staticcheck already supports go 1.18, but review dog doesn't

Is there a release on the way?

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• chore(deps): update actions/checkout action to v4.1.6

Detected dependencies

• Check this box to trigger a request for Renovate to run again on this repository

I'm seeing this behavior:

With this config:

  staticcheck:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: reviewdog/action-staticcheck@v1
        with:
          github_token: ${{ secrets.github_token }}
          reporter: github-check

Is it expected to fail a PR if there are no newly introduced lint issues?

This is a follow-up to #16.

It's safer to use a fixed staticcheck version and automate updating it with depup instead of installing the latest version.

Optionally, we can also support specifying the staticcheck version as an action input.
Personally, I don't like this option so much because ...

1. Generally it's good to use the latest version so that users can enjoy the latest improved version of staticcheck.
2. Most users won't notice and could forget the new version of staticcheck if we put this as an action input. Users can use action-depup to update the staticcheck version input, but probably it's too much work.
3. It would be hard to maintain the script in this action. Suppose a new staticcheck introduced new flags or breaking changes, it's difficult to update the script if users pass an old version as the input.

Users can still pin the action-staticcheck version to pin staticcheck version or they can manually install staticcheck and reviewdog if they want to stick with an old version.

cc/ @kstiehl @dominikh

@kstiehl, I'd appreciate it if you want to work on this issue but I'll leave it to you :)

actions/create-release used above is unmaintained and uses the deprecated Node.js 12.
Therefore, it should be replaced with other Actions.

[FYI]

• Alternate Actions list: https://github.com/actions/create-release
• Error that Node.js 12 is deprecated: https://github.com/reviewdog/action-staticcheck/actions/runs/5202945118

i'm getting errors like WriteFile not declared by package os. staticcheck seems to work fine locally.

I have a build failure that I believe indicates that the version of the staticcheck binary was not built with go 1.16 (lint failure on embed package import).

I'm trying to setup this action in a golang project that uses private github repos. I've had success in other cases adding a step to the build to configure authentication using an auth token, but this doesn't seem to work with this action.

name: reviewdog
on: [pull_request]
jobs:
  staticcheck:
    name: runner / staticcheck
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Configure git for private modules
        env:
          TOKEN: ${{ secrets.USER_TOKEN }}
        run: git config --global url."https://my-github-user:${TOKEN}@github.com".insteadOf "https://github.com"
      - uses: reviewdog/action-staticcheck@v1
        with:
          github_token: ${{ secrets.github_token }}
          reporter: github-pr-review
          filter_mode: nofilter
          fail_on_error: true

I've tried setting GIT_TERMINAL_PROMPT=1 in the staticcheck environment and using my token as the github token for staticcheck, both with no success.

The error is as follows, with specific information removed:

err: exit status 1: stderr: go: github.com/Organization/repository@versionref: invalid version: git fetch -f origin refs/heads/*:refs/heads/* refs/tags/*:refs/tags/* in /go/pkg/mod/cache/vcs/daca67f07b1fc0438808c512647cb396744c1640c17a52da47f378d3533b2fb5: exit status 128:
	fatal: could not read Username for 'github.com': No such device or address

Thanks for any help!