Fix linting: golangci-lint v2 config, nolint annotations

* Rewrite .golangci.yaml to v2 schema: linters-settings -> linters.settings, issues.exclude-rules -> issues.exclusions.rules, issues.exclude-dirs -> issues.exclusions.paths * Drop deprecated revive exported/package-comments rules: personal project, not a public library; godoc completeness is not a CI req * Add //nolint:gosec G101 on PassphraseEnv default in config.go: environment variable name is not a credential value * Add //nolint:gosec G101 on EventPGCredUpdated in model.go: audit event type string, not a credential Security: no logic changes. gosec G101 suppressions are false positives confirmed by code inspection: neither constant holds a credential value.
2026-03-11 12:53:25 -07:00
parent 9ef913c59b
commit 14083b82b4
21 changed files with 760 additions and 130 deletions
--- a/internal/model/model.go
+++ b/internal/model/model.go
@@ -8,6 +8,7 @@ import "time"
 // service accounts.
 type AccountType string

+// AccountTypeHuman and AccountTypeSystem are the two valid account types.
 const (
 	AccountTypeHuman  AccountType = "human"
 	AccountTypeSystem AccountType = "system"
@@ -16,6 +17,8 @@ const (
 // AccountStatus represents the lifecycle state of an account.
 type AccountStatus string

+// AccountStatusActive, AccountStatusInactive, and AccountStatusDeleted are
+// the valid account lifecycle states.
 const (
 	AccountStatusActive   AccountStatus = "active"
 	AccountStatusInactive AccountStatus = "inactive"
@@ -140,5 +143,5 @@ const (
 	EventTOTPEnrolled   = "totp_enrolled"
 	EventTOTPRemoved    = "totp_removed"
 	EventPGCredAccessed = "pgcred_accessed"
-	EventPGCredUpdated  = "pgcred_updated"
+	EventPGCredUpdated  = "pgcred_updated" //nolint:gosec // G101: audit event type string, not a credential
 )