chore(deps): update dependency golangci-lint to v2.12.2

[red-hat-konflux]

This PR contains the following updates:

Package	Update	Change
golangci-lint	minor	v2.8.0 → v2.12.2

---

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

---

Release Notes

golangci/golangci-lint (golangci-lint)

v2.12.2

Compare Source

Released on 2026-05-06

1. Linters bug fixes
   • gomodguard_v2: fix blocked configuration
   • gomodguard_v2: from 2.1.0 to 2.1.3
   • iface: from 1.4.1 to 1.4.2

v2.12.1

Compare Source

Released on 2026-05-01

1. Linters bug fixes
   • gomodguard_v2: fix panic with migration suggestion
2. Misc.
   • fix install.sh script (if you are still using an URL based on the branch master, please update to use https://golangci-lint.run/install.sh)

v2.12.0

Compare Source

Released on 2026-05-01

1. New linters
   • Add clickhouselint linter https://github.com/ClickHouse/clickhouse-go-linter
2. Linters new features or changes
   • dupl: from f665c8d to c99c5cf (extended detection)
   • funcorder: from 0.5.0 to 0.6.0 (new option: function)
   • goconst: add an option to ignore strings from tests
   • goconst: from 1.8.2 to 1.10.0 (extended detection)
   • gomodguard_v2: from 1.4.1 to 2.1.0 (major version with new configuration)
   • gosec: from 619ce21 to 2.26.1 (new checks: G124, G708, G709, G710)
   • govet: add inline analyzer
   • makezero: from 2.1.0 to 2.2.1 (support slice type aliases)
   • paralleltest: expose checkcleanup option
   • sloglint: from 0.11.1 to 0.12.0 (new options: allowed-keys, custom-funcs)
   • wsl_v5: from 5.6.0 to 5.8.0 (new option: cuddle-max-statements; new checks: after-decl, after-defer, after-expr, after-go, cuddle-group)
3. Linters bug fixes
   • forbidigo: from 2.3.0 to 2.3.1
   • godot: from 1.5.4 to 1.5.6
   • govet-modernize: from 0.43.0 to 0.44.0
   • ireturn: from 0.4.0 to 0.4.1
   • rowserrcheck: from 1.1.1 to c5f79b8
4. Misc.
   • Decrease cache entropy
   • Embed the JSON schema in the binary
   • Filter env vars when cloning the repository with the custom command

v2.11.4

Compare Source

Released on 2026-03-22

1. Linters bug fixes
   • govet-modernize: from 0.42.0 to 0.43.0
   • noctx: from 0.5.0 to 0.5.1
   • sqlclosecheck: from 0.5.1 to 0.6.0

v2.11.3

Compare Source

Released on 2026-03-10

1. Linters bug fixes
   • gosec: from v2.24.7 to 619ce21

v2.11.2

Compare Source

Released on 2026-03-07

1. Fixes
   • fmt: fix error when using the fmt command with explicit paths.

v2.11.1

Compare Source

Released on 2026-03-06

Due to an error related to AUR, some artifacts of the v2.11.0 release have not been published.

This release contains the same things as v2.11.0.

v2.11.0

Compare Source

Released on 2026-03-06

1. Linters new features or changes
   • errcheck: from 1.9.0 to 1.10.0 (exclude crypto/rand.Read by default)
   • gosec: from 2.23.0 to 2.24.6 (new rules: G113, G118, G119, G120, G121, G122, G123, G408, G707)
   • noctx: from 0.4.0 to 0.5.0 (new detection: httptest.NewRequestWithContext)
   • prealloc: from 1.0.2 to 1.1.0
   • revive: from 1.14.0 to 1.15.0 (⚠️ Breaking change: package-related checks moved from var-naming to a new rule package-naming)
2. Linters bug fixes
   • gocognit: from 1.2.0 to 1.2.1
   • gosec: from 2.24.6 to 2.24.7
   • unqueryvet: from 1.5.3 to 1.5.4

v2.10.1

Compare Source

Released on 2026-02-17

1. Fixes
   • buildssa panic

v2.10.0

Compare Source

Released on 2026-02-17

1. Linters new features or changes
   • ginkgolinter: from 0.22.0 to 0.23.0
   • gosec: from 2.22.11 to 2.23.0 (new rules: G117, G602, G701, G702, G703, G704, G705, G706)
   • staticcheck: from 0.6.1 to 0.7.0
2. Linters bug fixes
   • godoclint: from 0.11.1 to 0.11.2

v2.9.0

Compare Source

Released on 2026-02-10

1. Enhancements
   • 🎉 go1.26 support
2. Linters new features or changes
   • arangolint: from 0.3.1 to 0.4.0 (new rule: detect potential query injections)
   • ginkgolinter: from 0.21.2 to 0.22.0 (support for wrappers)
   • golines: from 0.14.0 to 0.15.0
   • misspell: from 0.7.0 to 0.8.0
   • revive: from v1.13.0 to v1.14.0 (new rules: epoch-naming, use-slices-sort)
   • unqueryvet: from 1.4.0 to 1.5.3 (new options: check-n1, check-sql-injection, check-tx-leaks, allow, custom-rules)
   • wsl_v5: from 5.3.0 to 5.6.0 (new rule: after-block)
3. Linters bug fixes
   • modernize: from 0.41.0 to 0.42.0
   • prealloc: from 1.0.1 to 1.0.2
   • protogetter: from 0.3.18 to 0.3.20
4. Misc.
   • Log information about files when configuration verification
   • Emit an error when no linters enabled
   • Do not collect VCS information when loading code

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

---

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 30.42%. Comparing base (30b951f) to head (4f2bea4).

❗ There is a different number of reports uploaded between BASE (30b951f) and HEAD (4f2bea4). Click for more details.

HEAD has 3 uploads less than BASE

Flag	BASE (30b951f)	HEAD (4f2bea4)
unit-tests	2	0
e2e-tests	2	1

Additional details and impacted files

@@             Coverage Diff             @@
##             main     #884       +/-   ##
===========================================
- Coverage   68.46%   30.42%   -38.05%     
===========================================
  Files          26       26               
  Lines        2794     2794               
===========================================
- Hits         1913      850     -1063     
- Misses        704     1779     +1075     
+ Partials      177      165       -12     

Flag	Coverage Δ
e2e-tests	30.42% <ø> (ø)
unit-tests	?

Flags with carried forward coverage won't be shown. Click here to find out more.
see 22 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[github-actions]

AI Dependency Impact Analysis

Previous analysis

Risk Level: MEDIUM

Summary of Dependency Changes

This PR updates golangci-lint from v2.8.0 to v2.12.2, including several minor version increments. The updates introduce new linters (clickhouselint) and new features or changes to existing linters like dupl, funcorder, goconst, gomodguard_v2, gosec, govet, makezero, paralleltest, sloglint, and wsl_v5. The updates also include several bug fixes for various linters.

Affected Code

Since golangci-lint is a static analysis tool, we don't directly import it into our Go code. Instead, it's used in our CI/CD pipeline to analyze our code for potential issues. The update could indirectly affect our code by introducing new linting rules or changing the behavior of existing rules, leading to new findings.

Breaking Change Assessment

As a minor version bump, significant breaking changes are not expected. However, the update to gomodguard_v2 from 1.4.1 to 2.1.0 is mentioned as a major version update with new configuration. The update to revive from 1.14.0 to 1.15.0 also notes a breaking change regarding package-naming. These changes in linters configurations could affect the outcome of the linting process, potentially flagging code that was previously considered valid.

Security Assessment

No security advisories or govulncheck data are present.

Recommended Action

Review specific areas: Review the .golangci.yml configuration file for gomodguard_v2 and revive to check for any needed configuration changes. Also, run golangci-lint locally to verify that no new linting errors are introduced by the update and that existing ones are still correctly identified.

Risk Level: MEDIUM

Summary of Dependency Changes

This PR updates golangci-lint from v2.8.0 to v2.12.2. The updates include new linters, new features and changes to existing linters, and bug fixes. Notably, the gomodguard_v2 linter has a major version bump, and several linters have new options and checks that could lead to new findings.

Affected Code

Our codebase does not directly import golangci-lint as a library. It is used as a CLI tool in our CI/CD pipeline to enforce code quality standards. The configuration file (.golangci.yml) determines which linters are enabled and their settings.

Breaking Change Assessment

While this is a minor version bump, the included changes to linters such as gomodguard_v2 and revive could introduce new findings based on our existing configuration, which would effectively be a breaking change to our existing workflow. In addition, the large jump in minor versions means there is a higher likelihood of subtle changes to linter behavior that might require adjustments to our code or configuration.

Security Assessment

No security advisories or govulncheck results were provided.

Recommended Action

Review specific areas: Review the golangci-lint configuration (.golangci.yml) and CI output to check for new linter findings. Pay specific attention to issues reported by the updated linters (gomodguard_v2, revive, gosec, and wsl_v5).

[github-actions]

Risk Level: MEDIUM

Summary of Dependency Changes

This PR updates golangci-lint from v2.8.0 to v2.12.2, including several minor version increments. The updates introduce new linters (clickhouselint) and new features or changes to existing linters like dupl, funcorder, goconst, gomodguard_v2, gosec, govet, makezero, paralleltest, sloglint, and wsl_v5. The updates also include several bug fixes for various linters.

Affected Code

Since golangci-lint is a static analysis tool, we don't directly import it into our Go code. Instead, it's used in our CI/CD pipeline to analyze our code for potential issues. The update could indirectly affect our code by introducing new linting rules or changing the behavior of existing rules, leading to new findings.

Breaking Change Assessment

As a minor version bump, significant breaking changes are not expected. However, the update to gomodguard_v2 from 1.4.1 to 2.1.0 is mentioned as a major version update with new configuration. The update to revive from 1.14.0 to 1.15.0 also notes a breaking change regarding package-naming. These changes in linters configurations could affect the outcome of the linting process, potentially flagging code that was previously considered valid.

Security Assessment

No security advisories or govulncheck data are present.

Recommended Action

Review specific areas: Review the .golangci.yml configuration file for gomodguard_v2 and revive to check for any needed configuration changes. Also, run golangci-lint locally to verify that no new linting errors are introduced by the update and that existing ones are still correctly identified.

[github-actions]

Risk Level: MEDIUM

Summary of Dependency Changes

This PR updates golangci-lint from v2.8.0 to v2.12.2. The updates include new linters, new features and changes to existing linters, and bug fixes. Notably, the gomodguard_v2 linter has a major version bump, and several linters have new options and checks that could lead to new findings.

Affected Code

Our codebase does not directly import golangci-lint as a library. It is used as a CLI tool in our CI/CD pipeline to enforce code quality standards. The configuration file (.golangci.yml) determines which linters are enabled and their settings.

Breaking Change Assessment

While this is a minor version bump, the included changes to linters such as gomodguard_v2 and revive could introduce new findings based on our existing configuration, which would effectively be a breaking change to our existing workflow. In addition, the large jump in minor versions means there is a higher likelihood of subtle changes to linter behavior that might require adjustments to our code or configuration.

Security Assessment

No security advisories or govulncheck results were provided.

Recommended Action

Review specific areas: Review the golangci-lint configuration (.golangci.yml) and CI output to check for new linter findings. Pay specific attention to issues reported by the updated linters (gomodguard_v2, revive, gosec, and wsl_v5).

[qodo-code-review]

CI Feedback 🧐

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: Golang Unit tests

Failed stage: Build [❌]

Failure summary: The action failed during the make build step because the fmt target runs golangci-lint via go run, but the tool requires a newer Go version: - github.com/golangci/golangci-lint/v2@v2.12.2 requires go >= 1.25.0 while the runner is using go1.24.6 with GOTOOLCHAIN=local (log line 221). - This version mismatch causes make to fail at Makefile:21 (fmt target), exiting with error code 2 (log lines 222-223).

Relevant error logs: 1: ##[group]Runner Image Provisioner 2: Hosted Compute Agent ... 207: GOVCS='' 208: GOVERSION='go1.24.6' 209: GOWORK='' 210: PKG_CONFIG='pkg-config' 211: ##[endgroup] 212: ##[group]Run make build 213: �[36;1mmake build�[0m 214: shell: /usr/bin/bash -e {0} 215: env: 216: on-event: pull_request 217: GOTOOLCHAIN: local 218: ##[endgroup] 219: go run github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v2.12.2 fmt ./... 220: go: downloading github.com/golangci/golangci-lint/v2 v2.12.2 221: go: github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v2.12.2: github.com/golangci/golangci-lint/v2@v2.12.2 requires go >= 1.25.0 (running go 1.24.6; GOTOOLCHAIN=local) 222: make: *** [Makefile:21: fmt] Error 1 223: ##[error]Process completed with exit code 2. 224: Post job cleanup.

[oswcab]

Requires Go 1.25:

go: github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v2.12.2: github.com/golangci/golangci-lint/v2@v2.12.2 requires go >= 1.25.0 (running go 1.24.6; GOTOOLCHAIN=local)
make: *** [Makefile:21: fmt] Error 1

[red-hat-konflux]

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update (v2.12.2). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.