3..179de3de6 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -38,82 +38,81 @@ linters: - path: _test\.go linters: - mnd - -linters-settings: - depguard: - rules: - main: - list-mode: lax - allow: - - $gostd - - github.com/checkmarx/ast-cli/internal - - github.com/gookit/color - - github.com/CheckmarxDev/containers-resolver/pkg/containerResolver - - github.com/Checkmarx/manifest-parser/pkg/parser/models - - github.com/Checkmarx/manifest-parser/pkg/parser - - github.com/Checkmarx/secret-detection/pkg/hooks/pre-commit - - github.com/Checkmarx/secret-detection/pkg/hooks/pre-receive - - github.com/Checkmarx/gen-ai-prompts/prompts/sast_result_remediation - - github.com/spf13/viper - - github.com/checkmarx/2ms/v3/lib/reporting - - github.com/checkmarx/2ms/v3/lib/secrets - - github.com/checkmarx/2ms/v3/pkg - - github.com/Checkmarx/gen-ai-wrapper - - github.com/spf13/cobra - - github.com/pkg/errors - - github.com/google - - github.com/MakeNowJust/heredoc - - github.com/jsumners/go-getport - - github.com/stretchr/testify/assert - - github.com/gofrs/flock - - github.com/golang-jwt/jwt/v5 - - github.com/Checkmarx/containers-images-extractor/pkg/imagesExtractor - - github.com/Checkmarx/containers-types/types - dupl: - threshold: 500 - funlen: - lines: 200 - statements: 100 - goconst: - min-len: 2 - min-occurrences: 2 - gocritic: - enabled-tags: - - diagnostic - - experimental - - opinionated - - performance - - style - disabled-checks: - - dupImport # https://github.com/go-critic/go-critic/issues/845 - - ifElseChain - - octalLiteral - - whyNoLint - - wrapperFunc - gocyclo: - min-complexity: 15 - goimports: - local-prefixes: github.com/golangci/golangci-lint - mnd: - checks: - - argument - - case - - condition - - return - revive: - rules: - - name: exported - arguments: - - disableStutteringCheck - govet: - settings: - printf: - funcs: - - (github.com/golangci/golangci-lint/pkg/logutils.Log).Infof - - (github.com/golangci/golangci-lint/pkg/logutils.Log).Warnf - - (github.com/golangci/golangci-lint/pkg/logutils.Log).Errorf - - (github.com/golangci/golangci-lint/pkg/logutils.Log).Fatalf - lll: - line-length: 185 - misspell: - locale: US + settings: + depguard: + rules: + main: + list-mode: lax + allow: + - $gostd + - github.com/checkmarx/ast-cli/internal + - github.com/gookit/color + - github.com/CheckmarxDev/containers-resolver/pkg/containerResolver + - github.com/Checkmarx/manifest-parser/pkg/parser/models + - github.com/Checkmarx/manifest-parser/pkg/parser + - github.com/Checkmarx/secret-detection/pkg/hooks/pre-commit + - github.com/Checkmarx/secret-detection/pkg/hooks/pre-receive + - github.com/Checkmarx/gen-ai-prompts/prompts/sast_result_remediation + - github.com/spf13/viper + - github.com/checkmarx/2ms/v3/lib/reporting + - github.com/checkmarx/2ms/v3/lib/secrets + - github.com/checkmarx/2ms/v3/pkg + - github.com/Checkmarx/gen-ai-wrapper + - github.com/spf13/cobra + - github.com/pkg/errors + - github.com/google + - github.com/MakeNowJust/heredoc + - github.com/jsumners/go-getport + - github.com/stretchr/testify/assert + - github.com/gofrs/flock + - github.com/golang-jwt/jwt/v5 + - github.com/Checkmarx/containers-images-extractor/pkg/imagesExtractor + - github.com/Checkmarx/containers-types/types + dupl: + threshold: 500 + funlen: + lines: 200 + statements: 100 + goconst: + min-len: 2 + min-occurrences: 2 + gocritic: + enabled-tags: + - diagnostic + - experimental + - opinionated + - performance + - style + disabled-checks: + - dupImport # https://github.com/go-critic/go-critic/issues/845 + - ifElseChain + - octalLiteral + - whyNoLint + - wrapperFunc + gocyclo: + min-complexity: 15 + goimports: + local-prefixes: github.com/golangci/golangci-lint + mnd: + checks: + - argument + - case + - condition + - return + revive: + rules: + - name: exported + arguments: + - disableStutteringCheck + govet: + settings: + printf: + funcs: + - (github.com/golangci/golangci-lint/pkg/logutils.Log).Infof + - (github.com/golangci/golangci-lint/pkg/logutils.Log).Warnf + - (github.com/golangci/golangci-lint/pkg/logutils.Log).Errorf + - (github.com/golangci/golangci-lint/pkg/logutils.Log).Fatalf + lll: + line-length: 185 + misspell: + locale: US From fd784e2078de0ae2f286463ba4753c74447f2900 Mon Sep 17 00:00:00 2001 From: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com> Date: Mon, 16 Mar 2026 22:28:16 +0530 Subject: [PATCH 12/13] - Fixed golangci.yml --- .golangci.yml | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/.golangci.yml b/.golangci.yml index 179de3de6..f584ca617 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -16,8 +16,6 @@ linters: - goconst - gocritic - gocyclo - - gofmt - - goimports - ineffassign - mnd # replacement for gomnd - nakedret @@ -91,8 +89,6 @@ linters: - wrapperFunc gocyclo: min-complexity: 15 - goimports: - local-prefixes: github.com/golangci/golangci-lint mnd: checks: - argument @@ -116,3 +112,12 @@ linters: line-length: 185 misspell: locale: US + +formatters: + enable: + - gofmt + - goimports + settings: + goimports: + local-prefixes: + - github.com/golangci/golangci-lint From de24baf4303f6d802e0ca260897962299876cf9a Mon Sep 17 00:00:00 2001 From: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com> Date: Mon, 16 Mar 2026 22:34:22 +0530 Subject: [PATCH 13/13] - Upgraded to 1.25.8 version of go --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 9e5f90cc8..e2c14ffe5 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/checkmarx/ast-cli -go 1.25 +go 1.25.8 require (