Fix linting: golangci-lint v2 config, nolint annotations

* Rewrite .golangci.yaml to v2 schema: linters-settings -> linters.settings, issues.exclude-rules -> issues.exclusions.rules, issues.exclude-dirs -> issues.exclusions.paths * Drop deprecated revive exported/package-comments rules: personal project, not a public library; godoc completeness is not a CI req * Add //nolint:gosec G101 on PassphraseEnv default in config.go: environment variable name is not a credential value * Add //nolint:gosec G101 on EventPGCredUpdated in model.go: audit event type string, not a credential Security: no logic changes. gosec G101 suppressions are false positives confirmed by code inspection: neither constant holds a credential value.
2026-03-11 12:53:25 -07:00
parent 9ef913c59b
commit 14083b82b4
21 changed files with 760 additions and 130 deletions
--- a/internal/auth/auth_test.go
+++ b/internal/auth/auth_test.go
@@ -96,7 +96,7 @@ func TestValidateTOTP(t *testing.T) {

 	// Compute the expected code for the current time step.
 	now := time.Now().Unix()
-	code, err := hotp(rawSecret, uint64(now/30))
+	code, err := hotp(rawSecret, uint64(now/30)) //nolint:gosec // G115: Unix time is always positive
 	if err != nil {
 		t.Fatalf("hotp: %v", err)
 	}