From d2239bb24e1a68eaaa0893cab90a2585d24c4260 Mon Sep 17 00:00:00 2001 From: yperbasis Date: Fri, 3 Jul 2026 10:56:41 +0200 Subject: [PATCH 1/3] golangci: enable modernize linter Enable the gopls modernize suite; disable the analyzers with an existing backlog (enable each once its findings are cleared). Clear the stringsseq backlog: convert the remaining strings.Split range loops to strings.SplitSeq, including the leak-tagged site the linter cannot see. --- .golangci.yml | 20 +++++++++++++++++++ cl/beacon/beaconhttp/api.go | 2 +- cl/sentinel/httpreqresp/server.go | 2 +- cmd/evm/enginexrunner.go | 2 +- db/state/commitment_convert.go | 2 +- .../engineapitester/engine_x_leak_test.go | 2 +- 6 files changed, 25 insertions(+), 5 deletions(-) diff --git a/.golangci.yml b/.golangci.yml index 607f0f2c40f..1048b30a7f9 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -12,6 +12,7 @@ linters: - gochecksumtype - gocritic - gosmopolitan + - modernize - nilnesserr - prealloc - reassign @@ -88,6 +89,25 @@ linters: rules: rules.go underef: skipRecvDeref: true + modernize: + disable: # each disabled analyzer has an existing backlog; enable it once its findings are cleared + - any + - atomictypes + - forvar + - mapsloop + - minmax + - omitzero + - rangeint + - reflecttypefor + - slicesbackward + - slicescontains + - slicessort + - stditerators + - stringsbuilder + - stringscut + - stringscutprefix + - testingcontext + - waitgroupgo govet: enable: - nilness diff --git a/cl/beacon/beaconhttp/api.go b/cl/beacon/beaconhttp/api.go index 9fb021918bd..87167e4d69f 100644 --- a/cl/beacon/beaconhttp/api.go +++ b/cl/beacon/beaconhttp/api.go @@ -246,7 +246,7 @@ func supportsSSZ(ans any) bool { func acceptQuality(accept, target string) (float64, bool) { var best float64 var found bool - for _, part := range strings.Split(accept, ",") { + for part := range strings.SplitSeq(accept, ",") { mediaType, params, err := mime.ParseMediaType(strings.TrimSpace(part)) if err != nil || mediaType != target { continue diff --git a/cl/sentinel/httpreqresp/server.go b/cl/sentinel/httpreqresp/server.go index d25fa94e589..4f7dbfdd997 100644 --- a/cl/sentinel/httpreqresp/server.go +++ b/cl/sentinel/httpreqresp/server.go @@ -254,7 +254,7 @@ func NewRequestHandler(host host.Host) http.HandlerFunc { // Parse comma-separated topics for multistream protocol negotiation. // The first topic is preferred; libp2p picks the first one the peer supports. var protocolIDs []protocol.ID - for _, t := range strings.Split(topic, ",") { + for t := range strings.SplitSeq(topic, ",") { if t = strings.TrimSpace(t); t != "" { protocolIDs = append(protocolIDs, protocol.ID(t)) } diff --git a/cmd/evm/enginexrunner.go b/cmd/evm/enginexrunner.go index 6e177b06bac..1c0cd42e79c 100644 --- a/cmd/evm/enginexrunner.go +++ b/cmd/evm/enginexrunner.go @@ -277,7 +277,7 @@ func loadEngineXGroups(path string, re *regexp.Regexp) (map[engineXGroupKey][]en // isUnderPreAlloc reports whether any directory component of p is named // "pre_alloc" — those are pre-allocation inputs, not test fixtures. func isUnderPreAlloc(p string) bool { - for _, c := range strings.Split(filepath.ToSlash(p), "/") { + for c := range strings.SplitSeq(filepath.ToSlash(p), "/") { if c == "pre_alloc" { return true } diff --git a/db/state/commitment_convert.go b/db/state/commitment_convert.go index 6dc29fa35ba..e4be499bf19 100644 --- a/db/state/commitment_convert.go +++ b/db/state/commitment_convert.go @@ -907,7 +907,7 @@ func loadRestoreManifest(path string) ([]string, bool, error) { return nil, false, fmt.Errorf("[commitment_convert] restore: read manifest %s: %w", path, err) } var out []string - for _, line := range strings.Split(strings.TrimSpace(string(data)), "\n") { + for line := range strings.SplitSeq(strings.TrimSpace(string(data)), "\n") { if line == "" { continue } diff --git a/execution/engineapi/engineapitester/engine_x_leak_test.go b/execution/engineapi/engineapitester/engine_x_leak_test.go index fb3b21f8d54..a588e24db27 100644 --- a/execution/engineapi/engineapitester/engine_x_leak_test.go +++ b/execution/engineapi/engineapitester/engine_x_leak_test.go @@ -136,7 +136,7 @@ func printSample(t *testing.T, iter int) { } func procStatusKb(s, key string) int { - for _, line := range strings.Split(s, "\n") { + for line := range strings.SplitSeq(s, "\n") { if !strings.HasPrefix(line, key) { continue } From a5218a79cab435b00c239bb779c4d7a1446bbefb Mon Sep 17 00:00:00 2001 From: yperbasis Date: Fri, 3 Jul 2026 11:47:19 +0200 Subject: [PATCH 2/3] sonar: exclude legacy-tests submodule from analysis SonarCloud stopped treating git-submodule contents as SCM-ignored (server-side change on 2026-07-03), so the vendored ethereum/tests fixtures (~38.5k files) entered PR analyses as new code and their Dockerfile/JS findings fail the quality gate's security rating on every PR. --- sonar-project.properties | 1 + 1 file changed, 1 insertion(+) diff --git a/sonar-project.properties b/sonar-project.properties index 493e94b7462..f43f8db52df 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -6,6 +6,7 @@ sonar.sources=. sonar.exclusions=\ .github/**,\ docs/**,\ + execution/tests/legacy-tests/**,\ **/*.pb.go,\ **/gen_*.go,\ **/*_gen.go,\ From 8d896f078ba38cbc5dcfe655ec42fb31a8858c37 Mon Sep 17 00:00:00 2001 From: Andrew Ashikhmin <34320705+yperbasis@users.noreply.github.com> Date: Sat, 4 Jul 2026 09:41:08 +0200 Subject: [PATCH 3/3] sonar: deduplicate legacy-tests exclusion after merge --- sonar-project.properties | 1 - 1 file changed, 1 deletion(-) diff --git a/sonar-project.properties b/sonar-project.properties index d154ffe1fcc..dc9cb3c80ef 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -7,7 +7,6 @@ sonar.exclusions=\ .github/**,\ execution/tests/legacy-tests/**,\ docs/**,\ - execution/tests/legacy-tests/**,\ **/*.pb.go,\ **/gen_*.go,\ **/*_gen.go,\