Update linter

Makefile

@@ -30,7 +30,7 @@ lint: bin/golangci-lint
 .PHONY: lint
 
 bin/golangci-lint: Makefile
-	@curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- v1.58.1
+	@curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- v1.60.1
 
 ## tests: run the tests
 tests:

cmd/root.go

@@ -337,7 +337,7 @@ func askPassword(prompt ...string) []byte {
 	if len(prompt) == 0 {
 		fmt.Fprintf(os.Stderr, "Enter passphrase: ")
 	} else {
-		fmt.Fprintf(os.Stderr, prompt[0])
+		fmt.Fprintf(os.Stderr, "%s", prompt[0])
 	}
 	pass, err := gopass.GetPasswdPrompt("", false, os.Stdin, os.Stderr)
 	if err != nil {

web/apps.go

@@ -29,7 +29,7 @@ func createApp(c echo.Context) (err error) {
 
 	editor, err := checkPermissions(c, opts.Editor, "", true /* = master */)
 	if err != nil {
-		return errshttp.NewError(http.StatusUnauthorized, err.Error())
+		return errshttp.NewError(http.StatusUnauthorized, "%s", err)
 	}
 
 	if err = validateAppRequest(c, opts); err != nil {
@@ -64,7 +64,7 @@ func patchApp(c echo.Context) (err error) {
 
 	_, err = checkPermissions(c, app.Editor, "", true /* = master */)
 	if err != nil {
-		return errshttp.NewError(http.StatusUnauthorized, err.Error())
+		return errshttp.NewError(http.StatusUnauthorized, "%s", err)
 	}
 
 	app, err = registry.ModifyApp(getSpace(c), appSlug, opts)
@@ -210,7 +210,7 @@ func activateMaintenanceApp(c echo.Context) error {
 
 	_, err = checkPermissions(c, app.Editor, app.Slug, true /* = master */)
 	if err != nil {
-		return errshttp.NewError(http.StatusUnauthorized, err.Error())
+		return errshttp.NewError(http.StatusUnauthorized, "%s", err)
 	}
 
 	var opts registry.MaintenanceOptions
@@ -248,7 +248,7 @@ func deactivateMaintenanceApp(c echo.Context) (err error) {
 
 	_, err = checkPermissions(c, app.Editor, app.Slug, true /* = master */)
 	if err != nil {
-		return errshttp.NewError(http.StatusUnauthorized, err.Error())
+		return errshttp.NewError(http.StatusUnauthorized, "%s", err)
 	}
 
 	if vs != nil {

web/router.go

@@ -282,7 +282,7 @@ func wrapErr(err error, code int) error {
 	if errHTTP, ok := err.(*errshttp.Error); ok {
 		return errHTTP
 	}
-	return errshttp.NewError(code, err.Error())
+	return errshttp.NewError(code, "%s", err)
 }
 
 func cacheControl(c echo.Context, rev string, maxAge time.Duration) bool {

web/versions.go

@@ -37,7 +37,7 @@ func createVersion(c echo.Context) (err error) {
 
 	editor, err := checkPermissions(c, app.Editor, app.Slug, false /* = not master */)
 	if err != nil {
-		return errshttp.NewError(http.StatusUnauthorized, err.Error())
+		return errshttp.NewError(http.StatusUnauthorized, "%s", err)
 	}
 
 	if err = validateVersionRequest(c, opts); err != nil {
@@ -118,12 +118,12 @@ func getPendingVersions(c echo.Context) (err error) {
 	}
 	_, err = checkPermissions(c, tokenEditor, "", true /* = master */)
 	if err != nil {
-		return errshttp.NewError(http.StatusUnauthorized, err.Error())
+		return errshttp.NewError(http.StatusUnauthorized, "%s", err)
 	}
 
 	versions, err := registry.GetPendingVersions(getSpace(c))
 	if err != nil {
-		return errshttp.NewError(http.StatusInternalServerError, err.Error())
+		return errshttp.NewError(http.StatusInternalServerError, "%s", err)
 	}
 
 	slugFilter := c.QueryParam("filter[slug]")
@@ -149,7 +149,7 @@ func lookForPendingVersion(c echo.Context) (app *registry.App, version *registry
 	editorName := "cozy"
 	_, err = checkPermissions(c, editorName, "", true /* = master */)
 	if err != nil {
-		return nil, nil, errshttp.NewError(http.StatusUnauthorized, err.Error())
+		return nil, nil, errshttp.NewError(http.StatusUnauthorized, "%s", err)
 	}
 
 	appSlug := c.Param("app")
@@ -210,7 +210,7 @@ func deletePendingVersion(c echo.Context) (err error) {
 	editorName := "cozy"
 	_, err = checkPermissions(c, editorName, "", true /* = master */)
 	if err != nil {
-		return errshttp.NewError(http.StatusUnauthorized, err.Error())
+		return errshttp.NewError(http.StatusUnauthorized, "%s", err)
 	}
 
 	appSlug := c.Param("app")