Vulnerabilities Fixes and Error_File path integration in Resource Parse error output

.github/workflows/static-check.yml

@@ -16,12 +16,12 @@ jobs:
       - uses: actions/checkout@v3
         with:
           fetch-depth: 1
-      - uses: WillAbides/setup-go-faster@v1.8.0
+      - uses: WillAbides/setup-go-faster@v1.14.0
         with:
           go-version: "1.21.x"
-      - uses: dominikh/staticcheck-action@v1.0.0
+      - uses: dominikh/staticcheck-action@v1.3.1
         with:
-          version: "2023.1.6"
+          version: "2025.1.1"
           install-go: false
           cache-key: "1.21.x"
 env:

cli/resource/process.go

@@ -101,7 +101,7 @@ func ProcessFile(input string, recurse bool) ([]*types.Wrapper, error) {
 		}
 		res, err := Parse(f)
 		if err != nil {
-			return fmt.Errorf("in %s: %s", input, err)
+			return fmt.Errorf("in %s: %s", path, err)
 		}
 		resources = append(resources, res...)
 		return nil

cli/resource/process_test.go

@@ -2,6 +2,7 @@ package resource
 
 import (
 	"encoding/json"
+	"fmt"
 	"io/ioutil"
 	"net/http"
 	"net/http/httptest"
@@ -43,8 +44,26 @@ func TestProcessFile(t *testing.T) {
 	err = ioutil.WriteFile(fp, []byte(`{"type": "Namespace", "spec": {"name": "foo"}}`), 0644)
 	assert.NoError(t, err)
 
-	_, err = ProcessFile(fp, false)
-	assert.NoError(t, err)
+	fpt := filepath.Join(td, "check-memory.yaml")
+	invalidYAML := `
+type: CheckConfig
+api_version: core/v2
+metadata:
+  name: bad-check
+  namespace: default
+spec:
+  command: "echo Hello, World!"
+  interval: 10
+  subscriptions:  # This is invalid because subscriptions should be a list, not a string
+    invalid: "this should be a list"
+`
+	err = ioutil.WriteFile(fpt, []byte(invalidYAML), 0644)
+	require.NoError(t, err)
+	_, err = ProcessFile(fpt, false)
+	assert.Error(t, err)
+	expectedErrorMessage := fmt.Sprintf("in %s: some resources couldn't be parsed", fpt)
+	assert.Contains(t, err.Error(), expectedErrorMessage)
+
 }
 
 func TestManagedByLabelPutter_label(t *testing.T) {

go.mod

@@ -1,7 +1,8 @@
 module github.com/sensu/sensu-go
 
-go 1.21.11
-toolchain go1.22.5
+go 1.22
+
+toolchain go1.23.4
 
 require (
 	github.com/AlecAivazis/survey/v2 v2.2.14
@@ -18,7 +19,7 @@ require (
 	github.com/ghodss/yaml v1.0.0
 	github.com/go-resty/resty/v2 v2.5.0
 	github.com/gogo/protobuf v1.3.2
-	github.com/golang-jwt/jwt/v4 v4.5.0
+	github.com/golang-jwt/jwt/v4 v4.5.1
 	github.com/golang/protobuf v1.5.4
 	github.com/golang/snappy v0.0.4
 	github.com/google/uuid v1.6.0
@@ -64,7 +65,7 @@ require (
 	go.uber.org/zap v1.26.0
 	golang.org/x/crypto v0.33.0
 	golang.org/x/mod v0.17.0
-	golang.org/x/net v0.32.0
+	golang.org/x/net v0.35.0
 	golang.org/x/sys v0.30.0
 	golang.org/x/time v0.9.0
 	google.golang.org/grpc v1.70.0

go.sum

@@ -1211,8 +1211,8 @@ github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXP
 github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
 github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
 github.com/golang-jwt/jwt/v4 v4.4.3/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
-github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
-github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
+github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo=
+github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
 github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4=
@@ -1887,8 +1887,8 @@ golang.org/x/net v0.11.0/go.mod h1:2L/ixqYpgIVXmeoSA/4Lu7BzTG4KIyPIryS4IsOd1oQ=
 golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA=
 golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
 golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
-golang.org/x/net v0.32.0 h1:ZqPmj8Kzc+Y6e0+skZsuACbx+wzMgo5MQsJh9Qd6aYI=
-golang.org/x/net v0.32.0/go.mod h1:CwU0IoeOlnQQWJ6ioyFrfRuomB8GKF6KbYXZVyeXNfs=
+golang.org/x/net v0.35.0 h1:T5GQRQb2y08kTAByq9L4/bz8cipCdA8FbRTXewonqY8=
+golang.org/x/net v0.35.0/go.mod h1:EglIi67kWsHKlRzzVMUD93VMSWGFOMSZgxFjparz1Qk=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=

staticcheck.conf

@@ -43,4 +43,19 @@ checks = [
   # Redundant type in variable declaration.
   # https://staticcheck.io/docs/checks#ST1023
   "-ST1023",
+
+  # Disable SA1029
+  # Inappropriate key in call to context.WithValue
+  # https://staticcheck.io/docs/checks#SA1029
+  "-SA1029",
+
+  # Disable SA1006
+  # Printf with dynamic first argument and no further arguments
+  # https://staticcheck.io/docs/checks#SA1006
+  "-SA1006",
+
+  # Disable S1009
+  # Omit redundant nil check on slices, maps, and channels
+  # https://staticcheck.io/docs/checks#S1009
+  "-S1009"
 ]