all: remove the nolint tags

The "nolint" tag is used to ignore lines from being processed by
golangci-lint.
Since we are not using golangci-lint anymore, now and in the
future, those lines can be removed.

18 files changed, 57 insertions, 64 deletions

diff --git a/lib/crypto/crypto.go b/lib/crypto/crypto.go
index b85b5266..0ba4d9ff 100644
--- a/lib/crypto/crypto.go
+++ b/lib/crypto/crypto.go
@@ -1,6 +1,6 @@
-// Copyright 2019, Shulhan <ms@kilabit.info>. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
+// SPDX-FileCopyrightText: 2019 M. Shulhan <ms@kilabit.info>
+//
+// SPDX-License-Identifier: BSD-3-Clause
 
 // Package crypto provide a wrapper for standard crypto package and
 // golang.org/x/crypto.
@@ -39,7 +39,7 @@ var ErrStdinPassphrase = errors.New(`cannot read passhprase from stdin`)
 // List of environment variables reads when reading passphrase
 // interactively.
 const (
-	envKeySSHAskpassRequire = `SSH_ASKPASS_REQUIRE` //nolint: gosec
+	envKeySSHAskpassRequire = `SSH_ASKPASS_REQUIRE`
 	envKeySSHAskpass        = `SSH_ASKPASS`
 	envKeyDisplay           = `DISPLAY`
 )
diff --git a/lib/dns/doh_client.go b/lib/dns/doh_client.go
index 9e6db4b9..10759ed0 100644
--- a/lib/dns/doh_client.go
+++ b/lib/dns/doh_client.go
@@ -1,6 +1,6 @@
-// Copyright 2018, Shulhan <ms@kilabit.info>. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
+// SPDX-FileCopyrightText: 2018 M. Shulhan <ms@kilabit.info>
+//
+// SPDX-License-Identifier: BSD-3-Clause
 
 package dns
 
@@ -51,7 +51,7 @@ func NewDoHClient(nameserver string, allowInsecure bool) (cl *DoHClient, err err
 		MaxIdleConns:    1,
 		IdleConnTimeout: 30 * time.Second,
 		TLSClientConfig: &tls.Config{
-			InsecureSkipVerify: allowInsecure, //nolint:gosec
+			InsecureSkipVerify: allowInsecure,
 		},
 	}
 
diff --git a/lib/dns/dot_client.go b/lib/dns/dot_client.go
index 1fc02920..a3eea4af 100644
--- a/lib/dns/dot_client.go
+++ b/lib/dns/dot_client.go
@@ -43,7 +43,7 @@ func NewDoTClient(nameserver string, allowInsecure bool) (cl *DoTClient, err err
 
 	nameserver = fmt.Sprintf("%s:%d", remoteIP, port)
 
-	tlsConfig.InsecureSkipVerify = allowInsecure //nolint:gosec
+	tlsConfig.InsecureSkipVerify = allowInsecure
 
 	cl.conn, err = tls.Dial("tcp", nameserver, &tlsConfig)
 	if err != nil {
diff --git a/lib/dns/server.go b/lib/dns/server.go
index 7eb8fea6..8f74fd90 100644
--- a/lib/dns/server.go
+++ b/lib/dns/server.go
@@ -131,7 +131,7 @@ func NewServer(opts *ServerOptions) (srv *Server, err error) {
 			Certificates: []tls.Certificate{
 				cert,
 			},
-			InsecureSkipVerify: opts.TLSAllowInsecure, //nolint:gosec
+			InsecureSkipVerify: opts.TLSAllowInsecure,
 		}
 	}
 
diff --git a/lib/email/body.go b/lib/email/body.go
index a619a2f7..a2f02476 100644
--- a/lib/email/body.go
+++ b/lib/email/body.go
@@ -258,7 +258,7 @@ func (body *Body) Simple() (out []byte) {
 	case 1:
 	default:
 		if out[x-1] != cr && out[x] != lf {
-			out = append(out, "\r\n"...) //nolint:makezero
+			out = append(out, "\r\n"...)
 		}
 	}
 
diff --git a/lib/email/dkim/signature.go b/lib/email/dkim/signature.go
index 6d3129c0..3a8aeeff 100644
--- a/lib/email/dkim/signature.go
+++ b/lib/email/dkim/signature.go
@@ -9,7 +9,7 @@ import (
 	"crypto"
 	"crypto/rand"
 	"crypto/rsa"
-	"crypto/sha1" //nolint:gosec
+	"crypto/sha1"
 	"crypto/sha256"
 	"encoding/base64"
 	"errors"
@@ -154,7 +154,7 @@ func (sig *Signature) Hash(in []byte) (h, h64 []byte) {
 		h256 := sha256.Sum256(in)
 		h = h256[:]
 	} else {
-		h1 := sha1.Sum(in) //nolint:gosec
+		h1 := sha1.Sum(in)
 		h = h1[:]
 	}
 
diff --git a/lib/http/response_test.go b/lib/http/response_test.go
index 5f1c55bf..1200c978 100644
--- a/lib/http/response_test.go
+++ b/lib/http/response_test.go
@@ -1,6 +1,6 @@
-// Copyright 2019, Shulhan <ms@kilabit.info>. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
+// SPDX-FileCopyrightText: 2019 M. Shulhan <ms@kilabit.info>
+//
+// SPDX-License-Identifier: BSD-3-Clause
 
 package http
 
@@ -103,7 +103,7 @@ func TestParseResponseHeader(t *testing.T) {
 	for _, c := range cases {
 		t.Log(c.desc)
 
-		got, rest, err := ParseResponseHeader([]byte(c.raw)) //nolint: bodyclose
+		got, rest, err := ParseResponseHeader([]byte(c.raw))
 		if err != nil {
 			test.Assert(t, "error", c.expErr, err.Error())
 			continue
diff --git a/lib/http/sseclient/sseclient.go b/lib/http/sseclient/sseclient.go
index 1f09a381..dc05e9cf 100644
--- a/lib/http/sseclient/sseclient.go
+++ b/lib/http/sseclient/sseclient.go
@@ -1,6 +1,6 @@
-// Copyright 2023, Shulhan <ms@kilabit.info>. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
+// SPDX-FileCopyrightText: 2023 M. Shulhan <ms@kilabit.info>
+//
+// SPDX-License-Identifier: BSD-3-Clause
 
 // Package sseclient implement HTTP client for Server-Sent Events (SSE).
 //
@@ -197,7 +197,7 @@ func (cl *Client) init(header http.Header) (err error) {
 func (cl *Client) dial() (err error) {
 	if cl.serverURL.Scheme == `https` {
 		var tlsConfig = &tls.Config{
-			InsecureSkipVerify: cl.Insecure, //nolint:gosec
+			InsecureSkipVerify: cl.Insecure,
 		}
 		cl.conn, err = tls.Dial(`tcp`, cl.serverURL.Host, tlsConfig)
 	} else {
@@ -227,7 +227,7 @@ func (cl *Client) handshake() (packet []byte, err error) {
 
 	var httpRes *http.Response
 
-	httpRes, packet, err = libhttp.ParseResponseHeader(packet) //nolint:bodyclose
+	httpRes, packet, err = libhttp.ParseResponseHeader(packet)
 	if err != nil {
 		return nil, err
 	}
diff --git a/lib/ini/reader.go b/lib/ini/reader.go
index 5e27a226..39ed6d6e 100644
--- a/lib/ini/reader.go
+++ b/lib/ini/reader.go
@@ -392,7 +392,7 @@ func (reader *reader) parseVariable() (err error) {
 	reader._var.format = reader.bufFormat.String()
 	reader._var.key = reader.buf.String()
 
-	return nil //nolint:nilerr
+	return nil
 }
 
 // parsePossibleValue will check if the next character after space is comment
@@ -428,7 +428,7 @@ func (reader *reader) parsePossibleValue() (err error) {
 	reader._var.mode = lineModeKeyOnly
 	reader._var.format = reader.bufFormat.String()
 
-	return nil //nolint:nilerr
+	return nil
 }
 
 // At this point we found `=` on source, and we expect the rest of source will
diff --git a/lib/math/big/rat.go b/lib/math/big/rat.go
index db2b6049..49f6f995 100644
--- a/lib/math/big/rat.go
+++ b/lib/math/big/rat.go
@@ -304,11 +304,10 @@ func (r *Rat) Mul(g any) *Rat {
 		return nil
 	}
 	r.Rat.Mul(&r.Rat, &y.Rat)
+
 	// This security issue has been fixed since Go 1.17.7,
 	// - https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ
 	// - https://github.com/golang/go/issues/50699
-	//
-	//nolint:gosec
 	r.Rat.SetString(r.String())
 
 	return r
@@ -325,7 +324,7 @@ func (r *Rat) Quo(g any) *Rat {
 		return nil
 	}
 	r.Rat.Quo(&r.Rat, &y.Rat)
-	r.Rat.SetString(r.String()) //nolint:gosec
+	r.Rat.SetString(r.String())
 	return r
 }
 
@@ -360,7 +359,7 @@ func (r *Rat) RoundToNearestAway(prec int) *Rat {
 	if r == nil {
 		return nil
 	}
-	r.Rat.SetString(r.FloatString(prec)) //nolint:gosec
+	r.Rat.SetString(r.FloatString(prec))
 	return r
 }
 
@@ -378,7 +377,7 @@ func (r *Rat) RoundToZero(prec int) *Rat {
 		b = append(b, '.')
 		b = append(b, nums[1][:prec]...)
 	}
-	r.Rat.SetString(string(b)) //nolint:gosec
+	r.Rat.SetString(string(b))
 	return r
 }
 
@@ -443,7 +442,7 @@ func (r *Rat) Sub(g any) *Rat {
 func (r *Rat) UnmarshalJSON(in []byte) (err error) {
 	in = bytes.Trim(in, `"`)
 	r.SetInt64(0)
-	_, ok := r.Rat.SetString(string(in)) //nolint:gosec
+	_, ok := r.Rat.SetString(string(in))
 	if !ok {
 		return fmt.Errorf("Rat.UnmarshalJSON: cannot convert %T(%v) to Rat", in, in)
 	}
@@ -473,7 +472,7 @@ func toRat(g any) (out *Rat) {
 			out.SetInt64(0)
 		} else {
 			v = bytes.ReplaceAll(v, []byte{'_'}, nil)
-			_, ok := out.Rat.SetString(string(v)) //nolint:gosec
+			_, ok := out.Rat.SetString(string(v))
 			if !ok {
 				return nil
 			}
@@ -485,7 +484,7 @@ func toRat(g any) (out *Rat) {
 			// Replace the underscore character, so we can write the
 			// number as "0.000_000_1".
 			v = strings.ReplaceAll(v, "_", "")
-			_, ok := out.Rat.SetString(v) //nolint:gosec
+			_, ok := out.Rat.SetString(v)
 			if !ok {
 				return nil
 			}
diff --git a/lib/os/extract.go b/lib/os/extract.go
index 3125429f..b3c26a85 100644
--- a/lib/os/extract.go
+++ b/lib/os/extract.go
@@ -1,6 +1,6 @@
-// Copyright 2022, Shulhan <ms@kilabit.info>. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
+// SPDX-FileCopyrightText: 2022 M. Shulhan <ms@kilabit.info>
+//
+// SPDX-License-Identifier: BSD-3-Clause
 
 package os
 
@@ -334,8 +334,6 @@ func (xtrk *extractor) untar(fin io.Reader) (err error) {
 		// under the dirOutput, then we return it as error.
 		//
 		// [CWE-22]: https://cwe.mitre.org/data/definitions/22.html
-		//
-		//nolint:gosec
 		filePath = filepath.Join(xtrk.dirOutput, hdr.Name)
 
 		if !strings.HasPrefix(filePath, xtrk.dirOutput) {
@@ -421,8 +419,6 @@ func (xtrk *extractor) unzip(fin *os.File) (err error) {
 		// under the dirOutput, then we return it as error.
 		//
 		// [CWE-22]: https://cwe.mitre.org/data/definitions/22.html
-		//
-		//nolint:gosec
 		filePath = filepath.Join(xtrk.dirOutput, zipFile.Name)
 
 		if !strings.HasPrefix(filePath, xtrk.dirOutput) {
diff --git a/lib/smtp/client.go b/lib/smtp/client.go
index 65f1bd76..77e10d00 100644
--- a/lib/smtp/client.go
+++ b/lib/smtp/client.go
@@ -1,6 +1,6 @@
-// Copyright 2018, Shulhan <ms@kilabit.info>. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
+// SPDX-FileCopyrightText: 2018 M. Shulhan <ms@kilabit.info>
+//
+// SPDX-License-Identifier: BSD-3-Clause
 
 package smtp
 
@@ -151,7 +151,7 @@ func (cl *Client) connect(localName string) (res *Response, err error) {
 	if cl.isTLS {
 		tlsConfig := &tls.Config{
 			ServerName:         cl.serverName,
-			InsecureSkipVerify: cl.opts.Insecure, //nolint:gosec
+			InsecureSkipVerify: cl.opts.Insecure,
 		}
 
 		cl.conn = tls.Client(cl.conn, tlsConfig)
@@ -501,7 +501,7 @@ func (cl *Client) StartTLS() (res *Response, err error) {
 
 	tlsConfig := &tls.Config{
 		ServerName:         cl.serverName,
-		InsecureSkipVerify: cl.opts.Insecure, //nolint:gosec
+		InsecureSkipVerify: cl.opts.Insecure,
 	}
 
 	cl.conn = tls.Client(cl.conn, tlsConfig)
diff --git a/lib/ssh/client.go b/lib/ssh/client.go
index c65579bf..cff1c9a9 100644
--- a/lib/ssh/client.go
+++ b/lib/ssh/client.go
@@ -150,8 +150,6 @@ func (cl *Client) setConfigHostKeyCallback() (err error) {
 		if knownHosts == sshconfig.ValueNone {
 			// If one of the UserKnownHosts set to "none" always
 			// accept the remote hosts.
-			//
-			//nolint:gosec
 			cl.config.HostKeyCallback = ssh.InsecureIgnoreHostKey()
 			return nil
 		}
diff --git a/lib/test/httptest/httptest.go b/lib/test/httptest/httptest.go
index ff5b4c2d..23c31248 100644
--- a/lib/test/httptest/httptest.go
+++ b/lib/test/httptest/httptest.go
@@ -1,6 +1,6 @@
-// Copyright 2024, Shulhan <ms@kilabit.info>. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
+// SPDX-FileCopyrightText: 2024 M. Shulhan <ms@kilabit.info>
+//
+// SPDX-License-Identifier: BSD-3-Clause
 
 // Package httptest implement testing HTTP package.
 package httptest
@@ -29,7 +29,7 @@ func Simulate(serve http.HandlerFunc, req *SimulateRequest) (result *SimulateRes
 
 	serve(httpWriter, result.Request)
 
-	result.Response = httpWriter.Result() //nolint:bodyclose
+	result.Response = httpWriter.Result()
 
 	result.ResponseBody, err = io.ReadAll(result.Response.Body)
 	if err != nil {
diff --git a/lib/totp/totp.go b/lib/totp/totp.go
index f3cc5168..029ab360 100644
--- a/lib/totp/totp.go
+++ b/lib/totp/totp.go
@@ -11,7 +11,7 @@ package totp
 import (
 	"crypto"
 	"crypto/hmac"
-	"crypto/sha1" //nolint:gosec
+	"crypto/sha1"
 	"crypto/sha256"
 	"crypto/sha512"
 	"encoding/hex"
diff --git a/lib/totp/totp_test.go b/lib/totp/totp_test.go
index 34c1218f..49f29c65 100644
--- a/lib/totp/totp_test.go
+++ b/lib/totp/totp_test.go
@@ -1,12 +1,12 @@
-// Copyright 2018, Shulhan <ms@kilabit.info>. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
+// SPDX-FileCopyrightText: 2018 M. Shulhan <ms@kilabit.info>
+//
+// SPDX-License-Identifier: BSD-3-Clause
 
 package totp
 
 import (
 	"crypto/hmac"
-	"crypto/sha1" //nolint:gosec
+	"crypto/sha1"
 	"crypto/sha256"
 	"crypto/sha512"
 	"encoding/hex"
diff --git a/lib/websocket/client.go b/lib/websocket/client.go
index 017d386d..f4dc04eb 100644
--- a/lib/websocket/client.go
+++ b/lib/websocket/client.go
@@ -1,6 +1,6 @@
-// Copyright 2018, Shulhan <ms@kilabit.info>. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
+// SPDX-FileCopyrightText: 2018 M. Shulhan <ms@kilabit.info>
+//
+// SPDX-License-Identifier: BSD-3-Clause
 
 package websocket
 
@@ -612,7 +612,7 @@ func (cl *Client) handleFrame(frame *Frame) (isClosing bool) {
 func (cl *Client) handleHandshake(keyAccept string, resp []byte) (rest []byte, err error) {
 	var httpRes *http.Response
 
-	httpRes, rest, err = libhttp.ParseResponseHeader(resp) //nolint: bodyclose
+	httpRes, rest, err = libhttp.ParseResponseHeader(resp)
 	if err != nil {
 		return nil, err
 	}
diff --git a/lib/websocket/funcs.go b/lib/websocket/funcs.go
index 9a9ec142..293213a1 100644
--- a/lib/websocket/funcs.go
+++ b/lib/websocket/funcs.go
@@ -1,12 +1,12 @@
-// Copyright 2019, Shulhan <ms@kilabit.info>. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
+// SPDX-FileCopyrightText: 2019 M. Shulhan <ms@kilabit.info>
+//
+// SPDX-License-Identifier: BSD-3-Clause
 
 package websocket
 
 import (
 	"crypto/rand"
-	"crypto/sha1" //nolint:gosec
+	"crypto/sha1"
 	"encoding/base64"
 	"errors"
 	"fmt"
@@ -132,7 +132,7 @@ func Send(fd int, packet []byte, timeout time.Duration) (err error) {
 // Section 4 of [RFC4648]) this 20-byte hash.
 func generateHandshakeAccept(key []byte) string {
 	key = append(key, "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"...)
-	var sum = sha1.Sum(key) //nolint:gosec
+	var sum = sha1.Sum(key)
 	return base64.StdEncoding.EncodeToString(sum[:])
 }