Fix lint warnings by properly formatting the files

Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2024-11-05 11:35:51 +00:00 · 2023-12-08 14:30:54 +01:00 · 2023-12-08 14:30:54 +01:00 · 2aad3f02a5
commit 2aad3f02a5
parent 0e2a61899a
32 changed files with 259 additions and 321 deletions
--- a/testutils/cgo_samples.go
+++ b/testutils/cgo_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeCgo - Cgo file sample
-	// SampleCodeCgo - Cgo file sample
+var SampleCodeCgo = []CodeSample{
-	SampleCodeCgo = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -48,5 +47,4 @@ func main() {
        C.printData(cData)
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g102_samples.go
+++ b/testutils/g102_samples.go
@ -2,11 +2,10 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG102 code snippets for network binding
-	// SampleCodeG102 code snippets for network binding
+var SampleCodeG102 = []CodeSample{
-	SampleCodeG102 = []CodeSample{
+	// Bind to all networks explicitly
-		// Bind to all networks explicitly
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -22,8 +21,8 @@ func main() {
 	defer l.Close()
 }
 `}, 1, gosec.NewConfig()},
-		// Bind to all networks implicitly (default if host omitted)
+	// Bind to all networks implicitly (default if host omitted)
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -39,8 +38,8 @@ func main() {
 	defer l.Close()
 }
 `}, 1, gosec.NewConfig()},
-		// Bind to all networks indirectly through a parsing function
+	// Bind to all networks indirectly through a parsing function
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -61,8 +60,8 @@ func main() {
 	defer l.Close()
 }
 `}, 1, gosec.NewConfig()},
-		// Bind to all networks indirectly through a parsing function
+	// Bind to all networks indirectly through a parsing function
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -84,7 +83,7 @@ func main() {
 	defer l.Close()
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -102,5 +101,4 @@ func main() {
 	defer l.Close()
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g103_samples.go
+++ b/testutils/g103_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG103 find instances of unsafe blocks for auditing purposes
-	// SampleCodeG103 find instances of unsafe blocks for auditing purposes
+var SampleCodeG103 = []CodeSample{
-	SampleCodeG103 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -29,7 +28,7 @@ func main() {
 	fmt.Printf("\nintPtr=%p, *intPtr=%d.\n\n", intPtr, *intPtr)
 }
 `}, 2, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -46,7 +45,7 @@ func main() {
 	fmt.Printf("ptr: %p\n", ptr)
 }
 `}, 2, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -63,5 +62,4 @@ func main() {
 	fmt.Printf("ptr: %p\n", ptr)
 }
 `}, 2, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g106_samples.go
+++ b/testutils/g106_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG106 - ssh InsecureIgnoreHostKey
-	// SampleCodeG106 - ssh InsecureIgnoreHostKey
+var SampleCodeG106 = []CodeSample{
-	SampleCodeG106 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -16,5 +15,4 @@ func main() {
 		_ =  ssh.InsecureIgnoreHostKey()
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g107_samples.go
+++ b/testutils/g107_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG107 - SSRF via http requests with variable url
-	// SampleCodeG107 - SSRF via http requests with variable url
+var SampleCodeG107 = []CodeSample{
-	SampleCodeG107 = []CodeSample{
+	{[]string{`
 		{[]string{`
 // Input from the std in is considered insecure
 package main
 import (
@ -33,7 +32,7 @@ func main() {
 		fmt.Printf("%s", body)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Variable defined a package level can be changed at any time
 // regardless of the initial value
 package main
@ -58,7 +57,7 @@ func main() {
 	}
 	fmt.Printf("%s", body)
 }`}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Environmental variables are not considered as secure source
 package main
 import (
@ -81,7 +80,7 @@ func main() {
 	fmt.Printf("%s", body)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Constant variables or hard-coded strings are secure
 package main
@ -98,7 +97,7 @@ func main() {
 	fmt.Println(resp.Status)
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // A variable at function scope which is initialized to
 // a constant string is secure (e.g. cannot be changed concurrently)
 package main
@ -116,7 +115,7 @@ func main() {
 	fmt.Println(resp.Status)
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // A variable at function scope which is initialized to
 // a constant string is secure (e.g. cannot be changed concurrently)
 package main
@ -134,7 +133,7 @@ func main() {
 	fmt.Println(resp.Status)
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // A variable at function scope which is initialized to
 // a constant string is secure (e.g. cannot be changed concurrently)
 package main
@ -154,7 +153,7 @@ func main() {
 	fmt.Println(resp.Status)
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // An exported variable declared a packaged scope is not secure
 // because it can changed at any time
 package main
@ -174,7 +173,7 @@ func main() {
 	fmt.Println(resp.Status)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // An url provided as a function argument is not secure
 package main
@ -194,5 +193,4 @@ func main() {
 	get(url)
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g108_samples.go
+++ b/testutils/g108_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG108 - pprof endpoint automatically exposed
-	// SampleCodeG108 - pprof endpoint automatically exposed
+var SampleCodeG108 = []CodeSample{
-	SampleCodeG108 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -22,7 +21,7 @@ func main() {
 	log.Fatal(http.ListenAndServe(":8080", nil))
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -38,5 +37,4 @@ func main() {
 	log.Fatal(http.ListenAndServe(":8080", nil))
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g109_samples.go
+++ b/testutils/g109_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG109 - Potential Integer OverFlow
-	// SampleCodeG109 - Potential Integer OverFlow
+var SampleCodeG109 = []CodeSample{
-	SampleCodeG109 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -22,7 +21,7 @@ func main() {
 	fmt.Println(value)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -40,7 +39,7 @@ func main() {
 	}
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -56,7 +55,7 @@ func main() {
 	fmt.Println(bigValue)
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -79,7 +78,7 @@ func test() {
 	fmt.Println(value)
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -97,7 +96,7 @@ func main() {
 	fmt.Println(v)
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -110,5 +109,4 @@ func main() {
 	fmt.Println(b, err)
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g110_samples.go
+++ b/testutils/g110_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG110 - potential DoS vulnerability via decompression bomb
-	// SampleCodeG110 - potential DoS vulnerability via decompression bomb
+var SampleCodeG110 = []CodeSample{
-	SampleCodeG110 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -31,7 +30,7 @@ func main() {
 	r.Close()
 }`}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -58,7 +57,7 @@ func main() {
 	r.Close()
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -97,7 +96,7 @@ func main() {
 	}
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -124,5 +123,4 @@ func main() {
 	}
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g111_samples.go
+++ b/testutils/g111_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG111 - potential directory traversal
-	// SampleCodeG111 - potential directory traversal
+var SampleCodeG111 = []CodeSample{
-	SampleCodeG111 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -25,5 +24,4 @@ func HelloServer(w http.ResponseWriter, r *http.Request) {
 	fmt.Fprintf(w, "Hello, %s!", r.URL.Path[1:])
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g112_samples.go
+++ b/testutils/g112_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG112 - potential slowloris attack
-	// SampleCodeG112 - potential slowloris attack
+var SampleCodeG112 = []CodeSample{
-	SampleCodeG112 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -25,7 +24,7 @@ func main() {
 	}
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -48,7 +47,7 @@ func main() {
 	}
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -71,7 +70,7 @@ func main() {
 	}
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -103,5 +102,4 @@ func main() {
 	fmt.Print("test")
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g113_samples.go
+++ b/testutils/g113_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG113 - Usage of Rat.SetString in math/big with an overflow
-	// SampleCodeG113 - Usage of Rat.SetString in math/big with an overflow
+var SampleCodeG113 = []CodeSample{
-	SampleCodeG113 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -20,5 +19,4 @@ func main() {
 	fmt.Println(r)
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g114_samples.go
+++ b/testutils/g114_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG114 - Use of net/http serve functions that have no support for setting timeouts
-	// SampleCodeG114 - Use of net/http serve functions that have no support for setting timeouts
+var SampleCodeG114 = []CodeSample{
-	SampleCodeG114 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -18,7 +17,7 @@ func main() {
 	log.Fatal(err)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -31,7 +30,7 @@ func main() {
 	log.Fatal(err)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -50,7 +49,7 @@ func main() {
 	log.Fatal(err)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -69,5 +68,4 @@ func main() {
 	log.Fatal(err)
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g201_samples.go
+++ b/testutils/g201_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG201 - SQL injection via format string
-	// SampleCodeG201 - SQL injection via format string
+var SampleCodeG201 = []CodeSample{
-	SampleCodeG201 = []CodeSample{
+	{[]string{`
 		{[]string{`
 // Format string without proper quoting
 package main
@ -28,7 +27,7 @@ func main(){
 	defer rows.Close()
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Format string without proper quoting case insensitive
 package main
@ -51,7 +50,7 @@ func main(){
 	defer rows.Close()
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Format string without proper quoting with context
 package main
 import (
@ -74,7 +73,7 @@ func main(){
 	defer rows.Close()
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Format string without proper quoting with transaction
 package main
 import (
@ -105,7 +104,7 @@ func main(){
 	}
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Format string false positive, safe string spec.
 package main
@ -128,7 +127,7 @@ func main(){
 	defer rows.Close()
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Format string false positive
 package main
@ -150,7 +149,7 @@ func main(){
 		defer rows.Close()
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Format string false positive, quoted formatter argument.
 package main
@ -174,7 +173,7 @@ func main(){
 	defer rows.Close()
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // false positive
 package main
@ -197,7 +196,7 @@ func main(){
 	defer rows.Close()
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
 	"fmt"
@ -207,7 +206,7 @@ func main(){
 	fmt.Sprintln()
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Format string with \n\r
 package main
@ -230,7 +229,7 @@ func main(){
 	defer rows.Close()
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Format string with \n\r
 package main
@ -253,7 +252,7 @@ func main(){
 	defer rows.Close()
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // SQLI by db.Query(some).Scan(&other)
 package main
@ -277,7 +276,7 @@ func main() {
 	}
 	defer db.Close()
 }`}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // SQLI by db.Query(some).Scan(&other)
 package main
@ -300,7 +299,7 @@ func main() {
 	}
 	defer db.Close()
 }`}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // SQLI by db.Prepare(some)
 package main
@ -333,7 +332,7 @@ func main() {
 	defer stmt.Close()
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // SQLI by db.PrepareContext(some)
 package main
@ -367,7 +366,7 @@ func main() {
 	defer stmt.Close()
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // false positive
 package main
@ -399,5 +398,4 @@ func main() {
 	defer stmt.Close()
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g202_samples.go
+++ b/testutils/g202_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG202 - SQL query string building via string concatenation
-	// SampleCodeG202 - SQL query string building via string concatenation
+var SampleCodeG202 = []CodeSample{
-	SampleCodeG202 = []CodeSample{
+	{[]string{`
 		{[]string{`
 // infixed concatenation
 package main
@ -28,7 +27,7 @@ func main(){
 	defer rows.Close()
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -48,7 +47,7 @@ func main(){
 	defer rows.Close()
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // case insensitive match
 package main
@ -69,7 +68,7 @@ func main(){
 	defer rows.Close()
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // context match
 package main
@ -91,7 +90,7 @@ func main(){
 	defer rows.Close()
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // DB transaction check
 package main
@ -121,7 +120,7 @@ func main(){
 	}
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // multiple string concatenation
 package main
@ -142,7 +141,7 @@ func main(){
 	defer rows.Close()
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // false positive
 package main
@ -163,7 +162,7 @@ func main(){
 	defer rows.Close()
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -186,7 +185,7 @@ func main(){
 	defer rows.Close()
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 const gender = "M"
@ -213,7 +212,7 @@ func main(){
 		defer rows.Close()
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // ExecContext match
 package main
@ -235,7 +234,7 @@ func main() {
 	}
 	fmt.Println(result)
 }`}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Exec match
 package main
@ -256,7 +255,7 @@ func main() {
 	}
 	fmt.Println(result)
 }`}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -280,5 +279,4 @@ func main() {
 	fmt.Println(result)
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g203_samples.go
+++ b/testutils/g203_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG203 - Template checks
-	// SampleCodeG203 - Template checks
+var SampleCodeG203 = []CodeSample{
-	SampleCodeG203 = []CodeSample{
+	{[]string{`
 		{[]string{`
 // We assume that hardcoded template strings are safe as the programmer would
 // need to be explicitly shooting themselves in the foot (as below)
 package main
@ -26,7 +25,7 @@ func main() {
 	t.Execute(os.Stdout, v)
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Using a variable to initialize could potentially be dangerous. Under the
 // current model this will likely produce some false positives.
 package main
@ -48,7 +47,7 @@ func main() {
 	t.Execute(os.Stdout, v)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -68,7 +67,7 @@ func main() {
 	t.Execute(os.Stdout, v)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -88,5 +87,4 @@ func main() {
 	t.Execute(os.Stdout, v)
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g204_samples.go
+++ b/testutils/g204_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG204 - Subprocess auditing
-	// SampleCodeG204 - Subprocess auditing
+var SampleCodeG204 = []CodeSample{
-	SampleCodeG204 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -22,7 +21,7 @@ func main() {
  	log.Printf("Command finished with error: %v", err)
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Calling any function which starts a new process with using
 // command line arguments as it's arguments is considered dangerous
 package main
@ -42,7 +41,7 @@ func main() {
 	log.Printf("Command finished with error: %v", err)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Initializing a local variable using a environmental
 // variable is consider as a dangerous user input
 package main
@ -65,7 +64,7 @@ func main() {
 	log.Printf("Command finished with error: %v", err)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // gosec doesn't have enough context to decide that the
 // command argument of the RunCmd function is hardcoded string
 // and that's why it's better to warn the user so he can audit it
@ -90,7 +89,7 @@ func main() {
 	RunCmd("sleep")
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -120,7 +119,7 @@ func main() {
 	RunCmd("ll", "ls")
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // syscall.Exec function called with hardcoded arguments
 // shouldn't be consider as a command injection
 package main
@ -137,8 +136,8 @@ func main() {
 	}
 }
 `}, 0, gosec.NewConfig()},
-		{
+	{
-			[]string{`
+		[]string{`
 package main
 import (
@ -156,8 +155,9 @@ func RunCmd(command string) {
 func main() {
 	RunCmd("sleep")
 }
-`}, 1, gosec.NewConfig()},
+`}, 1, gosec.NewConfig(),
-		{[]string{`
+	},
 	{[]string{`
 package main
 import (
@ -176,7 +176,7 @@ func main() {
 	RunCmd("sleep")
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // starting a process with a variable as an argument
 // even if not constant is not considered as dangerous
 // because it has hardcoded value
@ -199,7 +199,7 @@ func main() {
 	log.Printf("Command finished with error: %v", err)
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // exec.Command from supplemental package sys/execabs
 // using variable arguments
 package main
@ -219,7 +219,7 @@ func main() {
 	log.Printf("Command finished with error: %v", err)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Initializing a local variable using a environmental
 // variable is consider as a dangerous user input
 package main
@ -242,5 +242,4 @@ func main() {
 	log.Printf("Command finished with error: %v", err)
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g301_samples.go
+++ b/testutils/g301_samples.go
@ -2,9 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var ( // SampleCodeG301 - mkdir permission check
+// SampleCodeG301 - mkdir permission check
-	SampleCodeG301 = []CodeSample{
+var SampleCodeG301 = []CodeSample{
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -20,7 +20,7 @@ func main() {
 	}
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -36,7 +36,7 @@ func main() {
 	}
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -52,5 +52,4 @@ func main() {
 	}
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g302_samples.go
+++ b/testutils/g302_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG302 - file create / chmod permissions check
-	// SampleCodeG302 - file create / chmod permissions check
+var SampleCodeG302 = []CodeSample{
-	SampleCodeG302 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -21,7 +20,7 @@ func main() {
 	}
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -37,7 +36,7 @@ func main() {
 	}
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -53,7 +52,7 @@ func main() {
 	}
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -69,5 +68,4 @@ func main() {
 	}
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g303_samples.go
+++ b/testutils/g303_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG303 - bad tempfile permissions & hardcoded shared path
-	// SampleCodeG303 - bad tempfile permissions & hardcoded shared path
+var SampleCodeG303 = []CodeSample{
-	SampleCodeG303 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package samples
 import (
@ -57,5 +56,4 @@ func main() {
 	}
 }
 `}, 9, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g304_samples.go
+++ b/testutils/g304_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG304 - potential file inclusion vulnerability
-	// SampleCodeG304 - potential file inclusion vulnerability
+var SampleCodeG304 = []CodeSample{
-	SampleCodeG304 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -24,7 +23,7 @@ func main() {
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -42,7 +41,7 @@ func main() {
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -68,7 +67,7 @@ func main() {
 	log.Fatal(http.ListenAndServe(":3000", nil))
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -94,7 +93,7 @@ func main() {
 	log.Fatal(http.ListenAndServe(":3000", nil))
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -112,7 +111,7 @@ import (
 		log.Print(body)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -138,7 +137,7 @@ func main() {
  fmt.Println(string(contents))
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -159,7 +158,7 @@ func main() {
 	log.Print(body)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -176,7 +175,7 @@ func main() {
    }
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -196,7 +195,7 @@ func main() {
 	openFile(repoFile)
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -219,7 +218,7 @@ func main() {
 	openFile(dir, repoFile)
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -239,7 +238,7 @@ func main() {
    }
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -271,7 +270,7 @@ func main() {
 	}
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -303,5 +302,4 @@ package main
 var THEWD string
 `}, 0, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g305_samples.go
+++ b/testutils/g305_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG305 - File path traversal when extracting zip/tar archives
-	// SampleCodeG305 - File path traversal when extracting zip/tar archives
+var SampleCodeG305 = []CodeSample{
-	SampleCodeG305 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package unzip
 import (
@ -52,7 +51,7 @@ func unzip(archive, target string) error {
 	return nil
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package unzip
 import (
@ -100,7 +99,7 @@ func unzip(archive, target string) error {
 	return nil
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package zip
 import (
@ -140,7 +139,7 @@ func extractFile(f *zip.File, destPath string) error {
    return os.Chmod(filePath, f.FileInfo().Mode())
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package tz
 import (
@ -174,5 +173,4 @@ func extractFile(f *tar.Header, tr *tar.Reader, destPath string) error {
    return os.Chmod(filePath, f.FileInfo().Mode())
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g306_samples.go
+++ b/testutils/g306_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG306 - Poor permissions for WriteFile
-	// SampleCodeG306 - Poor permissions for WriteFile
+var SampleCodeG306 = []CodeSample{
-	SampleCodeG306 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -54,5 +53,4 @@ func main() {
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g307_samples.go
+++ b/testutils/g307_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG307 - Poor permissions for os.Create
-	// SampleCodeG307 - Poor permissions for os.Create
+var SampleCodeG307 = []CodeSample{
-	SampleCodeG307 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -25,7 +24,7 @@ func main() {
 	defer f.Close()
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -45,5 +44,4 @@ func main() {
 	defer f.Close()
 }
 `}, 1, gosec.Config{"G307": "0o600"}},
-	}
+}
 )
--- a/testutils/g402_samples.go
+++ b/testutils/g402_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG402 - TLS settings
-	// SampleCodeG402 - TLS settings
+var SampleCodeG402 = []CodeSample{
-	SampleCodeG402 = []CodeSample{
+	{[]string{`
 		{[]string{`
 // InsecureSkipVerify
 package main
@ -27,7 +26,7 @@ func main() {
 	}
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // InsecureSkipVerify from variable
 package main
@ -40,7 +39,7 @@ func main() {
 	conf.InsecureSkipVerify = true
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Insecure minimum version
 package main
@ -61,7 +60,7 @@ func main() {
 	}
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Insecure minimum version
 package main
@ -83,7 +82,7 @@ func main() {
 	fmt.Printf("Debug: %v\n", a.MinVersion)
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Insecure minimum version
 package main
@ -103,7 +102,7 @@ func main() {
 	fmt.Printf("Debug: %v\n", a.MinVersion)
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Insecure minimum version
 package main
 import (
@ -123,7 +122,7 @@ func main() {
 	fmt.Printf("Debug: %v\n", a.MinVersion)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Insecure minimum version
 package main
@ -148,7 +147,7 @@ func main() {
 	fmt.Printf("Debug: %v\n", a.MinVersion)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Insecure minimum version
 package main
@ -171,7 +170,7 @@ func main() {
 	}
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Insecure max version
 package main
@ -192,7 +191,7 @@ func main() {
 	}
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // Insecure ciphersuite selection
 package main
@ -218,7 +217,7 @@ func main() {
 	}
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 // secure max version when min version is specified
 package main
@ -242,7 +241,7 @@ func main() {
 	}
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package p0
 import "crypto/tls"
@ -260,7 +259,7 @@ func TlsConfig1() *tls.Config {
   return &tls.Config{MinVersion: 0x0304}
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -281,7 +280,7 @@ import "crypto/tls"
 const MinVer = tls.VersionTLS13
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -294,5 +293,4 @@ func main() {
 	_ = cryptotls.Config{MinVersion: cryptotls.VersionTLS12}
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g403_samples.go
+++ b/testutils/g403_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG403 - weak key strength
-	// SampleCodeG403 - weak key strength
+var SampleCodeG403 = []CodeSample{
-	SampleCodeG403 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -23,5 +22,4 @@ func main() {
 	fmt.Println(pvk)
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g404_samples.go
+++ b/testutils/g404_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG404 - weak random number
-	// SampleCodeG404 - weak random number
+var SampleCodeG404 = []CodeSample{
-	SampleCodeG404 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import "crypto/rand"
@ -15,7 +14,7 @@ func main() {
 	println(good)
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import "math/rand"
@ -25,7 +24,7 @@ func main() {
 	println(bad)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -40,7 +39,7 @@ func main() {
 	println(bad)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -53,7 +52,7 @@ func main() {
 	println(bad)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -65,7 +64,7 @@ func main() {
 	println(bad)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -81,7 +80,7 @@ func main() {
 	println(bad)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import (
@ -100,5 +99,4 @@ func main() {
 	_ = rand3.Intn(2)  // bad
 }
 `}, 3, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g501_samples.go
+++ b/testutils/g501_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG501 - Blocklisted import MD5
-	// SampleCodeG501 - Blocklisted import MD5
+var SampleCodeG501 = []CodeSample{
-	SampleCodeG501 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -20,5 +19,4 @@ func main() {
 	}
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g502_samples.go
+++ b/testutils/g502_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG502 - Blocklisted import DES
-	// SampleCodeG502 - Blocklisted import DES
+var SampleCodeG502 = []CodeSample{
-	SampleCodeG502 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -33,5 +32,4 @@ func main() {
 	fmt.Println("Secret message is: %s", hex.EncodeToString(ciphertext))
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g503_samples.go
+++ b/testutils/g503_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG503 - Blocklisted import RC4
-	// SampleCodeG503 - Blocklisted import RC4
+var SampleCodeG503 = []CodeSample{
-	SampleCodeG503 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -25,5 +24,4 @@ func main() {
 	fmt.Println("Secret message is: %s", hex.EncodeToString(ciphertext))
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g504_samples.go
+++ b/testutils/g504_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG504 - Blocklisted import CGI
-	// SampleCodeG504 - Blocklisted import CGI
+var SampleCodeG504 = []CodeSample{
-	SampleCodeG504 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -17,5 +16,4 @@ func main() {
 	cgi.Serve(http.FileServer(http.Dir("/usr/share/doc")))
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g505_samples.go
+++ b/testutils/g505_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG505 - Blocklisted import SHA1
-	// SampleCodeG505 - Blocklisted import SHA1
+var SampleCodeG505 = []CodeSample{
-	SampleCodeG505 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import (
@ -20,5 +19,4 @@ func main() {
 	}
 }
 `}, 1, gosec.NewConfig()},
-	}
+}
 )
--- a/testutils/g602_samples.go
+++ b/testutils/g602_samples.go
@ -2,10 +2,9 @@ package testutils
 import "github.com/securego/gosec/v2"
-var (
+// SampleCodeG602 - Slice access out of bounds
-	// SampleCodeG602 - Slice access out of bounds
+var SampleCodeG602 = []CodeSample{
-	SampleCodeG602 = []CodeSample{
+	{[]string{`
 		{[]string{`
 package main
 import "fmt"
@ -18,7 +17,7 @@ func main() {
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import "fmt"
@ -31,7 +30,7 @@ func main() {
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import "fmt"
@ -44,7 +43,7 @@ func main() {
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import "fmt"
@ -57,7 +56,7 @@ func main() {
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import "fmt"
@ -70,7 +69,7 @@ func main() {
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import "fmt"
@ -83,7 +82,7 @@ func main() {
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import "fmt"
@ -96,7 +95,7 @@ func main() {
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import "fmt"
@ -110,7 +109,7 @@ func main() {
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import "fmt"
@ -124,7 +123,7 @@ func main() {
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import "fmt"
@ -138,7 +137,7 @@ func main() {
 }
 `}, 2, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import "fmt"
@ -151,7 +150,7 @@ func main() {
 	fmt.Println(y)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import "fmt"
@ -167,7 +166,7 @@ func doStuff(x []int) {
 	fmt.Println(newSlice)
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import "fmt"
@ -190,7 +189,7 @@ func doStuff(x []int) {
 	fmt.Println(newSlice2)
 }
 `}, 2, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import "fmt"
@ -205,7 +204,7 @@ func main() {
  fmt.Println(testMap)
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import "fmt"
@ -217,7 +216,7 @@ func main() {
  }
 }
 `}, 0, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import "fmt"
@ -230,7 +229,7 @@ func main() {
 	fmt.Println(s[0])
 }
 `}, 1, gosec.NewConfig()},
-		{[]string{`
+	{[]string{`
 package main
 import "fmt"
@ -251,5 +250,4 @@ func main() {
 	}
 }
 `}, 0, gosec.NewConfig()},
-	}
+}
 )