Fix linting errors and re-enable golangci linters

.golangci.yml

@@ -3,15 +3,13 @@ linters:
   default: none
   enable:
     # Defaults:
+    - errcheck
     - govet
     - ineffassign
     - unused
     # Extra:
     - asciicheck
     - bidichk
-  disable:
-    # Scott L: currently these produce errors that need to be fixed in a seprate PR
-    - errcheck
     - depguard
     - staticcheck
 

plugins/aws/sts_provisioner.go

@@ -271,7 +271,7 @@ func (p assumeRoleProvider) Retrieve(ctx context.Context) (aws.Credentials, erro
 		return aws.Credentials{}, err
 	}
 
-	err = p.stsCacheWriter.Put(credentials)
+	err = p.stsCacheWriter.Put(credentials) //nolint:staticcheck // QF1008 explicit reads more clearly here
 	if err != nil {
 		return aws.Credentials{}, err
 	}
@@ -308,7 +308,7 @@ func (p mfaSessionTokenProvider) Retrieve(ctx context.Context) (aws.Credentials,
 		return aws.Credentials{}, err
 	}
 
-	err = p.stsCacheWriter.Put(credentials)
+	err = p.stsCacheWriter.Put(credentials) //nolint:staticcheck //QF1008 explicit reads more clearly here
 	if err != nil {
 		return aws.Credentials{}, err
 	}

plugins/readme/api_key.go

@@ -66,7 +66,7 @@ func TryReadMeConfigFile() sdk.Importer {
 			return
 		}
 
-		var website string = "https://dash.readme.com/go/" + config.Subdomain
+		var website = "https://dash.readme.com/go/" + config.Subdomain
 
 		out.AddCandidate(sdk.ImportCandidate{
 			NameHint: config.Subdomain,

sdk/plugintest/example_secrets.go

@@ -1,11 +1,11 @@
 package plugintest
 
 import (
+	"crypto/rand"
 	"fmt"
 	"log"
-	"math/rand"
+	"math/big"
 	"strings"
-	"time"
 
 	"github.com/1Password/shell-plugins/sdk/schema"
 )
@@ -18,9 +18,6 @@ const (
 	secretExampleSuffix = "EXAMPLE"
 )
 
-var seededRand = rand.New(
-	rand.NewSource(time.Now().UnixNano()))
-
 func ExampleSecretFromComposition(v schema.ValueComposition) string {
 	prefix := getPrefix(v)
 	suffix := getSuffix(v)
@@ -65,10 +62,14 @@ func stringFromCharset(length int, charset string) (string, error) {
 	if charset == "" {
 		return "", fmt.Errorf("invalid charset provided")
 	}
-
+	max := big.NewInt(int64(len(charset)))
 	b := make([]byte, length)
 	for i := range b {
-		b[i] = charset[seededRand.Intn(len(charset))]
+		n, err := rand.Int(rand.Reader, max)
+		if err != nil {
+			return "", fmt.Errorf("reading random: %w", err)
+		}
+		b[i] = charset[n.Int64()]
 	}
 	return string(b), nil
 }

sdk/plugintest/validation_report.go

@@ -59,7 +59,7 @@ type ValidationReportPrinter struct {
 }
 
 func (p *ValidationReportPrinter) Print() {
-	if p.Reports == nil || len(p.Reports) == 0 {
+	if len(p.Reports) == 0 {
 		color.Cyan("No reports to print")
 		return
 	}
@@ -108,19 +108,19 @@ func (p *ValidationReportPrinter) printChecks(checks []schema.ValidationCheck) {
 }
 
 func (p *ValidationReportPrinter) printHeading(heading string) {
-	p.Format.Heading.Printf("# %s\n\n", heading)
+	_, _ = p.Format.Heading.Printf("# %s\n\n", heading)
 }
 
 func (p *ValidationReportPrinter) printCheck(check schema.ValidationCheck) {
 	if check.Assertion {
-		p.Format.Success.Printf("✔ %s\n", check.Description)
+		_, _ = p.Format.Success.Printf("✔ %s\n", check.Description)
 		return
 	}
 
 	if check.Severity == schema.ValidationSeverityWarning {
-		p.Format.Warning.Printf("⚠ %s\n", check.Description)
+		_, _ = p.Format.Warning.Printf("⚠ %s\n", check.Description)
 		return
 	}
 
-	p.Format.Error.Printf("✘ %s\n", check.Description)
+	_, _ = p.Format.Error.Printf("✘ %s\n", check.Description)
 }

sdk/rpc/server/server.go

@@ -107,7 +107,7 @@ func (t *RPCServer) ExecutableNeedsAuth(req proto.ExecutableNeedsAuthRequest, re
 	needsAuth, ok := t.needsAuth[req.ExecutableID]
 	if !ok || needsAuth == nil {
 		return &errFunctionFieldNotSet{
-			objName:  req.ExecutableID.String(),
+			objName:  req.ExecutableID.String(), //nolint:staticcheck //QF1008 explicit reads more clearly here
 			funcName: "NeedsAuth",
 		}
 	}
@@ -134,7 +134,7 @@ func (t *RPCServer) CredentialImport(req proto.ImportCredentialRequest, resp *sd
 	importer, ok := t.importers[req.CredentialID]
 	if !ok || importer == nil {
 		return &errFunctionFieldNotSet{
-			objName:  req.CredentialID.String(),
+			objName:  req.CredentialID.String(), //nolint:staticcheck //QF1008 explicit reads more clearly here
 			funcName: "Importer",
 		}
 	}

sdk/schema/executable.go

@@ -130,7 +130,7 @@ func (c CredentialUsage) Validate() (bool, ValidationReport) {
 
 	report.AddCheck(ValidationCheck{
 		Description: "Credential usage has either a credential reference or selection defined, but not both",
-		Assertion:   (c.SelectFrom != nil || c.Name != "") && !(c.SelectFrom != nil && c.Name != ""),
+		Assertion:   (c.SelectFrom != nil || c.Name != "") && (c.SelectFrom == nil || c.Name == ""),
 		Severity:    ValidationSeverityError,
 	})
 	return report.IsValid(), report