actions/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2024-11-05 11:35:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix typos in comments, vars and tests

Browse source
This commit is contained in:
Oleksandr Redko 2023-05-26 18:03:54 +03:00 committed by Cosmin Cojocar
parent e1484658ac
commit 1f689968ec
12 changed files with 19 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
analyzer.go
View file

@ -59,7 +59,7 @@ var generatedCodePattern = regexp.MustCompile(`^// Code generated .* DO NOT EDIT
// The Context is populated with data parsed from the source code as it is scanned. // The Context is populated with data parsed from the source code as it is scanned.
// It is passed through to all rule functions as they are called. Rules may use // It is passed through to all rule functions as they are called. Rules may use
// this data in conjunction withe the encountered AST node. // this data in conjunction with the encountered AST node.
type Context struct { type Context struct {
FileSet *token.FileSet FileSet *token.FileSet
Comments ast.CommentMap Comments ast.CommentMap

2
analyzers/ssrf.go
View file

@ -46,7 +46,7 @@ func runSSRF(pass *analysis.Pass) (interface{}, error) {
if callee != nil { if callee != nil {
ssaResult.Logger.Printf("callee: %s\n", callee) ssaResult.Logger.Printf("callee: %s\n", callee)
return newIssue(pass.Analyzer.Name, return newIssue(pass.Analyzer.Name,
"not implemeted", "not implemented",
pass.Fset, instr.Call.Pos(), issue.Low, issue.High), nil pass.Fset, instr.Call.Pos(), issue.Low, issue.High), nil
} }
} }

4
analyzers/util.go
View file

@ -28,7 +28,7 @@ import (
) )
// SSAAnalyzerResult contains various information returned by the // SSAAnalyzerResult contains various information returned by the
// SSA analysis along with some configuraion // SSA analysis along with some configuration
type SSAAnalyzerResult struct { type SSAAnalyzerResult struct {
Config map[string]interface{} Config map[string]interface{}
Logger *log.Logger Logger *log.Logger
@ -42,7 +42,7 @@ func BuildDefaultAnalyzers() []*analysis.Analyzer {
} }
} }
// getSSAResult retrives the SSA result from analysis pass // getSSAResult retrieves the SSA result from analysis pass
func getSSAResult(pass *analysis.Pass) (*SSAAnalyzerResult, error) { func getSSAResult(pass *analysis.Pass) (*SSAAnalyzerResult, error) {
result, ok := pass.ResultOf[buildssa.Analyzer] result, ok := pass.ResultOf[buildssa.Analyzer]
if !ok { if !ok {

2
cmd/gosec/main.go
View file

@ -143,7 +143,7 @@ var (
// output suppression information for auditing purposes // output suppression information for auditing purposes
flagTrackSuppressions = flag.Bool("track-suppressions", false, "Output suppression information, including its kind and justification") flagTrackSuppressions = flag.Bool("track-suppressions", false, "Output suppression information, including its kind and justification")
// exlude the folders from scan // exclude the folders from scan
flagDirsExclude arrayFlags flagDirsExclude arrayFlags
logger *log.Logger logger *log.Logger

2
helpers.go
View file

@ -301,7 +301,7 @@ func Getenv(key, userDefault string) string {
return userDefault return userDefault
} }
// GetPkgRelativePath returns the Go relative relative path derived // GetPkgRelativePath returns the Go relative path derived
// form the given path // form the given path
func GetPkgRelativePath(path string) (string, error) { func GetPkgRelativePath(path string) (string, error) {
abspath, err := filepath.Abs(path) abspath, err := filepath.Abs(path)

2
helpers_test.go
View file

@ -32,7 +32,7 @@ var _ = Describe("Helpers", func() {
Expect(err).ShouldNot(HaveOccurred()) Expect(err).ShouldNot(HaveOccurred())
Expect(paths).Should(Equal([]string{dir})) Expect(paths).Should(Equal([]string{dir}))
}) })
It("should return the package package path", func() { It("should return the package path", func() {
paths, err := gosec.PackagePaths(dir+"/...", nil) paths, err := gosec.PackagePaths(dir+"/...", nil)
Expect(err).ShouldNot(HaveOccurred()) Expect(err).ShouldNot(HaveOccurred())
Expect(paths).Should(Equal([]string{dir})) Expect(paths).Should(Equal([]string{dir}))

2
report/formatter_test.go
View file

@ -188,7 +188,7 @@ var _ = Describe("Formatter", func() {
Expect(*issues).To(Equal(*want)) Expect(*issues).To(Equal(*want))
}) })
It("it should parse the report info for multiple projects projects", func() { It("it should parse the report info for multiple projects", func() {
data := &gosec.ReportInfo{ data := &gosec.ReportInfo{
Errors: map[string][]gosec.Error{}, Errors: map[string][]gosec.Error{},
Issues: []*issue.Issue{ Issues: []*issue.Issue{

6
report/sarif/sarif_test.go
View file

@ -162,15 +162,15 @@ var _ = Describe("Sarif Formatter", func() {
sarifReport, err := sarif.GenerateReport([]string{}, reportInfo) sarifReport, err := sarif.GenerateReport([]string{}, reportInfo)
Expect(err).ShouldNot(HaveOccurred()) Expect(err).ShouldNot(HaveOccurred())
resultRuleIdexes := map[string]int{} resultRuleIndexes := map[string]int{}
for _, result := range sarifReport.Runs[0].Results { for _, result := range sarifReport.Runs[0].Results {
resultRuleIdexes[result.RuleID] = result.RuleIndex resultRuleIndexes[result.RuleID] = result.RuleIndex
} }
driverRuleIndexes := map[string]int{} driverRuleIndexes := map[string]int{}
for ruleIndex, rule := range sarifReport.Runs[0].Tool.Driver.Rules { for ruleIndex, rule := range sarifReport.Runs[0].Tool.Driver.Rules {
driverRuleIndexes[rule.ID] = ruleIndex driverRuleIndexes[rule.ID] = ruleIndex
} }
Expect(resultRuleIdexes).Should(Equal(driverRuleIndexes)) Expect(resultRuleIndexes).Should(Equal(driverRuleIndexes))
}) })
}) })
}) })

2
report/sonar/sonar_test.go
View file

@ -140,7 +140,7 @@ var _ = Describe("Sonar Formatter", func() {
Expect(*issues).To(Equal(*want)) Expect(*issues).To(Equal(*want))
}) })
It("it should parse the report info for multiple projects projects", func() { It("it should parse the report info for multiple projects", func() {
data := &gosec.ReportInfo{ data := &gosec.ReportInfo{
Errors: map[string][]gosec.Error{}, Errors: map[string][]gosec.Error{},
Issues: []*issue.Issue{ Issues: []*issue.Issue{

2
rule.go
View file

@ -43,7 +43,7 @@ func NewRuleSet() RuleSet {
return RuleSet{make(map[reflect.Type][]Rule), make(map[string]bool)} return RuleSet{make(map[reflect.Type][]Rule), make(map[string]bool)}
} }
// Register adds a trigger for the supplied rule for the the // Register adds a trigger for the supplied rule for the
// specified ast nodes. // specified ast nodes.
func (r RuleSet) Register(rule Rule, isSuppressed bool, nodes ...ast.Node) { func (r RuleSet) Register(rule Rule, isSuppressed bool, nodes ...ast.Node) {
for _, n := range nodes { for _, n := range nodes {

2
rules/subproc.go
View file

@ -97,7 +97,7 @@ func (r *subprocess) Match(n ast.Node, c *gosec.Context) (*issue.Issue, error) {
} }
// isContext checks whether or not the node is a CommandContext call or not // isContext checks whether or not the node is a CommandContext call or not
// Thi is required in order to skip the first argument from the check. // This is required in order to skip the first argument from the check.
func (r *subprocess) isContext(n ast.Node, ctx *gosec.Context) bool { func (r *subprocess) isContext(n ast.Node, ctx *gosec.Context) bool {
selector, indent, err := gosec.GetCallInfo(n, ctx) selector, indent, err := gosec.GetCallInfo(n, ctx)
if err != nil { if err != nil {

10
testutils/source.go
View file

@ -517,7 +517,7 @@ func main() {
b := createBuffer() b := createBuffer()
b.WriteString("*bytes.Buffer") b.WriteString("*bytes.Buffer")
}`}, 0, gosec.NewConfig()}, }`}, 0, gosec.NewConfig()},
} // it shoudn't return any errors because all method calls are whitelisted by default } // it shouldn't return any errors because all method calls are whitelisted by default
// SampleCodeG104Audit finds errors that aren't being handled in audit mode // SampleCodeG104Audit finds errors that aren't being handled in audit mode
SampleCodeG104Audit = []CodeSample{ SampleCodeG104Audit = []CodeSample{
@ -1931,7 +1931,7 @@ import (
) )
func main() { func main() {
err := exec.CommandContext(context.Background(), "git", "rev-parse", "--show-toplavel").Run() err := exec.CommandContext(context.Background(), "git", "rev-parse", "--show-toplevel").Run()
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
} }
@ -1980,7 +1980,7 @@ func main() {
}`}, 1, gosec.NewConfig()}, }`}, 1, gosec.NewConfig()},
{[]string{` {[]string{`
// gosec doesn't have enough context to decide that the // gosec doesn't have enough context to decide that the
// command argument of the RunCmd function is harcoded string // command argument of the RunCmd function is hardcoded string
// and that's why it's better to warn the user so he can audit it // and that's why it's better to warn the user so he can audit it
package main package main
@ -2032,7 +2032,7 @@ func main() {
RunCmd("ll", "ls") RunCmd("ll", "ls")
}`}, 0, gosec.NewConfig()}, }`}, 0, gosec.NewConfig()},
{[]string{` {[]string{`
// syscall.Exec function called with harcoded arguments // syscall.Exec function called with hardcoded arguments
// shouldn't be consider as a command injection // shouldn't be consider as a command injection
package main package main
@ -2090,7 +2090,7 @@ func main() {
{[]string{` {[]string{`
// starting a process with a variable as an argument // starting a process with a variable as an argument
// even if not constant is not considered as dangerous // even if not constant is not considered as dangerous
// because it has harcoded value // because it has hardcoded value
package main package main
import ( import (