Skip to content

execcommandwithoutcontext enforce-readiness: propagate context in connectStdioMCPServer (2 sites), add nolint support, then enfo [Content truncated due to length] #38282

Description

@github-actions

Summary

The new execcommandwithoutcontext analyzer (24th custom linter) landed fully documented (doc.go "All 24", README, and spec_test.go documentedAnalyzers() all at 24 entries) but is not yet CI-enforced. A repo-wide audit shows it is close to enforceable: of ~90 prod exec.Command sites across 30 files, only 3 sit inside context-receiving functions — 2 genuine violations plus 1 false positive (tracked separately as the nil-guard precision issue, #38281). This issue covers converting the 2 genuine sites and the remaining prerequisites for enforcement.

Genuine violations (safe to convert)

Both are in connectStdioMCPServer(ctx context.Context, ...), which is always called with a real, non-nil context (context.WithTimeout(context.Background(), 30*time.Second) in connectToMCPServer), so propagating ctx is correct and binds the MCP subprocess lifetime to the 30s timeout:

// pkg/cli/mcp_inspect_mcp.go
func connectStdioMCPServer(ctx context.Context, config parser.RegistryMCPServerConfig, verbose bool) (*parser.MCPServerInfo, error) {
    ...
    if config.Container != "" {
        cmd = exec.Command("docker", args...)            // line 150 -> exec.CommandContext(ctx, "docker", args...)
    } else {
        cmd = exec.Command(config.Command, config.Args...) // line 155 -> exec.CommandContext(ctx, config.Command, config.Args...)
    }
    ...
}

Why this is a real improvement

The *exec.Cmd is handed to mcp.CommandTransport; binding it via exec.CommandContext(ctx, ...) ensures the spawned MCP server process is terminated when the 30s timeout (or any future cancellation) fires, instead of leaking until it exits on its own.

Remaining prerequisites for enforcement

Enforce-readiness checklist
  1. Fix the nil-guard false positive (execcommandwithoutcontext precision: false positive on nil-guarded exec.Command fallback — autofix injects a nil context that pa [Content truncated due to length] #38281)pkg/workflow/github_cli.go:32 is mis-flagged; enforcing now would either break CI or force an unsafe autofix. Blocker.
  2. Add internal/nolint supportexeccommandwithoutcontext does not import pkg/linters/internal/nolint (unlike the 12 enforced linters), so //nolint/redaction directives are silently ignored. Wire nolint.BuildLineIndex + per-diagnostic suppression as the other linters do, to match parity.
  3. Convert the 2 genuine sites above.
  4. Enforce: append -execcommandwithoutcontext to LINTER_FLAGS in .github/workflows/cgo.yml:1122 (currently 12 flags), making it the 13th enforced linter.

Recommendation

Convert the 2 connectStdioMCPServer sites in this issue. Track the FP fix in #38281 and the nolint parity + CI flag as the final enabling steps (do not enforce until both #38281 and nolint support land).

Validation checklist

Effort: Small for the 2 conversions; Medium overall including nolint wiring. Gated on #38281.

References: §27254549539

Generated by 🤖 Sergo - Serena Go Expert · 294.4 AIC · ⌖ 14.5 AIC · ⊞ 6.3K ·

  • expires on Jun 16, 2026, 9:18 PM UTC-08:00

Metadata

Metadata

Labels

cookieIssue Monster Loves Cookies!sergo

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions