mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 12:05:52 +00:00
Refactor path matching logic
Effectively using filepath.Glob to build a set of files and directories to exclude from the scan. (ref: https://golang.org/pkg/path/filepath/#Glob)
This commit is contained in:
parent
b5a98c12a8
commit
59fbf7446d
2 changed files with 46 additions and 48 deletions
84
filelist.go
84
filelist.go
|
@ -15,59 +15,57 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"os"
|
||||
"path"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
)
|
||||
|
||||
type filelist []string
|
||||
|
||||
func (f *filelist) String() string {
|
||||
return strings.Join([]string(*f), ", ")
|
||||
type filelist struct {
|
||||
paths map[string]bool
|
||||
globs []string
|
||||
}
|
||||
|
||||
func (f *filelist) Set(val string) error {
|
||||
*f = append(*f, val)
|
||||
func newFileList(paths ...string) *filelist {
|
||||
|
||||
f := &filelist{
|
||||
make(map[string]bool),
|
||||
make([]string, 0),
|
||||
}
|
||||
|
||||
for _, path := range paths {
|
||||
f.Set(path)
|
||||
}
|
||||
return f
|
||||
}
|
||||
|
||||
func (f *filelist) String() string {
|
||||
return strings.Join(f.globs, ", ")
|
||||
}
|
||||
|
||||
func (f *filelist) Set(path string) error {
|
||||
f.globs = append(f.globs, path)
|
||||
matches, e := filepath.Glob(path)
|
||||
if e != nil {
|
||||
return e
|
||||
}
|
||||
for _, each := range matches {
|
||||
abs, e := filepath.Abs(each)
|
||||
if e != nil {
|
||||
return e
|
||||
}
|
||||
f.paths[abs] = true
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (f *filelist) Contains(pathname string) bool {
|
||||
|
||||
// Ignore dot files
|
||||
_, filename := filepath.Split(pathname)
|
||||
if strings.HasPrefix(filename, ".") {
|
||||
return true
|
||||
func (f filelist) Contains(path string) bool {
|
||||
_, present := f.paths[path]
|
||||
return present
|
||||
}
|
||||
|
||||
cwd, _ := os.Getwd()
|
||||
abs, _ := filepath.Abs(pathname)
|
||||
|
||||
for _, pattern := range *f {
|
||||
|
||||
// Also check working directory
|
||||
rel := path.Join(cwd, pattern)
|
||||
|
||||
// Match pattern directly
|
||||
if matched, _ := filepath.Match(pattern, pathname); matched {
|
||||
return true
|
||||
/*
|
||||
func (f filelist) Dump() {
|
||||
for k, _ := range f.paths {
|
||||
println(k)
|
||||
}
|
||||
// Also check pattern relative to working directory
|
||||
if matched, _ := filepath.Match(rel, pathname); matched {
|
||||
return true
|
||||
}
|
||||
|
||||
// match file suffixes ie. *_test.go
|
||||
if matched, _ := filepath.Match(filepath.Join("**", pattern), pathname); matched {
|
||||
return true
|
||||
}
|
||||
|
||||
// Finally try absolute path
|
||||
st, e := os.Stat(rel)
|
||||
if os.IsExist(e) && st.IsDir() && strings.HasPrefix(abs, rel) {
|
||||
return true
|
||||
}
|
||||
|
||||
}
|
||||
return false
|
||||
}
|
||||
*/
|
||||
|
|
4
main.go
4
main.go
|
@ -139,8 +139,8 @@ func main() {
|
|||
flag.Usage = usage
|
||||
|
||||
// Exclude files
|
||||
var excluded filelist = []string{"*_test.go"}
|
||||
flag.Var(&excluded, "skip", "File pattern to exclude from scan")
|
||||
excluded := newFileList("**/*_test.go")
|
||||
flag.Var(excluded, "skip", "File pattern to exclude from scan")
|
||||
|
||||
incRules := ""
|
||||
flag.StringVar(&incRules, "include", "", "Comma separated list of rules IDs to include. (see rule list)")
|
||||
|
|
Loading…
Reference in a new issue