Skip to content

[linter-miner] linter: add fprintstderrinlibrary — flag fmt.Fprint* to os.Stderr in library packages#39440

Draft
github-actions[bot] wants to merge 1 commit into
mainfrom
linter-miner/fprintstderrinlibrary-1d208175f6925729
Draft

[linter-miner] linter: add fprintstderrinlibrary — flag fmt.Fprint* to os.Stderr in library packages#39440
github-actions[bot] wants to merge 1 commit into
mainfrom
linter-miner/fprintstderrinlibrary-1d208175f6925729

Conversation

@github-actions

@github-actions github-actions Bot commented Jun 15, 2026

Copy link
Copy Markdown
Contributor

Summary

Adds a new custom go/analysis linter fprintstderrinlibrary that reports fmt.Fprintf, fmt.Fprintln, and fmt.Fprint calls writing directly to os.Stderr inside library (pkg/) packages.

Library code should use the structured pkg/logger instead of writing raw text to the error stream. This closes the gap left by the existing rawloginlib linter, which only covers the log.* package family.

What the linter catches

// flagged – library pkg writes directly to stderr
fmt.Fprintf(os.Stderr, "error: %s", err)
fmt.Fprintln(os.Stderr, "something went wrong")
fmt.Fprint(os.Stderr, err)

// ok – stdout or named writer are fine
fmt.Fprintf(os.Stdout, "output: %s", val)
fmt.Fprintln(w, "response data")

Calls in cmd/ and main packages are intentionally skipped (CLIs may write to stderr). The //nolint:fprintstderrinlibrary directive suppresses individual lines.

Evidence

Code-pattern scan (pkg/)

A scan of non-test Go files under pkg/ found 133+ occurrences of fmt.Fprint*(os.Stderr, ...) across:

  • pkg/workflow/ — 124 occurrences
  • pkg/parser/ — 9 occurrences

GitHub Discussions / Issues

Issue #39414 and related issues highlighted that pkg/ packages should use structured logging; the rawloginlib linter already enforces this for log.* but the fmt.Fprint* path was uncovered.

Files changed

File Purpose
pkg/linters/fprintstderrinlibrary/fprintstderrinlibrary.go Analyzer implementation
pkg/linters/fprintstderrinlibrary/fprintstderrinlibrary_test.go Unit tests via analysistest
pkg/linters/fprintstderrinlibrary/testdata/src/fprintstderrinlibrary/fprintstderrinlibrary.go Test fixture with // want annotations
cmd/linters/main.go Register the new analyzer in the multichecker

Testing

go build ./cmd/linters   ✅
go test ./pkg/linters/fprintstderrinlibrary/...   ✅

Run

Linter Miner run #39 — workflow run 27568750533

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • releaseassets.githubusercontent.com

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "releaseassets.githubusercontent.com"

See Network Configuration for more information.

Generated by Linter Miner · 1.5K AIC · ⌖ 26.7 AIC · ⊞ 17.5K ·

  • expires on Jun 22, 2026, 11:30 AM UTC-08:00

@github-actions
linter: add fprintstderrinlibrary analyzer
6fb7e1d 
Reports fmt.Fprintf/Fprintln/Fprint calls that write directly to os.Stderr
in library (pkg/) packages. Library code should use pkg/logger for structured
logging rather than writing raw text to the standard error stream.

This linter complements the existing rawloginlib analyzer (which flags
log.* calls) by covering the fmt.Fprint* family of stderr writes, closing
the gap for 133+ call sites found across pkg/workflow/ and pkg/parser/.

Evidence:
- Code-pattern scan found 133 fmt.Fprint*(os.Stderr, ...) calls in pkg/
- Consistent with the library logging policy enforced by rawloginlib
- Not covered by any standard golangci-lint rule enabled by default

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@github-actions github-actions Bot added automation cookie Issue Monster Loves Cookies! go-linters labels Jun 15, 2026
@github-actions github-actions Bot mentioned this pull request Jun 16, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

automation cookie Issue Monster Loves Cookies! go-linters

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants