Maintaining minor versions on Homebrew

[pauwlsky]

Thank you for creating the issue!

• Yes, I'm using a binary release within 2 latest major releases. Only such installations are supported.
• Yes, I've searched similar issues on GitHub and didn't find any.
• Yes, I've included all information below (version, config, etc).

Please include the following information:

Version of golangci-lint:

1.23.1

Config file

Not relevant for issue

Go environment

go version go1.13.3 darwin/amd64

Verbose output of running

not relevant for issue

Issue:

The lack of older-than-latest golangci-lint versions in Homebrew is making it difficult for our team to smoothly integrate the tool into our dev and CI process due to the prospect of forced upgrades. Because we have learned that minor version upgrades sometimes introduce new linting failures (e.g. when updating from 1.21.0 to 1.23.1; gocyclo and gocognit became stricter between these versions, causing our builds to break; this disagrees with our expectations for semver), we wish to be insulated from a forced update schedule that requires us to suddenly dive in and make code changes or weaken our linter config.

We pin the version we use for our CI server so that it isn't prone to such disruption, but team members rely on Homebrew (when possible) to manage tools for local development. Any time someone doesn't have the current pinned version installed (because they're new, haven't touched the Go code in a while, etc.) and needs to do so, they're out of luck with Homebrew unless it's the latest version, since older versions are apparently being aggressively pruned (other Homebrew packages don't seem to do this so aggressively, so we wonder if it's necessary). While other means are available, this creates tool friction and complexity we'd rather avoid levying on team members diving into areas of code they touch infrequently.

We understand that the recommended means of acquiring a specific version is to use curl or wget to get and run the install script, however for security concerns our team prefers to avoid this practice if possible.

Would it be possible to keep older versions available for longer, so that we don't get cornered into making sudden adjustments like this? Is there a better option we're missing?

Thanks for the great work, hope to hear a response soon.

[aneeshusa]

FYI, at my company we use https://pre-commit.com for this - you have a .pre-commit-config.yaml config file checked into the repo which specifies the golangci-lint version, and the tool handles installing the right version for you. I contributed pre-commit support to golangci-lint a while back.

[ernado]

cc: @jirfag

I'm using linux exclusively so can't help here

[bombsimon]

The brew formulae is created with goreleaser according to this spec. You can support multiple versions according to docs.brew.sh/Versions by creating tagged files with class names following a specific format (more details). However, I cannot find in the goreleaser documentation how one would achieve this.

I found this issue in the goreleaser repository requesting the same feature but according to the answer this is not possible or supported

Maybe look into anther way to update the homebrew formulae?

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[ChrisSargent]

Is there any chance this can be re-opened? We have a pinned version in CI but not locally, it can cause some headaches. If it is not possible, could you please at least provide detailed docs with how to install a specific version?

[bombsimon]

The way to install a given version is the way listed in the docs. You can just add the version you want to install at the end. This actually used to be a part of the docs, not sure when it was removd. F.ex. to install v1.42.0 you would do:

curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v1.42.0

I also wrote a tool for this use case where you might want to switch between versions or have the version defined in your .golangic.yml; gclv.