go-git
diff --git a/‎.golangci.yaml‎
Lines changed: 2 additions & 0 deletions b/‎.golangci.yaml‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎config/config.go‎
Lines changed: 5 additions & 2 deletions b/‎config/config.go‎
Lines changed: 5 additions & 2 deletions
diff --git a/‎internal/transport/test/receive_pack.go‎
Lines changed: 1 addition & 1 deletion b/‎internal/transport/test/receive_pack.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎plumbing/format/commitgraph/commitgraph.go‎
Lines changed: 1 addition & 1 deletion b/‎plumbing/format/commitgraph/commitgraph.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎plumbing/format/commitgraph/encoder.go‎
Lines changed: 9 additions & 8 deletions b/‎plumbing/format/commitgraph/encoder.go‎
Lines changed: 9 additions & 8 deletions
diff --git a/‎plumbing/format/commitgraph/file.go‎
Lines changed: 2 additions & 2 deletions b/‎plumbing/format/commitgraph/file.go‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎plumbing/format/commitgraph/memory.go‎
Lines changed: 4 additions & 4 deletions b/‎plumbing/format/commitgraph/memory.go‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎plumbing/format/idxfile/decoder.go‎
Lines changed: 1 addition & 1 deletion b/‎plumbing/format/idxfile/decoder.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎plumbing/format/idxfile/idxfile.go‎
Lines changed: 7 additions & 4 deletions b/‎plumbing/format/idxfile/idxfile.go‎
Lines changed: 7 additions & 4 deletions
diff --git a/‎plumbing/format/idxfile/writer.go‎
Lines changed: 5 additions & 5 deletions b/‎plumbing/format/idxfile/writer.go‎
Lines changed: 5 additions & 5 deletions
@@ -5,6 +5,7 @@ linters:
     - dupl
     - errcheck
     - gocritic
+    - gosec
     - govet
     - ineffassign
     - misspell
@@ -38,6 +39,7 @@ linters:
       - path: _test\.go
         linters:
           - errcheck
+          - gosec
 
 formatters:
   enable:
 
@@ -450,11 +450,14 @@ func (c *Config) unmarshalPack() error {
 	if window == "" {
 		c.Pack.Window = DefaultPackWindow
 	} else {
-		winUint, err := strconv.ParseUint(window, 10, 32)
+		winInt, err := strconv.Atoi(window)
 		if err != nil {
 			return err
 		}
-		c.Pack.Window = uint(winUint)
+		if winInt < 0 {
+			return fmt.Errorf("pack.window cannot be negative: %d", winInt)
+		}
+		c.Pack.Window = uint(winInt)
 	}
 	return nil
 }
 
@@ -247,7 +247,7 @@ func (s *ReceivePackSuite) receivePackNoCheck(ep *transport.Endpoint,
 
 		for _, file := range files {
 			path := filepath.Join(objectPath, file.Name())
-			err = os.Chmod(path, 0o644)
+			err = os.Chmod(path, 0o644) //nolint:gosec // G302: test file, relaxed permissions are intentional
 			s.Require().NoError(err)
 		}
 	}
 
@@ -33,7 +33,7 @@ func (c *CommitData) GenerationV2Data() uint64 {
 	if c.GenerationV2 == 0 || c.GenerationV2 == math.MaxUint64 {
 		return 0
 	}
-	return c.GenerationV2 - uint64(c.When.Unix())
+	return c.GenerationV2 - uint64(c.When.Unix()) //nolint:gosec // G115: Unix timestamp is always positive for valid commits
 }
 
 // Index represents a representation of commit graph that allows indexed
 
@@ -33,6 +33,7 @@ func (e *Encoder) Encode(idx Index) error {
 	hashToIndex, fanout, extraEdgesCount, generationV2OverflowCount := e.prepare(idx, hashes)
 
 	chunkSignatures := [][]byte{OIDFanoutChunk.Signature(), OIDLookupChunk.Signature(), CommitDataChunk.Signature()}
+	//nolint:gosec // G115: len() and hash.Size() are always small positive values
 	chunkSizes := []uint64{szUint32 * lenFanout, uint64(len(hashes) * e.hash.Size()), uint64(len(hashes) * (e.hash.Size() + szCommitData))}
 	if extraEdgesCount > 0 {
 		chunkSignatures = append(chunkSignatures, ExtraEdgeListChunk.Signature())
@@ -86,7 +87,7 @@ func (e *Encoder) prepare(idx Index, hashes []plumbing.Hash) (hashToIndex map[pl
 	hashToIndex = make(map[plumbing.Hash]uint32)
 	fanout = make([]uint32, lenFanout)
 	for i, hash := range hashes {
-		hashToIndex[hash] = uint32(i)
+		hashToIndex[hash] = uint32(i) //nolint:gosec // G115: i is loop index bounded by hashes count
 		fanout[hash.Bytes()[0]]++
 	}
 
@@ -99,9 +100,9 @@ func (e *Encoder) prepare(idx Index, hashes []plumbing.Hash) (hashToIndex map[pl
 
 	// Find out if we will need extra edge table
 	for i := range len(hashes) {
-		v, _ := idx.GetCommitDataByIndex(uint32(i))
+		v, _ := idx.GetCommitDataByIndex(uint32(i)) //nolint:gosec // G115: i is loop index
 		if len(v.ParentHashes) > 2 {
-			extraEdgesCount += uint32(len(v.ParentHashes) - 1)
+			extraEdgesCount += uint32(len(v.ParentHashes) - 1) //nolint:gosec // G115: parent count is small
 		}
 		if hasGenerationV2 && v.GenerationV2Data() > math.MaxUint32 {
 			generationV2OverflowCount++
@@ -114,7 +115,7 @@ func (e *Encoder) prepare(idx Index, hashes []plumbing.Hash) (hashToIndex map[pl
 func (e *Encoder) encodeFileHeader(chunkCount int) (err error) {
 	if _, err = e.Write(commitFileSignature); err == nil {
 		version := byte(1)
-		if crypto.Hash(e.hash.Size()) == crypto.Hash(crypto.SHA256.Size()) {
+		if crypto.Hash(e.hash.Size()) == crypto.Hash(crypto.SHA256.Size()) { //nolint:gosec // G115: hash.Size() is always small positive
 			version = byte(2)
 		}
 		_, err = e.Write([]byte{1, version, byte(chunkCount), 0})
@@ -124,7 +125,7 @@ func (e *Encoder) encodeFileHeader(chunkCount int) (err error) {
 
 func (e *Encoder) encodeChunkHeaders(chunkSignatures [][]byte, chunkSizes []uint64) (err error) {
 	// 8 bytes of file header, 12 bytes for each chunk header and 12 byte for terminator
-	offset := uint64(szSignature + szHeader + (len(chunkSignatures)+1)*(szChunkSig+szUint64))
+	offset := uint64(szSignature + szHeader + (len(chunkSignatures)+1)*(szChunkSig+szUint64)) //nolint:gosec // G115: small constants
 	for i, signature := range chunkSignatures {
 		if _, err = e.Write(signature); err == nil {
 			err = binary.WriteUint64(e, offset)
@@ -182,7 +183,7 @@ func (e *Encoder) encodeCommitData(hashes []plumbing.Hash, hashToIndex map[plumb
 			parent2 = hashToIndex[commitData.ParentHashes[1]]
 		default:
 			parent1 = hashToIndex[commitData.ParentHashes[0]]
-			parent2 = uint32(len(extraEdges)) | parentOctopusUsed
+			parent2 = uint32(len(extraEdges)) | parentOctopusUsed //nolint:gosec // G115: extraEdges count is bounded
 			for _, parentHash := range commitData.ParentHashes[1:] {
 				extraEdges = append(extraEdges, hashToIndex[parentHash])
 			}
@@ -196,7 +197,7 @@ func (e *Encoder) encodeCommitData(hashes []plumbing.Hash, hashToIndex map[plumb
 			return extraEdges, generationV2Data, err
 		}
 
-		unixTime := uint64(commitData.When.Unix())
+		unixTime := uint64(commitData.When.Unix()) //nolint:gosec // G115: Unix timestamp is always positive for valid commits
 		unixTime |= uint64(commitData.Generation) << 34
 		if err = binary.WriteUint64(e, unixTime); err != nil {
 			return extraEdges, generationV2Data, err
@@ -222,7 +223,7 @@ func (e *Encoder) encodeGenerationV2Data(generationV2Data []uint64) (overflows [
 	for _, data := range generationV2Data {
 		if data >= 0x80000000 {
 			// overflow
-			if err = binary.WriteUint32(e, uint32(head)|0x80000000); err != nil {
+			if err = binary.WriteUint32(e, uint32(head)|0x80000000); err != nil { //nolint:gosec // G115: head is bounded
 				return nil, err
 			}
 			generationV2Data[head] = data
 
@@ -158,7 +158,7 @@ func (fi *fileIndex) readChunkHeaders() error {
 		if chunkType == ZeroChunk || int(chunkType) >= len(fi.offsets) {
 			break
 		}
-		fi.offsets[chunkType] = int64(chunkOffset)
+		fi.offsets[chunkType] = int64(chunkOffset) //nolint:gosec // G115: file offset fits in int64
 	}
 
 	if fi.offsets[OIDFanoutChunk] <= 0 || fi.offsets[OIDLookupChunk] <= 0 || fi.offsets[CommitDataChunk] <= 0 {
@@ -332,7 +332,7 @@ func (fi *fileIndex) GetCommitDataByIndex(idx uint32) (*CommitData, error) {
 		ParentHashes:  parentHashes,
 		Generation:    genAndTime >> 34,
 		GenerationV2:  generationV2,
-		When:          time.Unix(int64(genAndTime&0x3FFFFFFFF), 0),
+		When:          time.Unix(int64(genAndTime&0x3FFFFFFFF), 0), //nolint:gosec // G115: masked timestamp fits in int64
 	}, nil
 }
 
 
@@ -39,7 +39,7 @@ func (mi *MemoryIndex) GetIndexByHash(h plumbing.Hash) (uint32, error) {
 
 // GetHashByIndex gets the hash given an index in the commit graph
 func (mi *MemoryIndex) GetHashByIndex(i uint32) (plumbing.Hash, error) {
-	if i >= uint32(len(mi.commitData)) {
+	if i >= uint32(len(mi.commitData)) { //nolint:gosec // G115: len fits in uint32
 		return plumbing.ZeroHash, plumbing.ErrObjectNotFound
 	}
 
@@ -49,7 +49,7 @@ func (mi *MemoryIndex) GetHashByIndex(i uint32) (plumbing.Hash, error) {
 // GetCommitDataByIndex gets the commit node from the commit graph using index
 // obtained from child node, if available
 func (mi *MemoryIndex) GetCommitDataByIndex(i uint32) (*CommitData, error) {
-	if i >= uint32(len(mi.commitData)) {
+	if i >= uint32(len(mi.commitData)) { //nolint:gosec // G115: len fits in uint32
 		return nil, plumbing.ErrObjectNotFound
 	}
 
@@ -85,7 +85,7 @@ func (mi *MemoryIndex) Add(hash plumbing.Hash, data *CommitData) {
 	// which allows adding nodes out of order as long as all parents
 	// are eventually resolved
 	data.ParentIndexes = nil
-	mi.indexMap[hash] = uint32(len(mi.commitData))
+	mi.indexMap[hash] = uint32(len(mi.commitData)) //nolint:gosec // G115: len fits in uint32
 	mi.commitData = append(mi.commitData, commitData{Hash: hash, CommitData: data})
 	if data.GenerationV2 == math.MaxUint64 { // if GenerationV2 is not available reset it to zero
 		data.GenerationV2 = 0
@@ -105,5 +105,5 @@ func (mi *MemoryIndex) Close() error {
 
 // MaximumNumberOfHashes returns the maximum number of hashes in the index.
 func (mi *MemoryIndex) MaximumNumberOfHashes() uint32 {
-	return uint32(len(mi.indexMap))
+	return uint32(len(mi.indexMap)) //nolint:gosec // G115: len fits in uint32
 }
@@ -111,7 +111,7 @@ func readObjectNames(idx *MemoryIndex, r io.Reader) error {
 
 		idx.FanoutMapping[k] = len(idx.Names)
 
-		nameLen := int(buckets * uint32(idx.idSize()))
+		nameLen := int(buckets * uint32(idx.idSize())) //nolint:gosec // G115: idSize() returns small hash size (20 or 32)
 		bin := make([]byte, nameLen)
 		if _, err := io.ReadFull(r, bin); err != nil {
 			return err
 
@@ -95,14 +95,16 @@ func (idx *MemoryIndex) findHashIndex(h plumbing.Hash) (int, bool) {
 	low := uint64(0)
 	for {
 		mid := (low + high) >> 1
+		//nolint:gosec // G115: idSize() returns small hash size (20 or 32)
 		offset := mid * uint64(idx.idSize())
 
+		//nolint:gosec // G115: idSize() returns small hash size (20 or 32)
 		cmp := h.Compare(data[offset : offset+uint64(idx.idSize())])
 		switch {
 		case cmp < 0:
 			high = mid
 		case cmp == 0:
-			return int(mid), true
+			return int(mid), true //nolint:gosec // G115: mid is bounded by index size
 		default:
 			low = mid + 1
 		}
@@ -141,10 +143,10 @@ func (idx *MemoryIndex) FindOffset(h plumbing.Hash) (int64, error) {
 	if idx.offsetHash == nil {
 		idx.offsetHash = make(map[int64]plumbing.Hash)
 	}
-	idx.offsetHash[int64(offset)] = h
+	idx.offsetHash[int64(offset)] = h //nolint:gosec // G115: packfile offsets fit in int64
 	idx.mu.Unlock()
 
-	return int64(offset), nil
+	return int64(offset), nil //nolint:gosec // G115: packfile offsets fit in int64
 }
 
 const isO64Mask = uint64(1) << 31
@@ -227,8 +229,9 @@ func (idx *MemoryIndex) genOffsetHash() error {
 	for firstLevel, fanoutValue := range idx.Fanout {
 		mappedFirstLevel := idx.FanoutMapping[firstLevel]
 		for secondLevel := uint32(0); i < fanoutValue; i++ {
+			//nolint:gosec // G115: idSize() returns small hash size (20 or 32)
 			_, _ = hash.Write(idx.Names[mappedFirstLevel][secondLevel*uint32(idx.idSize()):])
-			offset := int64(idx.getOffset(mappedFirstLevel, int(secondLevel)))
+			offset := int64(idx.getOffset(mappedFirstLevel, int(secondLevel))) //nolint:gosec // G115: offsets fit in int64
 			offsetHash[offset] = hash
 			secondLevel++
 		}
 
@@ -75,7 +75,7 @@ func (w *Writer) OnInflatedObjectHeader(_ plumbing.ObjectType, _, _ int64) error
 
 // OnInflatedObjectContent implements packfile.Observer interface.
 func (w *Writer) OnInflatedObjectContent(h plumbing.Hash, pos int64, crc uint32, _ []byte) error {
-	w.Add(h, uint64(pos), crc)
+	w.Add(h, uint64(pos), crc) //nolint:gosec // G115: pos is always non-negative in packfile
 	return nil
 }
 
@@ -114,11 +114,11 @@ func (w *Writer) createIndex() (*MemoryIndex, error) {
 
 		// fill the gaps between fans
 		for j := last + 1; j < int(fan); j++ {
-			idx.Fanout[j] = uint32(i)
+			idx.Fanout[j] = uint32(i) //nolint:gosec // G115: i is loop index bounded by objects count
 		}
 
 		// update the number of objects for this position
-		idx.Fanout[fan] = uint32(i + 1)
+		idx.Fanout[fan] = uint32(i + 1) //nolint:gosec // G115: i is loop index bounded by objects count
 
 		// we move from one bucket to another, update counters and allocate
 		// memory
@@ -144,7 +144,7 @@ func (w *Writer) createIndex() (*MemoryIndex, error) {
 		}
 
 		buf.Truncate(0)
-		if err := binary.WriteUint32(buf, uint32(offset)); err != nil {
+		if err := binary.WriteUint32(buf, uint32(offset)); err != nil { //nolint:gosec // G115: checked against limit above
 			return nil, err
 		}
 		idx.Offset32[bucket] = append(idx.Offset32[bucket], buf.Bytes()...)
@@ -157,7 +157,7 @@ func (w *Writer) createIndex() (*MemoryIndex, error) {
 	}
 
 	for j := last + 1; j < 256; j++ {
-		idx.Fanout[j] = uint32(len(w.objects))
+		idx.Fanout[j] = uint32(len(w.objects)) //nolint:gosec // G115: objects count fits in uint32
 	}
 
 	idx.Version = VersionSupported
Original file line number	Diff line number	Diff line change
`@@ -450,11 +450,14 @@ func (c *Config) unmarshalPack() error {`
`450`	`450`	`if window == "" {`
`451`	`451`	`c.Pack.Window = DefaultPackWindow`
`452`	`452`	`} else {`
`453`		`- winUint, err := strconv.ParseUint(window, 10, 32)`
	`453`	`+ winInt, err := strconv.Atoi(window)`
`454`	`454`	`if err != nil {`
`455`	`455`	`return err`
`456`	`456`	`}`
`457`		`- c.Pack.Window = uint(winUint)`
	`457`	`+ if winInt < 0 {`
	`458`	`+ return fmt.Errorf("pack.window cannot be negative: %d", winInt)`
	`459`	`+ }`
	`460`	`+ c.Pack.Window = uint(winInt)`
`458`	`461`	`}`
`459`	`462`	`return nil`
`460`	`463`	`}`
Original file line number	Diff line number	Diff line change
`@@ -247,7 +247,7 @@ func (s ReceivePackSuite) receivePackNoCheck(ep transport.Endpoint,`
`247`	`247`
`248`	`248`	`for _, file := range files {`
`249`	`249`	`path := filepath.Join(objectPath, file.Name())`
`250`		`- err = os.Chmod(path, 0o644)`
	`250`	`+ err = os.Chmod(path, 0o644) //nolint:gosec // G302: test file, relaxed permissions are intentional`
`251`	`251`	`s.Require().NoError(err)`
`252`	`252`	`}`
`253`	`253`	`}`
Original file line number	Diff line number	Diff line change
`@@ -33,7 +33,7 @@ func (c *CommitData) GenerationV2Data() uint64 {`
`33`	`33`	`if c.GenerationV2 == 0 \|\| c.GenerationV2 == math.MaxUint64 {`
`34`	`34`	`return 0`
`35`	`35`	`}`
`36`		`- return c.GenerationV2 - uint64(c.When.Unix())`
	`36`	`+ return c.GenerationV2 - uint64(c.When.Unix()) //nolint:gosec // G115: Unix timestamp is always positive for valid commits`
`37`	`37`	`}`
`38`	`38`
`39`	`39`	`// Index represents a representation of commit graph that allows indexed`
Original file line number	Diff line number	Diff line change
`@@ -158,7 +158,7 @@ func (fi *fileIndex) readChunkHeaders() error {`
`158`	`158`	`if chunkType == ZeroChunk \|\| int(chunkType) >= len(fi.offsets) {`
`159`	`159`	`break`
`160`	`160`	`}`
`161`		`- fi.offsets[chunkType] = int64(chunkOffset)`
	`161`	`+ fi.offsets[chunkType] = int64(chunkOffset) //nolint:gosec // G115: file offset fits in int64`
`162`	`162`	`}`
`163`	`163`
`164`	`164`	`if fi.offsets[OIDFanoutChunk] <= 0 \|\| fi.offsets[OIDLookupChunk] <= 0 \|\| fi.offsets[CommitDataChunk] <= 0 {`
`@@ -332,7 +332,7 @@ func (fi fileIndex) GetCommitDataByIndex(idx uint32) (CommitData, error) {`
`332`	`332`	`ParentHashes: parentHashes,`
`333`	`333`	`Generation: genAndTime >> 34,`
`334`	`334`	`GenerationV2: generationV2,`
`335`		`- When: time.Unix(int64(genAndTime&0x3FFFFFFFF), 0),`
	`335`	`+ When: time.Unix(int64(genAndTime&0x3FFFFFFFF), 0), //nolint:gosec // G115: masked timestamp fits in int64`
`336`	`336`	`}, nil`
`337`	`337`	`}`
`338`	`338`
Original file line number	Diff line number	Diff line change
`@@ -75,7 +75,7 @@ func (w *Writer) OnInflatedObjectHeader(_ plumbing.ObjectType, _, _ int64) error`
`75`	`75`
`76`	`76`	`// OnInflatedObjectContent implements packfile.Observer interface.`
`77`	`77`	`func (w *Writer) OnInflatedObjectContent(h plumbing.Hash, pos int64, crc uint32, _ []byte) error {`
`78`		`- w.Add(h, uint64(pos), crc)`
	`78`	`+ w.Add(h, uint64(pos), crc) //nolint:gosec // G115: pos is always non-negative in packfile`
`79`	`79`	`return nil`
`80`	`80`	`}`
`81`	`81`
`@@ -114,11 +114,11 @@ func (w Writer) createIndex() (MemoryIndex, error) {`
`114`	`114`
`115`	`115`	`// fill the gaps between fans`
`116`	`116`	`for j := last + 1; j < int(fan); j++ {`
`117`		`- idx.Fanout[j] = uint32(i)`
	`117`	`+ idx.Fanout[j] = uint32(i) //nolint:gosec // G115: i is loop index bounded by objects count`
`118`	`118`	`}`
`119`	`119`
`120`	`120`	`// update the number of objects for this position`
`121`		`- idx.Fanout[fan] = uint32(i + 1)`
	`121`	`+ idx.Fanout[fan] = uint32(i + 1) //nolint:gosec // G115: i is loop index bounded by objects count`
`122`	`122`
`123`	`123`	`// we move from one bucket to another, update counters and allocate`
`124`	`124`	`// memory`
`@@ -144,7 +144,7 @@ func (w Writer) createIndex() (MemoryIndex, error) {`
`144`	`144`	`}`
`145`	`145`
`146`	`146`	`buf.Truncate(0)`
`147`		`- if err := binary.WriteUint32(buf, uint32(offset)); err != nil {`
	`147`	`+ if err := binary.WriteUint32(buf, uint32(offset)); err != nil { //nolint:gosec // G115: checked against limit above`
`148`	`148`	`return nil, err`
`149`	`149`	`}`
`150`	`150`	`idx.Offset32[bucket] = append(idx.Offset32[bucket], buf.Bytes()...)`
`@@ -157,7 +157,7 @@ func (w Writer) createIndex() (MemoryIndex, error) {`
`157`	`157`	`}`
`158`	`158`
`159`	`159`	`for j := last + 1; j < 256; j++ {`
`160`		`- idx.Fanout[j] = uint32(len(w.objects))`
	`160`	`+ idx.Fanout[j] = uint32(len(w.objects)) //nolint:gosec // G115: objects count fits in uint32`
`161`	`161`	`}`
`162`	`162`
`163`	`163`	`idx.Version = VersionSupported`