README
¶
GOLANGSTER
A Go linter that checks log messages for style and security issues.
Compatible with go vet and golangci-lint.
Rules
| Rule | Description | Example (bad → good) |
|---|---|---|
| lowercase | Log message must start with a lowercase letter | "Starting server" → "starting server" |
| english | Log message must be in English only | "Запуск сервера" → "starting server" |
| special-chars | No emoji, !, ?, or ... in log messages |
"started!🚀" → "started" |
| sensitive | No sensitive data keywords (password, token, etc.) | "user password: " + pwd → remove or mask |
Supported loggers
log(standard library)log/slog(standard library, Go 1.21+)go.uber.org/zap(*zap.Logger,*zap.SugaredLogger)
Installation
go install github.com/idakhno/golangster/cmd/golangster@latest
Usage
As a standalone go vet tool
# Build
go build -o golangster ./cmd/golangster/
# Run on a package
go vet -vettool=./golangster ./...
# Run with specific rules disabled
go vet -vettool=./golangster -sensitive=false ./...
As a golangci-lint plugin
Step 1. Build the plugin (requires CGO):
CGO_ENABLED=1 go build -buildmode=plugin -o golangster.so plugin/plugin.go
Step 2. Configure .golangci.yml:
version: "2"
linters:
default: none
enable:
- golangster
linters-settings:
custom:
golangster:
path: ./golangster.so
description: Checks log messages for style and security issues
original-url: github.com/idakhno/golangster
settings:
rules:
lowercase: true
english_only: true
no_special_chars: true
no_sensitive: true
sensitive_keywords:
- password
- token
- secret
- api_key
Note: The plugin and
golangci-lintbinary must be built with the same Go version and dependency versions. Check with:go version -m $(which golangci-lint)
Step 3. Run:
golangci-lint run
Flags (standalone mode)
| Flag | Default | Description |
|---|---|---|
-lowercase |
true |
Check that messages start with lowercase |
-english |
true |
Check that messages are in English only |
-special-chars |
true |
Check for emoji and special characters |
-sensitive |
true |
Check for sensitive data keywords |
Configuration (plugin mode)
Settings are passed via .golangci.yml under linters-settings.custom.golangster.settings:
settings:
rules:
lowercase: true
english_only: true
no_special_chars: true
no_sensitive: true
sensitive_keywords:
- password
- token
- myCustomSecret
Examples
import "log/slog"
// BAD — triggers all 4 rules
slog.Info("Starting server!") // uppercase + special char
slog.Error("Ошибка подключения") // non-English
slog.Debug("api_key=" + apiKey) // sensitive data
slog.Warn("loading...") // ellipsis
// GOOD
slog.Info("starting server on port 8080")
slog.Error("connection failed")
slog.Debug("request processed")
slog.Warn("cache miss, fetching from db")
Development
# Run all tests
go test -race ./...
# Run only unit tests for rules
go test -v ./pkg/analyzer/rules/...
# Run integration tests (analysistest)
go test -v ./pkg/analyzer/...
# Build binary
go build -o golangster ./cmd/golangster/
Project structure
golangster/
├── cmd/golangster/ # Standalone binary (go vet -vettool)
├── pkg/analyzer/
│ ├── analyzer.go # Main analyzer (analysis.Analyzer)
│ ├── config.go # Configuration
│ ├── detector.go # Log call detection via AST + type checker
│ └── rules/
│ ├── lowercase.go # Rule 1: lowercase start + SuggestedFix
│ ├── english.go # Rule 2: English only
│ ├── special_chars.go # Rule 3: no emoji/special chars
│ └── sensitive.go # Rule 4: no sensitive data
├── plugin/plugin.go # golangci-lint plugin entry point
└── testdata/src/ # analysistest testdata with // want annotations
Directories
Click to show internal directories.
Click to hide internal directories.