Skip to content
Latchkey

Go "staticcheck" CI Failures - Fix SA/ST Lint Findings

staticcheck flagged real issues in your code - a deprecated API, an impossible type assertion, dead code, or a misused standard-library call. Each finding carries a check code (e.g. SA1019) and fails the lint gate.

What this error means

A staticcheck ./... step prints findings with file:line and a check code, then exits nonzero. The code compiles and tests pass; staticcheck is reporting correctness or style problems the compiler does not.

staticcheck output
internal/api/client.go:22:9: SA1019: tls.Config.NameToCertificate
	is deprecated: NameToCertificate only allows associating ... (staticcheck)
internal/util/parse.go:14:2: SA4006: this value of err is never used (staticcheck)

Common causes

Use of a deprecated API (SA1019)

A standard-library or dependency symbol is marked deprecated. staticcheck flags it so you migrate to the supported replacement.

A logic or correctness smell

Checks like SA4006 (a value never used) or impossible type assertions point at code that almost certainly does not do what was intended.

How to fix it

Fix the finding at the source

  1. Read the check code and message - they link to a precise explanation.
  2. Migrate off the deprecated API, or correct the flagged logic.
  3. Re-run staticcheck ./... until it is clean.

Suppress a reviewed false positive narrowly

When a finding is genuinely not applicable, suppress that one line with a directive - never blanket-disable the check.

Go
//lint:ignore SA1019 kept for backward compatibility until v3
x := tls.Config{}

How to prevent it

  • Run staticcheck ./... locally before pushing.
  • Migrate off deprecated APIs promptly rather than suppressing.
  • Pin the staticcheck version in CI so findings are reproducible.

Related guides

Tired of flaky CI? Latchkey auto-heals failed jobs and retries them for you. Start free →