Fix lint warnings by properly formatting the files

Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
This commit is contained in:
Cosmin Cojocar 2023-12-08 14:30:54 +01:00 committed by Cosmin Cojocar
parent 0e2a61899a
commit 2aad3f02a5
32 changed files with 259 additions and 321 deletions

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeCgo - Cgo file sample // SampleCodeCgo - Cgo file sample
SampleCodeCgo = []CodeSample{ var SampleCodeCgo = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -49,4 +48,3 @@ func main() {
} }
`}, 0, gosec.NewConfig()}, `}, 0, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG102 code snippets for network binding // SampleCodeG102 code snippets for network binding
SampleCodeG102 = []CodeSample{ var SampleCodeG102 = []CodeSample{
// Bind to all networks explicitly // Bind to all networks explicitly
{[]string{` {[]string{`
package main package main
@ -103,4 +102,3 @@ func main() {
} }
`}, 1, gosec.NewConfig()}, `}, 1, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG103 find instances of unsafe blocks for auditing purposes // SampleCodeG103 find instances of unsafe blocks for auditing purposes
SampleCodeG103 = []CodeSample{ var SampleCodeG103 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -64,4 +63,3 @@ func main() {
} }
`}, 2, gosec.NewConfig()}, `}, 2, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG106 - ssh InsecureIgnoreHostKey // SampleCodeG106 - ssh InsecureIgnoreHostKey
SampleCodeG106 = []CodeSample{ var SampleCodeG106 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -17,4 +16,3 @@ func main() {
} }
`}, 1, gosec.NewConfig()}, `}, 1, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG107 - SSRF via http requests with variable url // SampleCodeG107 - SSRF via http requests with variable url
SampleCodeG107 = []CodeSample{ var SampleCodeG107 = []CodeSample{
{[]string{` {[]string{`
// Input from the std in is considered insecure // Input from the std in is considered insecure
package main package main
@ -195,4 +194,3 @@ func main() {
} }
`}, 1, gosec.NewConfig()}, `}, 1, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG108 - pprof endpoint automatically exposed // SampleCodeG108 - pprof endpoint automatically exposed
SampleCodeG108 = []CodeSample{ var SampleCodeG108 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -39,4 +38,3 @@ func main() {
} }
`}, 0, gosec.NewConfig()}, `}, 0, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG109 - Potential Integer OverFlow // SampleCodeG109 - Potential Integer OverFlow
SampleCodeG109 = []CodeSample{ var SampleCodeG109 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -111,4 +110,3 @@ func main() {
} }
`}, 0, gosec.NewConfig()}, `}, 0, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG110 - potential DoS vulnerability via decompression bomb // SampleCodeG110 - potential DoS vulnerability via decompression bomb
SampleCodeG110 = []CodeSample{ var SampleCodeG110 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -125,4 +124,3 @@ func main() {
} }
`}, 0, gosec.NewConfig()}, `}, 0, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG111 - potential directory traversal // SampleCodeG111 - potential directory traversal
SampleCodeG111 = []CodeSample{ var SampleCodeG111 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -26,4 +25,3 @@ func HelloServer(w http.ResponseWriter, r *http.Request) {
} }
`}, 1, gosec.NewConfig()}, `}, 1, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG112 - potential slowloris attack // SampleCodeG112 - potential slowloris attack
SampleCodeG112 = []CodeSample{ var SampleCodeG112 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -104,4 +103,3 @@ func main() {
} }
`}, 0, gosec.NewConfig()}, `}, 0, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG113 - Usage of Rat.SetString in math/big with an overflow // SampleCodeG113 - Usage of Rat.SetString in math/big with an overflow
SampleCodeG113 = []CodeSample{ var SampleCodeG113 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -21,4 +20,3 @@ func main() {
} }
`}, 1, gosec.NewConfig()}, `}, 1, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG114 - Use of net/http serve functions that have no support for setting timeouts // SampleCodeG114 - Use of net/http serve functions that have no support for setting timeouts
SampleCodeG114 = []CodeSample{ var SampleCodeG114 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -70,4 +69,3 @@ func main() {
} }
`}, 1, gosec.NewConfig()}, `}, 1, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG201 - SQL injection via format string // SampleCodeG201 - SQL injection via format string
SampleCodeG201 = []CodeSample{ var SampleCodeG201 = []CodeSample{
{[]string{` {[]string{`
// Format string without proper quoting // Format string without proper quoting
package main package main
@ -400,4 +399,3 @@ func main() {
} }
`}, 0, gosec.NewConfig()}, `}, 0, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG202 - SQL query string building via string concatenation // SampleCodeG202 - SQL query string building via string concatenation
SampleCodeG202 = []CodeSample{ var SampleCodeG202 = []CodeSample{
{[]string{` {[]string{`
// infixed concatenation // infixed concatenation
package main package main
@ -281,4 +280,3 @@ func main() {
} }
`}, 0, gosec.NewConfig()}, `}, 0, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG203 - Template checks // SampleCodeG203 - Template checks
SampleCodeG203 = []CodeSample{ var SampleCodeG203 = []CodeSample{
{[]string{` {[]string{`
// We assume that hardcoded template strings are safe as the programmer would // We assume that hardcoded template strings are safe as the programmer would
// need to be explicitly shooting themselves in the foot (as below) // need to be explicitly shooting themselves in the foot (as below)
@ -89,4 +88,3 @@ func main() {
} }
`}, 1, gosec.NewConfig()}, `}, 1, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG204 - Subprocess auditing // SampleCodeG204 - Subprocess auditing
SampleCodeG204 = []CodeSample{ var SampleCodeG204 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -156,7 +155,8 @@ func RunCmd(command string) {
func main() { func main() {
RunCmd("sleep") RunCmd("sleep")
} }
`}, 1, gosec.NewConfig()}, `}, 1, gosec.NewConfig(),
},
{[]string{` {[]string{`
package main package main
@ -243,4 +243,3 @@ func main() {
} }
`}, 1, gosec.NewConfig()}, `}, 1, gosec.NewConfig()},
} }
)

View file

@ -2,8 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var ( // SampleCodeG301 - mkdir permission check // SampleCodeG301 - mkdir permission check
SampleCodeG301 = []CodeSample{ var SampleCodeG301 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -53,4 +53,3 @@ func main() {
} }
`}, 0, gosec.NewConfig()}, `}, 0, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG302 - file create / chmod permissions check // SampleCodeG302 - file create / chmod permissions check
SampleCodeG302 = []CodeSample{ var SampleCodeG302 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -70,4 +69,3 @@ func main() {
} }
`}, 0, gosec.NewConfig()}, `}, 0, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG303 - bad tempfile permissions & hardcoded shared path // SampleCodeG303 - bad tempfile permissions & hardcoded shared path
SampleCodeG303 = []CodeSample{ var SampleCodeG303 = []CodeSample{
{[]string{` {[]string{`
package samples package samples
@ -58,4 +57,3 @@ func main() {
} }
`}, 9, gosec.NewConfig()}, `}, 9, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG304 - potential file inclusion vulnerability // SampleCodeG304 - potential file inclusion vulnerability
SampleCodeG304 = []CodeSample{ var SampleCodeG304 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -304,4 +303,3 @@ package main
var THEWD string var THEWD string
`}, 0, gosec.NewConfig()}, `}, 0, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG305 - File path traversal when extracting zip/tar archives // SampleCodeG305 - File path traversal when extracting zip/tar archives
SampleCodeG305 = []CodeSample{ var SampleCodeG305 = []CodeSample{
{[]string{` {[]string{`
package unzip package unzip
@ -175,4 +174,3 @@ func extractFile(f *tar.Header, tr *tar.Reader, destPath string) error {
} }
`}, 1, gosec.NewConfig()}, `}, 1, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG306 - Poor permissions for WriteFile // SampleCodeG306 - Poor permissions for WriteFile
SampleCodeG306 = []CodeSample{ var SampleCodeG306 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -55,4 +54,3 @@ func main() {
} }
`}, 1, gosec.NewConfig()}, `}, 1, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG307 - Poor permissions for os.Create // SampleCodeG307 - Poor permissions for os.Create
SampleCodeG307 = []CodeSample{ var SampleCodeG307 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -46,4 +45,3 @@ func main() {
} }
`}, 1, gosec.Config{"G307": "0o600"}}, `}, 1, gosec.Config{"G307": "0o600"}},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG402 - TLS settings // SampleCodeG402 - TLS settings
SampleCodeG402 = []CodeSample{ var SampleCodeG402 = []CodeSample{
{[]string{` {[]string{`
// InsecureSkipVerify // InsecureSkipVerify
package main package main
@ -295,4 +294,3 @@ func main() {
} }
`}, 0, gosec.NewConfig()}, `}, 0, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG403 - weak key strength // SampleCodeG403 - weak key strength
SampleCodeG403 = []CodeSample{ var SampleCodeG403 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -24,4 +23,3 @@ func main() {
} }
`}, 1, gosec.NewConfig()}, `}, 1, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG404 - weak random number // SampleCodeG404 - weak random number
SampleCodeG404 = []CodeSample{ var SampleCodeG404 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -101,4 +100,3 @@ func main() {
} }
`}, 3, gosec.NewConfig()}, `}, 3, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG501 - Blocklisted import MD5 // SampleCodeG501 - Blocklisted import MD5
SampleCodeG501 = []CodeSample{ var SampleCodeG501 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -21,4 +20,3 @@ func main() {
} }
`}, 1, gosec.NewConfig()}, `}, 1, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG502 - Blocklisted import DES // SampleCodeG502 - Blocklisted import DES
SampleCodeG502 = []CodeSample{ var SampleCodeG502 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -34,4 +33,3 @@ func main() {
} }
`}, 1, gosec.NewConfig()}, `}, 1, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG503 - Blocklisted import RC4 // SampleCodeG503 - Blocklisted import RC4
SampleCodeG503 = []CodeSample{ var SampleCodeG503 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -26,4 +25,3 @@ func main() {
} }
`}, 1, gosec.NewConfig()}, `}, 1, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG504 - Blocklisted import CGI // SampleCodeG504 - Blocklisted import CGI
SampleCodeG504 = []CodeSample{ var SampleCodeG504 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -18,4 +17,3 @@ func main() {
} }
`}, 1, gosec.NewConfig()}, `}, 1, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG505 - Blocklisted import SHA1 // SampleCodeG505 - Blocklisted import SHA1
SampleCodeG505 = []CodeSample{ var SampleCodeG505 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -21,4 +20,3 @@ func main() {
} }
`}, 1, gosec.NewConfig()}, `}, 1, gosec.NewConfig()},
} }
)

View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2" import "github.com/securego/gosec/v2"
var (
// SampleCodeG602 - Slice access out of bounds // SampleCodeG602 - Slice access out of bounds
SampleCodeG602 = []CodeSample{ var SampleCodeG602 = []CodeSample{
{[]string{` {[]string{`
package main package main
@ -252,4 +251,3 @@ func main() {
} }
`}, 0, gosec.NewConfig()}, `}, 0, gosec.NewConfig()},
} }
)