mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 03:55:54 +00:00
Allows the exclude-dir option to exclude sub directories
This commit is contained in:
parent
d4dc2d2df5
commit
521e69ef66
3 changed files with 27 additions and 3 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -33,6 +33,7 @@ _testmain.go
|
||||||
.DS_Store
|
.DS_Store
|
||||||
|
|
||||||
.vscode
|
.vscode
|
||||||
|
.idea
|
||||||
|
|
||||||
# SBOMs generated during CI
|
# SBOMs generated during CI
|
||||||
/bom.json
|
/bom.json
|
||||||
|
|
|
@ -402,7 +402,7 @@ func PackagePaths(root string, excludes []*regexp.Regexp) ([]string, error) {
|
||||||
err := filepath.Walk(root, func(path string, f os.FileInfo, err error) error {
|
err := filepath.Walk(root, func(path string, f os.FileInfo, err error) error {
|
||||||
if filepath.Ext(path) == ".go" {
|
if filepath.Ext(path) == ".go" {
|
||||||
path = filepath.Dir(path)
|
path = filepath.Dir(path)
|
||||||
if isExcluded(path, excludes) {
|
if isExcluded(filepath.ToSlash(path), excludes) {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
paths[path] = true
|
paths[path] = true
|
||||||
|
@ -437,7 +437,7 @@ func isExcluded(str string, excludes []*regexp.Regexp) bool {
|
||||||
func ExcludedDirsRegExp(excludedDirs []string) []*regexp.Regexp {
|
func ExcludedDirsRegExp(excludedDirs []string) []*regexp.Regexp {
|
||||||
var exps []*regexp.Regexp
|
var exps []*regexp.Regexp
|
||||||
for _, excludedDir := range excludedDirs {
|
for _, excludedDir := range excludedDirs {
|
||||||
str := fmt.Sprintf(`([\\/])?%s([\\/])?`, excludedDir)
|
str := fmt.Sprintf(`([\\/])?%s([\\/])?`, strings.ReplaceAll(filepath.ToSlash(excludedDir), "/", `\/`))
|
||||||
r := regexp.MustCompile(str)
|
r := regexp.MustCompile(str)
|
||||||
exps = append(exps, r)
|
exps = append(exps, r)
|
||||||
}
|
}
|
||||||
|
|
|
@ -49,6 +49,18 @@ var _ = Describe("Helpers", func() {
|
||||||
Expect(err).ShouldNot(HaveOccurred())
|
Expect(err).ShouldNot(HaveOccurred())
|
||||||
Expect(paths).Should(Equal([]string{dir}))
|
Expect(paths).Should(Equal([]string{dir}))
|
||||||
})
|
})
|
||||||
|
It("should exclude folder with subpath", func() {
|
||||||
|
nested := dir + "/pkg/generated"
|
||||||
|
err := os.MkdirAll(nested, 0755)
|
||||||
|
Expect(err).ShouldNot(HaveOccurred())
|
||||||
|
_, err = os.Create(nested + "/test.go")
|
||||||
|
Expect(err).ShouldNot(HaveOccurred())
|
||||||
|
exclude, err := regexp.Compile(`([\\/])?/pkg\/generated([\\/])?`)
|
||||||
|
Expect(err).ShouldNot(HaveOccurred())
|
||||||
|
paths, err := gosec.PackagePaths(dir+"/...", []*regexp.Regexp{exclude})
|
||||||
|
Expect(err).ShouldNot(HaveOccurred())
|
||||||
|
Expect(paths).Should(Equal([]string{dir}))
|
||||||
|
})
|
||||||
It("should be empty when folder does not exist", func() {
|
It("should be empty when folder does not exist", func() {
|
||||||
nested := dir + "/test"
|
nested := dir + "/test"
|
||||||
paths, err := gosec.PackagePaths(nested+"/...", nil)
|
paths, err := gosec.PackagePaths(nested+"/...", nil)
|
||||||
|
@ -66,7 +78,7 @@ var _ = Describe("Helpers", func() {
|
||||||
Expect(err).ShouldNot(HaveOccurred())
|
Expect(err).ShouldNot(HaveOccurred())
|
||||||
Expect(root).Should(Equal(filepath.Join(cwd, base)))
|
Expect(root).Should(Equal(filepath.Join(cwd, base)))
|
||||||
})
|
})
|
||||||
It("should retrun the absolute path from ellipsis path", func() {
|
It("should return the absolute path from ellipsis path", func() {
|
||||||
base := "test"
|
base := "test"
|
||||||
cwd, err := os.Getwd()
|
cwd, err := os.Getwd()
|
||||||
Expect(err).ShouldNot(HaveOccurred())
|
Expect(err).ShouldNot(HaveOccurred())
|
||||||
|
@ -86,6 +98,17 @@ var _ = Describe("Helpers", func() {
|
||||||
Expect(match).Should(BeFalse())
|
Expect(match).Should(BeFalse())
|
||||||
})
|
})
|
||||||
|
|
||||||
|
It("should create a proper regexp for dir with subdir", func() {
|
||||||
|
r := gosec.ExcludedDirsRegExp([]string{`test/generated`})
|
||||||
|
Expect(len(r)).Should(Equal(1))
|
||||||
|
match := r[0].MatchString("/home/go/src/project/test/generated")
|
||||||
|
Expect(match).Should(BeTrue())
|
||||||
|
match = r[0].MatchString("/home/go/src/project/test/pkg")
|
||||||
|
Expect(match).Should(BeFalse())
|
||||||
|
match = r[0].MatchString("/home/go/src/project/vendor/pkg")
|
||||||
|
Expect(match).Should(BeFalse())
|
||||||
|
})
|
||||||
|
|
||||||
It("should create no regexp when dir list is empty", func() {
|
It("should create no regexp when dir list is empty", func() {
|
||||||
r := gosec.ExcludedDirsRegExp(nil)
|
r := gosec.ExcludedDirsRegExp(nil)
|
||||||
Expect(len(r)).Should(Equal(0))
|
Expect(len(r)).Should(Equal(0))
|
||||||
|
|
Loading…
Reference in a new issue