Fix lint warnings by properly formatting the files

Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>

testutils/cgo_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeCgo - Cgo file sample
-	// SampleCodeCgo - Cgo file sample
+var SampleCodeCgo = []CodeSample{
-	SampleCodeCgo = []CodeSample{
 	{[]string{`
 package main
 
@@ -48,5 +47,4 @@ func main() {
         C.printData(cData)
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
-)

testutils/g102_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG102 code snippets for network binding
-	// SampleCodeG102 code snippets for network binding
+var SampleCodeG102 = []CodeSample{
-	SampleCodeG102 = []CodeSample{
 	// Bind to all networks explicitly
 	{[]string{`
 package main
@@ -102,5 +101,4 @@ func main() {
 	defer l.Close()
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
-)

testutils/g103_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG103 find instances of unsafe blocks for auditing purposes
-	// SampleCodeG103 find instances of unsafe blocks for auditing purposes
+var SampleCodeG103 = []CodeSample{
-	SampleCodeG103 = []CodeSample{
 	{[]string{`
 package main
 
@@ -63,5 +62,4 @@ func main() {
 	fmt.Printf("ptr: %p\n", ptr)
 }
 `}, 2, gosec.NewConfig()},
-	}
+}
-)

testutils/g106_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG106 - ssh InsecureIgnoreHostKey
-	// SampleCodeG106 - ssh InsecureIgnoreHostKey
+var SampleCodeG106 = []CodeSample{
-	SampleCodeG106 = []CodeSample{
 	{[]string{`
 package main
 
@@ -16,5 +15,4 @@ func main() {
 		_ =  ssh.InsecureIgnoreHostKey()
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
-)

testutils/g107_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG107 - SSRF via http requests with variable url
-	// SampleCodeG107 - SSRF via http requests with variable url
+var SampleCodeG107 = []CodeSample{
-	SampleCodeG107 = []CodeSample{
 	{[]string{`
 // Input from the std in is considered insecure
 package main
@@ -194,5 +193,4 @@ func main() {
 	get(url)
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
-)

testutils/g108_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG108 - pprof endpoint automatically exposed
-	// SampleCodeG108 - pprof endpoint automatically exposed
+var SampleCodeG108 = []CodeSample{
-	SampleCodeG108 = []CodeSample{
 	{[]string{`
 package main
 
@@ -38,5 +37,4 @@ func main() {
 	log.Fatal(http.ListenAndServe(":8080", nil))
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
-)

testutils/g109_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG109 - Potential Integer OverFlow
-	// SampleCodeG109 - Potential Integer OverFlow
+var SampleCodeG109 = []CodeSample{
-	SampleCodeG109 = []CodeSample{
 	{[]string{`
 package main
 
@@ -110,5 +109,4 @@ func main() {
 	fmt.Println(b, err)
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
-)

testutils/g110_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG110 - potential DoS vulnerability via decompression bomb
-	// SampleCodeG110 - potential DoS vulnerability via decompression bomb
+var SampleCodeG110 = []CodeSample{
-	SampleCodeG110 = []CodeSample{
 	{[]string{`
 package main
 
@@ -124,5 +123,4 @@ func main() {
 	}
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
-)

testutils/g111_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG111 - potential directory traversal
-	// SampleCodeG111 - potential directory traversal
+var SampleCodeG111 = []CodeSample{
-	SampleCodeG111 = []CodeSample{
 	{[]string{`
 package main
 
@@ -25,5 +24,4 @@ func HelloServer(w http.ResponseWriter, r *http.Request) {
 	fmt.Fprintf(w, "Hello, %s!", r.URL.Path[1:])
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
-)

testutils/g112_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG112 - potential slowloris attack
-	// SampleCodeG112 - potential slowloris attack
+var SampleCodeG112 = []CodeSample{
-	SampleCodeG112 = []CodeSample{
 	{[]string{`
 package main
 
@@ -103,5 +102,4 @@ func main() {
 	fmt.Print("test")
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
-)

testutils/g113_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG113 - Usage of Rat.SetString in math/big with an overflow
-	// SampleCodeG113 - Usage of Rat.SetString in math/big with an overflow
+var SampleCodeG113 = []CodeSample{
-	SampleCodeG113 = []CodeSample{
 	{[]string{`
 package main
 
@@ -20,5 +19,4 @@ func main() {
 	fmt.Println(r)
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
-)

testutils/g114_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG114 - Use of net/http serve functions that have no support for setting timeouts
-	// SampleCodeG114 - Use of net/http serve functions that have no support for setting timeouts
+var SampleCodeG114 = []CodeSample{
-	SampleCodeG114 = []CodeSample{
 	{[]string{`
 package main
 
@@ -69,5 +68,4 @@ func main() {
 	log.Fatal(err)
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
-)

testutils/g201_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG201 - SQL injection via format string
-	// SampleCodeG201 - SQL injection via format string
+var SampleCodeG201 = []CodeSample{
-	SampleCodeG201 = []CodeSample{
 	{[]string{`
 // Format string without proper quoting
 package main
@@ -399,5 +398,4 @@ func main() {
 	defer stmt.Close()
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
-)

testutils/g202_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG202 - SQL query string building via string concatenation
-	// SampleCodeG202 - SQL query string building via string concatenation
+var SampleCodeG202 = []CodeSample{
-	SampleCodeG202 = []CodeSample{
 	{[]string{`
 // infixed concatenation
 package main
@@ -280,5 +279,4 @@ func main() {
 	fmt.Println(result)
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
-)

testutils/g203_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG203 - Template checks
-	// SampleCodeG203 - Template checks
+var SampleCodeG203 = []CodeSample{
-	SampleCodeG203 = []CodeSample{
 	{[]string{`
 // We assume that hardcoded template strings are safe as the programmer would
 // need to be explicitly shooting themselves in the foot (as below)
@@ -88,5 +87,4 @@ func main() {
 	t.Execute(os.Stdout, v)
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
-)

testutils/g204_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG204 - Subprocess auditing
-	// SampleCodeG204 - Subprocess auditing
+var SampleCodeG204 = []CodeSample{
-	SampleCodeG204 = []CodeSample{
 	{[]string{`
 package main
 
@@ -156,7 +155,8 @@ func RunCmd(command string) {
 func main() {
 	RunCmd("sleep")
 }
-`}, 1, gosec.NewConfig()},
+`}, 1, gosec.NewConfig(),
+	},
 	{[]string{`
 package main
 
@@ -242,5 +242,4 @@ func main() {
 	log.Printf("Command finished with error: %v", err)
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
-)

testutils/g301_samples.go

@@ -2,8 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var ( // SampleCodeG301 - mkdir permission check
+// SampleCodeG301 - mkdir permission check
-	SampleCodeG301 = []CodeSample{
+var SampleCodeG301 = []CodeSample{
 	{[]string{`
 package main
 
@@ -52,5 +52,4 @@ func main() {
 	}
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
-)

testutils/g302_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG302 - file create / chmod permissions check
-	// SampleCodeG302 - file create / chmod permissions check
+var SampleCodeG302 = []CodeSample{
-	SampleCodeG302 = []CodeSample{
 	{[]string{`
 package main
 
@@ -69,5 +68,4 @@ func main() {
 	}
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
-)

testutils/g303_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG303 - bad tempfile permissions & hardcoded shared path
-	// SampleCodeG303 - bad tempfile permissions & hardcoded shared path
+var SampleCodeG303 = []CodeSample{
-	SampleCodeG303 = []CodeSample{
 	{[]string{`
 package samples
 
@@ -57,5 +56,4 @@ func main() {
 	}
 }
 `}, 9, gosec.NewConfig()},
-	}
+}
-)

testutils/g304_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG304 - potential file inclusion vulnerability
-	// SampleCodeG304 - potential file inclusion vulnerability
+var SampleCodeG304 = []CodeSample{
-	SampleCodeG304 = []CodeSample{
 	{[]string{`
 package main
 
@@ -303,5 +302,4 @@ package main
 
 var THEWD string
 `}, 0, gosec.NewConfig()},
-	}
+}
-)

testutils/g305_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG305 - File path traversal when extracting zip/tar archives
-	// SampleCodeG305 - File path traversal when extracting zip/tar archives
+var SampleCodeG305 = []CodeSample{
-	SampleCodeG305 = []CodeSample{
 	{[]string{`
 package unzip
 
@@ -174,5 +173,4 @@ func extractFile(f *tar.Header, tr *tar.Reader, destPath string) error {
     return os.Chmod(filePath, f.FileInfo().Mode())
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
-)

testutils/g306_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG306 - Poor permissions for WriteFile
-	// SampleCodeG306 - Poor permissions for WriteFile
+var SampleCodeG306 = []CodeSample{
-	SampleCodeG306 = []CodeSample{
 	{[]string{`
 package main
 
@@ -54,5 +53,4 @@ func main() {
 
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
-)

testutils/g307_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG307 - Poor permissions for os.Create
-	// SampleCodeG307 - Poor permissions for os.Create
+var SampleCodeG307 = []CodeSample{
-	SampleCodeG307 = []CodeSample{
 	{[]string{`
 package main
 
@@ -45,5 +44,4 @@ func main() {
 	defer f.Close()
 }
 `}, 1, gosec.Config{"G307": "0o600"}},
-	}
+}
-)

testutils/g402_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG402 - TLS settings
-	// SampleCodeG402 - TLS settings
+var SampleCodeG402 = []CodeSample{
-	SampleCodeG402 = []CodeSample{
 	{[]string{`
 // InsecureSkipVerify
 package main
@@ -294,5 +293,4 @@ func main() {
 	_ = cryptotls.Config{MinVersion: cryptotls.VersionTLS12}
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
-)

testutils/g403_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG403 - weak key strength
-	// SampleCodeG403 - weak key strength
+var SampleCodeG403 = []CodeSample{
-	SampleCodeG403 = []CodeSample{
 	{[]string{`
 package main
 
@@ -23,5 +22,4 @@ func main() {
 	fmt.Println(pvk)
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
-)

testutils/g404_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG404 - weak random number
-	// SampleCodeG404 - weak random number
+var SampleCodeG404 = []CodeSample{
-	SampleCodeG404 = []CodeSample{
 	{[]string{`
 package main
 
@@ -100,5 +99,4 @@ func main() {
 	_ = rand3.Intn(2)  // bad
 }
 `}, 3, gosec.NewConfig()},
-	}
+}
-)

testutils/g501_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG501 - Blocklisted import MD5
-	// SampleCodeG501 - Blocklisted import MD5
+var SampleCodeG501 = []CodeSample{
-	SampleCodeG501 = []CodeSample{
 	{[]string{`
 package main
 
@@ -20,5 +19,4 @@ func main() {
 	}
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
-)

testutils/g502_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG502 - Blocklisted import DES
-	// SampleCodeG502 - Blocklisted import DES
+var SampleCodeG502 = []CodeSample{
-	SampleCodeG502 = []CodeSample{
 	{[]string{`
 package main
 
@@ -33,5 +32,4 @@ func main() {
 	fmt.Println("Secret message is: %s", hex.EncodeToString(ciphertext))
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
-)

testutils/g503_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG503 - Blocklisted import RC4
-	// SampleCodeG503 - Blocklisted import RC4
+var SampleCodeG503 = []CodeSample{
-	SampleCodeG503 = []CodeSample{
 	{[]string{`
 package main
 
@@ -25,5 +24,4 @@ func main() {
 	fmt.Println("Secret message is: %s", hex.EncodeToString(ciphertext))
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
-)

testutils/g504_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG504 - Blocklisted import CGI
-	// SampleCodeG504 - Blocklisted import CGI
+var SampleCodeG504 = []CodeSample{
-	SampleCodeG504 = []CodeSample{
 	{[]string{`
 package main
 
@@ -17,5 +16,4 @@ func main() {
 	cgi.Serve(http.FileServer(http.Dir("/usr/share/doc")))
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
-)

testutils/g505_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG505 - Blocklisted import SHA1
-	// SampleCodeG505 - Blocklisted import SHA1
+var SampleCodeG505 = []CodeSample{
-	SampleCodeG505 = []CodeSample{
 	{[]string{`
 package main
 
@@ -20,5 +19,4 @@ func main() {
 	}
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
-)

testutils/g602_samples.go

@@ -2,9 +2,8 @@ package testutils
 
 import "github.com/securego/gosec/v2"
 
-var (
+// SampleCodeG602 - Slice access out of bounds
-	// SampleCodeG602 - Slice access out of bounds
+var SampleCodeG602 = []CodeSample{
-	SampleCodeG602 = []CodeSample{
 	{[]string{`
 package main
 
@@ -251,5 +250,4 @@ func main() {
 	}
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
-)