mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 12:05:52 +00:00
Update the README with some details related to Go version used by the rules
Signed-off-by: Cosmin Cojocar <cosmin@cojocar.ch>
This commit is contained in:
parent
9a036658b7
commit
1e1fc91d15
1 changed files with 6 additions and 0 deletions
|
@ -230,6 +230,12 @@ You can also configure the hard-coded credentials rule `G101` with additional pa
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
#### Go version
|
||||||
|
|
||||||
|
Some rules require a specific Go version which is retrieved from the Go module file present in the project. If this version cannot be found, it will fallback to Go runtime version.
|
||||||
|
|
||||||
|
The Go module version is parsed using the `go list` command which in some cases might lead to performance degradation. In this situation, the go module version can be easily disabled by setting the environment variable `GOSECNOMODVERSION=on`.
|
||||||
|
|
||||||
### Dependencies
|
### Dependencies
|
||||||
|
|
||||||
gosec will fetch automatically the dependencies of the code which is being analyzed when go module is turned on (e.g.`GO111MODULE=on`). If this is not the case,
|
gosec will fetch automatically the dependencies of the code which is being analyzed when go module is turned on (e.g.`GO111MODULE=on`). If this is not the case,
|
||||||
|
|
Loading…
Reference in a new issue