chore(deps): update dependency aqua:golangci/golangci-lint to v2.12.2

[renovate]

This PR contains the following updates:

Package	Update	Change
aqua:golangci/golangci-lint	minor	2.11.4 → 2.12.2

---

Release Notes

golangci/golangci-lint (aqua:golangci/golangci-lint)

v2.12.2

Compare Source

Released on 2026-05-06

1. Linters bug fixes
   • gomodguard_v2: fix blocked configuration
   • gomodguard_v2: from 2.1.0 to 2.1.3
   • iface: from 1.4.1 to 1.4.2

v2.12.1

Compare Source

Released on 2026-05-01

1. Linters bug fixes
   • gomodguard_v2: fix panic with migration suggestion
2. Misc.
   • fix install.sh script (if you are still using an URL based on the branch master, please update to use https://golangci-lint.run/install.sh)

v2.12.0

Compare Source

Released on 2026-05-01

1. New linters
   • Add clickhouselint linter https://github.com/ClickHouse/clickhouse-go-linter
2. Linters new features or changes
   • dupl: from f665c8d to c99c5cf (extended detection)
   • funcorder: from 0.5.0 to 0.6.0 (new option: function)
   • goconst: add an option to ignore strings from tests
   • goconst: from 1.8.2 to 1.10.0 (extended detection)
   • gomodguard_v2: from 1.4.1 to 2.1.0 (major version with new configuration)
   • gosec: from 619ce21 to 2.26.1 (new checks: G124, G708, G709, G710)
   • govet: add inline analyzer
   • makezero: from 2.1.0 to 2.2.1 (support slice type aliases)
   • paralleltest: expose checkcleanup option
   • sloglint: from 0.11.1 to 0.12.0 (new options: allowed-keys, custom-funcs)
   • wsl_v5: from 5.6.0 to 5.8.0 (new option: cuddle-max-statements; new checks: after-decl, after-defer, after-expr, after-go, cuddle-group)
3. Linters bug fixes
   • forbidigo: from 2.3.0 to 2.3.1
   • godot: from 1.5.4 to 1.5.6
   • govet-modernize: from 0.43.0 to 0.44.0
   • ireturn: from 0.4.0 to 0.4.1
   • rowserrcheck: from 1.1.1 to c5f79b8
4. Misc.
   • Decrease cache entropy
   • Embed the JSON schema in the binary
   • Filter env vars when cloning the repository with the custom command

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At 12:00 AM through 04:59 AM and 10:00 PM through 11:59 PM, Monday through Friday (* 0-4,22-23 * * 1-5)
  • Only on Sunday and Saturday (* * * * 0,6)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Renovate PR Review Results

⚖️ Safety Assessment: ✅ Safe

🔍 Release Content Analysis

This PR updates golangci-lint from v2.11.4 to v2.12.2, spanning three minor releases (v2.12.0, v2.12.1, v2.12.2):

v2.12.0 (May 1, 2026) - Major Feature Release:

• New linters: clickhouselint (ClickHouse Go linter)
• Enhanced existing linters:
  • gomodguard_v2: Major version upgrade from 1.4.1 to 2.1.0 (new configuration format)
  • dupl: Extended duplicate code detection
  • goconst: Option to ignore test strings, improved detection (1.8.2 → 1.10.0)
  • gosec: Added new security checks (G124, G708, G709, G710)
  • govet: Added inline analyzer
  • wsl_v5: New cuddling rules (5.6.0 → 5.8.0)
• Infrastructure improvements: embedded JSON schema, reduced cache entropy

v2.12.1 (May 1, 2026) - Bug Fix Release:

• Fixed panic in gomodguard_v2 migration suggestions
• Fixed install.sh script (deprecated master branch URLs)

v2.12.2 (May 6, 2026) - Maintenance Release:

• Fixed gomodguard_v2 blocked configuration handling
• Dependency updates (gomodguard_v2: 2.1.0 → 2.1.3, iface: 1.4.1 → 1.4.2)

Breaking Changes:
None identified. The gomodguard_v2 major version change only affects users with explicit gomodguard configuration, which this project does not have.

Security Fixes:
No CVEs or security vulnerabilities addressed. The gosec linter gained new security check capabilities (G124, G708-G710) which may detect additional issues in code.

🎯 Impact Scope Investigation

golangci-lint Usage in Codebase:

• CI Pipeline: .github/workflows/ci.yml:39 runs golangci-lint run in the Lint job
• Pre-commit Hook: lefthook.yml:9 runs golangci-lint run before commits
• Configuration: No .golangci.yml or .golangci.yaml file exists - project uses golangci-lint defaults

Configuration Impact:
Since no custom golangci-lint configuration file exists, the project relies on default linter selection and settings. Key implications:

• The gomodguard_v2 configuration migration does not affect this project (no config to migrate)
• New linters (clickhouselint) will not automatically enable (requires explicit opt-in)
• Enhanced linter detection may surface new warnings (e.g., improved goconst, dupl)
• Default-enabled linters remain backward compatible

Dependency Impact:

• golangci-lint is installed via mise/aqua (not a Go module dependency in go.mod)
• Update only affects development tooling, not runtime dependencies
• No impact on production Docker image or sandbox execution

Code Analysis:
Reviewed sample Go code (internal/handler/handler.go). The codebase follows standard Go conventions:

• Clean error handling patterns
• Standard library usage
• No apparent use of deprecated APIs
• Code style compatible with enhanced linter rules

💡 Recommended Actions

Immediate Actions:

1. ✅ Merge this PR - The update is safe and backward compatible
2. Monitor CI pipeline on merge to observe any new linter warnings

Post-Merge Actions:

1. Review new linter findings: Enhanced detection in goconst, dupl, and wsl_v5 may identify code improvements
2. Optional: Create .golangci.yml for explicit linter control if new warnings are undesired
3. Consider enabling new security checks: The updated gosec includes G124, G708-G710 checks (enabled by default)

No Migration Required:

• No code changes needed
• No configuration migration needed (no existing config)
• No API compatibility concerns

🔗 Reference Links

• golangci-lint v2.12.0 Release
• golangci-lint v2.12.1 Release
• golangci-lint v2.12.2 Release
• Full Changelog
• gomodguard_v2 Migration Notes (not applicable - no config present)

Generated by koki-develop/claude-renovate-review