johno/beads
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cd5f582d870fd86ecbd6c9d90ae193784cd662bb
beads/docs/LINTING.md
Steve Yegge 9c3ab7fba9 Document -short flag, update linting baseline, clarify bd edit MCP exclusion 
- Enhanced CONTRIBUTING.md with -short flag usage guidance
- Updated LINTING.md: 22 issues baseline (down from 34)
- Added MCP exclusion note for bd edit command in AGENTS.md

Closes bd-iov0, bd-aec5439f, bd-fd8753d9
2025-11-06 19:42:01 -08:00

117 lines
4.6 KiB
Markdown
Raw Blame History

# Linting Policy
This document explains our approach to `golangci-lint` warnings in this codebase.
## Current Status
Running `golangci-lint run ./...` currently reports **22 issues** as of Nov 6, 2025. These are not actual code quality problems - they are false positives or intentional patterns that reflect idiomatic Go practice.
**Historical note**: The count was ~200 before extensive cleanup in October 2025, reduced to 34 by Oct 27, and now 22 after internal/daemonrunner removal. The remaining issues represent the acceptable baseline that doesn't warrant fixing.
## Issue Breakdown
### errcheck (4 issues)
**Pattern**: Unchecked errors from `defer` cleanup operations
**Status**: Intentional and idiomatic
Examples:
```go
defer rows.Close()
defer tx.Rollback()
defer os.RemoveAll(tmpDir) // in tests
```
**Rationale**: In Go, it's standard practice to ignore errors from deferred cleanup operations:
- `rows.Close()` - closing already-consumed result sets rarely errors
- `tx.Rollback()` - rollback on defer is a safety net; if commit succeeded, rollback is a no-op
- Test cleanup - errors during test cleanup don't affect test outcomes
Fixing these would add noise without improving code quality. The critical cleanup operations (where errors matter) are already checked explicitly.
### gosec (12 issues)
**Pattern 1**: G204 - Subprocess launched with variable (3 issues)
**Status**: Intentional - launching editor and git commands with user-specified paths
Examples:
- Launching `$EDITOR` for issue editing
- Executing git commands
- Running bd daemon binary
**Pattern 2**: G304 - File inclusion via variable (3 issues)
**Status**: Intended feature - user-specified file paths for import/export
All file paths are either:
- User-provided CLI arguments (expected for import/export commands)
- Test fixtures in controlled test environments
- Validated paths with security checks
**Pattern 3**: G301/G302/G306 - File permissions (3 issues)
**Status**: Acceptable for user-facing database files
- G301: 0755 for database directories (allows other users to read)
- G302: 0644 for JSONL files (version controlled, needs to be readable)
- G306: 0644 for new JSONL files (consistency with existing files)
**Pattern 4**: G201/G202 - SQL string formatting/concatenation (3 issues)
**Status**: Safe - using placeholders and bounded queries
All SQL concatenation uses proper placeholders and is bounded by controlled input (issue ID lists).
### misspell (3 issues)
**Pattern**: British vs American spelling - `cancelled` vs `canceled`
**Status**: Acceptable spelling variation
The codebase uses "cancelled" (British spelling) in user-facing messages. Both spellings are correct.
### unparam (4 issues)
**Pattern**: Function parameters or return values that are always the same
**Status**: Interface compliance and future-proofing
These functions maintain consistent signatures for:
- Interface implementations
- Future extensibility
- Code clarity and documentation
## golangci-lint Configuration Challenges
We've attempted to configure `.golangci.yml` to exclude these false positives, but golangci-lint's exclusion mechanisms have proven challenging:
- `exclude-functions` works for some errcheck patterns
- `exclude` patterns with regex don't match as expected
- `exclude-rules` with text matching doesn't work reliably
This appears to be a known limitation of golangci-lint's configuration system.
## Recommendation
**For contributors**: Don't be alarmed by the 22 lint warnings. The code quality is high.
**For code review**: Focus on:
- New issues introduced by changes (not the baseline 22)
- Actual logic errors
- Missing error checks on critical operations (file writes, database commits)
- Security concerns beyond gosec's false positives
**For CI/CD**: The current GitHub Actions workflow runs linting but doesn't fail on these known issues. We may add `--issues-exit-code=0` or configure the workflow to check for regressions only.
## Future Work
Potential approaches to reduce noise:
1. Disable specific linters (errcheck, revive) if the signal-to-noise ratio doesn't improve
2. Use `//nolint` directives sparingly for clear false positives
3. Investigate alternative linters with better exclusion support
4. Contribute to golangci-lint to improve exclusion mechanisms
## Summary
These "issues" are not technical debt - they represent intentional, idiomatic Go code. The codebase maintains high quality through:
- Comprehensive test coverage (>80%)
- Careful error handling where it matters
- Security validation of user input
- Clear documentation
Don't let the linter count distract from the actual code quality.
Reference in New Issue View Git Blame Copy Permalink