chore: update go to 1.24.4

.2ms.yml

@@ -105,4 +105,9 @@ ignore-result:
   - af16d5223104c029475f82cd780fd57115ed1e2f # value used for testing
   - 91bc1fc92b04c56c5f746d50df5759e39b956146 # value used for testing
   - 4d4af54fd6e3e1209094e5838f339b6c95636f79 # value used for testing
-  - fabcbd067a3bbf3cd5951d03ed4f17918241316a # value used for testing
+  - fabcbd067a3bbf3cd5951d03ed4f17918241316a # value used for testing
+  - cd186f025418cb008f61dcf881b62926be892f71 # value used for testing
+  - 3a2c9e23253b0e5b8a83deaea772d93396e4f350 # value used for testing
+  - 754506f714ffc10628e6fe6dd05affa486d78234 # value used for testing
+  - eebd28cd68ee73b9a1f68b85453575498c12c5b8 # value used for testing
+  - 14f5cf9d2716f2cec7daf95ab86e1a4feaf7ba41 # value used for testing

.github/workflows/pr-validation.yml

@@ -30,7 +30,7 @@ jobs:
           git diff --exit-code
 
       - name: Go Linter
-        run: docker run --rm -v $(pwd):/app -w /app golangci/golangci-lint:v1.61.0 golangci-lint run -v -E gofmt --timeout=5m --out-format github-actions
+        run: docker run --rm -v $(pwd):/app -w /app golangci/golangci-lint:v2.1.5 golangci-lint run --timeout=5m
 
       - name: Go Test
         run: go test -v ./...

Dockerfile

@@ -3,7 +3,7 @@
 # and "Missing User Instruction" since 2ms container is stopped after scan
 
 # Builder image
-FROM cgr.dev/chainguard/go@sha256:7f9e74e1af376a6d238077d8df037a25001997581630bc121c8aecfa5c8da8b3 AS builder
+FROM checkmarx/go:1.24.4-r0-ae7309142bb6bd@sha256:ae7309142bb6bd82e0272c3624ec53c0c68d855f6b63e985c5caaff5c1705644 AS builder
 
 WORKDIR /app
 
@@ -17,10 +17,10 @@ RUN go mod download
 # COPY the source code as the last step
 COPY . .
 
-RUN GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -a -o /app/2ms .
+RUN GOOS=linux GOARCH=amd64 go build -buildvcs=false -ldflags="-s -w" -a -o /app/2ms .
 
 # Runtime image
-FROM cgr.dev/chainguard/git@sha256:fb9f28194b4dda3ea74c68d731238d1f32023849bca04c5652638e8e199fb956
+FROM checkmarx/git:2.49.0-r2-d7ebbe7c56dc47@sha256:d7ebbe7c56dc478c08aba611c35b30689090d28605d83130ce4d1e15a84f0389
 
 WORKDIR /app
 

engine/engine.go

@@ -290,10 +290,10 @@ func GetRulesCommand(engineConfig *EngineConfig) *cobra.Command {
 
 			tab := tabwriter.NewWriter(os.Stdout, 1, 2, 2, ' ', 0)
 
-			fmt.Fprintln(tab, "Name\tDescription\tTags\tValidity Check")
-			fmt.Fprintln(tab, "----\t----\t----\t----")
+			fmt.Fprintln(tab, "Name\tDescription\tTags\tValidity Check") //nolint:errcheck
+			fmt.Fprintln(tab, "----\t----\t----\t----")                  //nolint:errcheck
 			for _, rule := range *rules {
-				fmt.Fprintf(
+				fmt.Fprintf( //nolint:errcheck
 					tab,
 					"%s\t%s\t%s\t%s\n",
 					rule.Rule.RuleID,
@@ -352,7 +352,8 @@ func getStartAndEndLines(ctx context.Context, pluginName string, gitInfo *plugin
 	var startLine, endLine int
 	var err error
 
-	if pluginName == "filesystem" {
+	switch pluginName {
+	case "filesystem":
 		totalLines, totalOK := ctx.Value(totalLinesKey).(int)
 		chunkLines, chunkOK := ctx.Value(linesInChunkKey).(int)
 
@@ -363,12 +364,12 @@ func getStartAndEndLines(ctx context.Context, pluginName string, gitInfo *plugin
 
 		startLine = value.StartLine + offset
 		endLine = value.EndLine + offset
-	} else if pluginName == "git" {
+	case "git":
 		startLine, endLine, err = plugins.GetGitStartAndEndLine(gitInfo, value.StartLine, value.EndLine)
 		if err != nil {
 			return 0, 0, err
 		}
-	} else {
+	default:
 		startLine = value.StartLine
 		endLine = value.EndLine
 	}

engine/engine_test.go

@@ -470,7 +470,7 @@ func writeTempFile(t *testing.T, dir string, size int, content []byte) string {
 
 	f, err := os.CreateTemp(dir, "testfile-*.tmp")
 	require.NoError(t, err, "create temp file")
-	defer f.Close()
+	defer f.Close() //nolint:errcheck
 
 	var data []byte
 	if content != nil {

go.mod

@@ -1,6 +1,6 @@
 module github.com/checkmarx/2ms/v3
 
-go 1.23.6
+go 1.24.4
 
 require (
 	github.com/bwmarrin/discordgo v0.27.1

lib/reporting/report_test.go

@@ -221,8 +221,6 @@ func TestWriteReportInNonExistingDir(t *testing.T) {
 	if err != nil {
 		t.Error(err)
 	}
-
-	os.RemoveAll(filepath.Join(tempDir, "test_temp_dir"))
 }
 
 func TestGetOutputSarif(t *testing.T) {

lib/utils/flags_test.go

@@ -685,7 +685,7 @@ subcommand:
 			var configFileName string
 			if tc.config != nil {
 				configFileName = writeTempFile(t, tc.config, tc.configFormat)
-				defer os.Remove(configFileName)
+				defer os.Remove(configFileName) //nolint:errcheck
 
 				tc.args = append(tc.args, "--"+configFlagName, configFileName)
 			}

lib/utils/http.go

@@ -43,7 +43,7 @@ func HttpRequest(method string, url string, authorization IAuthorizationHeader,
 		return nil, response, fmt.Errorf("unable to send http request %w", err)
 	}
 
-	defer response.Body.Close()
+	defer response.Body.Close() //nolint:errcheck
 
 	if response.StatusCode < 200 || response.StatusCode >= 300 {
 		if retry.MaxRetries > 0 {

plugins/git.go

@@ -58,7 +58,7 @@ func (p *GitPlugin) DefineCommand(items chan ISourceItem, errors chan error) (*c
 		Args:  cobra.MatchAll(cobra.ExactArgs(1), validGitRepoArgs),
 		Run: func(cmd *cobra.Command, args []string) {
 			log.Info().Msg("Git plugin started")
-			p.scanGit(args[0], p.buildScanOptions(), p.Channels.Items, p.Channels.Errors)
+			p.scanGit(args[0], p.buildScanOptions(), p.Items, p.Errors)
 			p.WaitGroup.Wait()
 			close(items)
 		},

plugins/paligo.go

@@ -73,7 +73,7 @@ func (p *PaligoPlugin) DefineCommand(items chan ISourceItem, errors chan error)
 		Run: func(cmd *cobra.Command, args []string) {
 			// Waits for MarkFlagsOneRequired https://github.com/spf13/cobra/pull/1952
 			if p.auth == "" && (p.username == "" || p.token == "") {
-				p.Channels.Errors <- fmt.Errorf("exactly one of the flags in the group %v must be set; none were set", []string{paligoAuthFlag, paligoUsernameFlag, paligoTokenFlag})
+				p.Errors <- fmt.Errorf("exactly one of the flags in the group %v must be set; none were set", []string{paligoAuthFlag, paligoUsernameFlag, paligoTokenFlag})
 				return
 			}
 			log.Info().Msg("Paligo plugin started")
@@ -107,7 +107,7 @@ func (p *PaligoPlugin) getItems() {
 
 	foldersToProcess, err := p.getFirstProcessingFolders()
 	if err != nil {
-		p.Channels.Errors <- err
+		p.Errors <- err
 		return
 	}
 
@@ -156,14 +156,15 @@ func (p *PaligoPlugin) processFolders(foldersToProcess []PaligoItem) chan Paligo
 			folderInfo, err := p.paligoApi.showFolder(folder.ID)
 			if err != nil {
 				log.Error().Err(err).Msgf("error while getting %s '%s'", folder.Type, folder.Name)
-				p.Channels.Errors <- err
+				p.Errors <- err
 				continue
 			}
 
 			for _, child := range folderInfo.Children {
-				if child.Type == "component" {
+				switch child.Type {
+				case "component":
 					itemsChan <- child
-				} else if child.Type == "folder" {
+				case "folder":
 					foldersToProcess = append(foldersToProcess, child)
 				}
 			}
@@ -180,7 +181,7 @@ func (p *PaligoPlugin) handleComponent(paligoItem PaligoItem) {
 	document, err := p.paligoApi.showDocument(paligoItem.ID)
 	if err != nil {
 		log.Error().Err(err).Msgf("error while getting document '%s'", paligoItem.Name)
-		p.Channels.Errors <- fmt.Errorf("error while getting document '%s': %w", paligoItem.Name, err)
+		p.Errors <- fmt.Errorf("error while getting document '%s': %w", paligoItem.Name, err)
 		return
 	}
 

plugins/slack.go

@@ -52,7 +52,7 @@ func (p *SlackPlugin) DefineCommand(items chan ISourceItem, errors chan error) (
 		Long:  "Scan Slack team for sensitive information.",
 		Run: func(cmd *cobra.Command, args []string) {
 			p.getItems()
-			p.Channels.WaitGroup.Wait()
+			p.WaitGroup.Wait()
 			close(items)
 		},
 	}

tests/lint.go

@@ -66,7 +66,7 @@ func lintFile(path string) error {
 	if err != nil {
 		return err
 	}
-	defer file.Close()
+	defer file.Close() //nolint:errcheck
 
 	scanner := bufio.NewScanner(file)
 	line := 1