Enable gosec linter (#645)

.golangci.yaml

@@ -178,7 +178,6 @@ linters:
     - errcheck
     - gochecknoglobals
     - gocyclo
-    - gosec
     - lll
     - maligned
     - prealloc

gateway/gateway.go

@@ -2,7 +2,7 @@ package gateway
 
 import (
 	"bytes"
-	"crypto/sha1"
+	"crypto/sha1" //nolint:gosec
 	"fmt"
 	"io/ioutil"
 	"net/http"
@@ -466,7 +466,7 @@ func (gw *Gateway) handleFiles(msg *config.Message) {
 		fi.Name = reg.ReplaceAllString(fi.Name, "_")
 		fi.Name += ext
 
-		sha1sum := fmt.Sprintf("%x", sha1.Sum(*fi.Data))[:8]
+		sha1sum := fmt.Sprintf("%x", sha1.Sum(*fi.Data))[:8] //nolint:gosec
 
 		if gw.BridgeValues().General.MediaServerUpload != "" {
 			// Use MediaServerUpload. Upload using a PUT HTTP request and basicauth.

hook/rockethook/rockethook.go

@@ -38,7 +38,7 @@ type Config struct {
 func New(url string, config Config) *Client {
 	c := &Client{In: make(chan Message), Config: config}
 	tr := &http.Transport{
-		TLSClientConfig: &tls.Config{InsecureSkipVerify: config.InsecureSkipVerify},
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: config.InsecureSkipVerify}, //nolint:gosec
 	}
 	c.httpclient = &http.Client{Transport: tr}
 	_, _, err := net.SplitHostPort(c.BindAddress)

matterclient/helpers.go

@@ -1,7 +1,7 @@
 package matterclient
 
 import (
-	"crypto/md5"
+	"crypto/md5" //nolint:gosec
 	"crypto/tls"
 	"errors"
 	"fmt"
@@ -101,7 +101,10 @@ func (m *MMClient) initClient(firstConnection bool, b *backoff.Backoff) error {
 	}
 	// login to mattermost
 	m.Client = model.NewAPIv4Client(uriScheme + m.Credentials.Server)
-	m.Client.HttpClient.Transport = &http.Transport{TLSClientConfig: &tls.Config{InsecureSkipVerify: m.SkipTLSVerify}, Proxy: http.ProxyFromEnvironment}
+	m.Client.HttpClient.Transport = &http.Transport{
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: m.SkipTLSVerify}, //nolint:gosec
+		Proxy:           http.ProxyFromEnvironment,
+	}
 	m.Client.HttpClient.Timeout = time.Second * 10
 
 	// handle MMAUTHTOKEN and personal token
@@ -206,7 +209,10 @@ func (m *MMClient) wsConnect() {
 
 	m.log.Debugf("WsClient: making connection: %s", wsurl)
 	for {
-		wsDialer := &websocket.Dialer{Proxy: http.ProxyFromEnvironment, TLSClientConfig: &tls.Config{InsecureSkipVerify: m.SkipTLSVerify}}
+		wsDialer := &websocket.Dialer{
+			TLSClientConfig: &tls.Config{InsecureSkipVerify: m.SkipTLSVerify}, //nolint:gosec
+			Proxy:           http.ProxyFromEnvironment,
+		}
 		var err error
 		m.WsClient, _, err = wsDialer.Dial(wsurl, header)
 		if err != nil {
@@ -273,5 +279,5 @@ func supportedVersion(version string) bool {
 }
 
 func digestString(s string) string {
-	return fmt.Sprintf("%x", md5.Sum([]byte(s)))
+	return fmt.Sprintf("%x", md5.Sum([]byte(s))) //nolint:gosec
 }

matterhook/matterhook.go

@@ -71,7 +71,7 @@ type Config struct {
 func New(url string, config Config) *Client {
 	c := &Client{Url: url, In: make(chan IMessage), Out: make(chan OMessage), Config: config}
 	tr := &http.Transport{
-		TLSClientConfig: &tls.Config{InsecureSkipVerify: config.InsecureSkipVerify},
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: config.InsecureSkipVerify}, //nolint:gosec
 	}
 	c.httpclient = &http.Client{Transport: tr}
 	if !c.DisableServer {