mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 12:05:52 +00:00
feat: add env var to override the Go version detection
This commit is contained in:
parent
75dd9d61ff
commit
5f0084eb01
2 changed files with 12 additions and 9 deletions
|
@ -234,7 +234,7 @@ You can also configure the hard-coded credentials rule `G101` with additional pa
|
||||||
|
|
||||||
Some rules require a specific Go version which is retrieved from the Go module file present in the project. If this version cannot be found, it will fallback to Go runtime version.
|
Some rules require a specific Go version which is retrieved from the Go module file present in the project. If this version cannot be found, it will fallback to Go runtime version.
|
||||||
|
|
||||||
The Go module version is parsed using the `go list` command which in some cases might lead to performance degradation. In this situation, the go module version can be easily disabled by setting the environment variable `GOSECNOMODVERSION=on`.
|
The Go module version is parsed using the `go list` command which in some cases might lead to performance degradation. In this situation, the go module version can be easily provided by setting the environment variable `GOSECGOVERSION=go1.21.1`.
|
||||||
|
|
||||||
### Dependencies
|
### Dependencies
|
||||||
|
|
||||||
|
|
17
helpers.go
17
helpers.go
|
@ -32,8 +32,8 @@ import (
|
||||||
"strings"
|
"strings"
|
||||||
)
|
)
|
||||||
|
|
||||||
// noGoModVersion disables the parsing of go version from go module file present in the project
|
// envGoModVersion overrides the Go version detection.
|
||||||
const noGoModVersion = "GOSECNOMODVERSION"
|
const envGoModVersion = "GOSECGOVERSION"
|
||||||
|
|
||||||
// MatchCallByPackage ensures that the specified package is imported,
|
// MatchCallByPackage ensures that the specified package is imported,
|
||||||
// adjusts the name for any aliases and ignores cases that are
|
// adjusts the name for any aliases and ignores cases that are
|
||||||
|
@ -501,13 +501,16 @@ func RootPath(root string) (string, error) {
|
||||||
|
|
||||||
// GoVersion returns parsed version of Go mod version and fallback to runtime version if not found.
|
// GoVersion returns parsed version of Go mod version and fallback to runtime version if not found.
|
||||||
func GoVersion() (int, int, int) {
|
func GoVersion() (int, int, int) {
|
||||||
_, ok := os.LookupEnv(noGoModVersion)
|
if env, ok := os.LookupEnv(envGoModVersion); ok {
|
||||||
if !ok {
|
return parseGoVersion(strings.TrimPrefix(env, "go"))
|
||||||
if goModVersion, err := goModVersion(); err == nil {
|
|
||||||
return parseGoVersion(goModVersion)
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
goVersion, err := goModVersion()
|
||||||
|
if err != nil {
|
||||||
return parseGoVersion(strings.TrimPrefix(runtime.Version(), "go"))
|
return parseGoVersion(strings.TrimPrefix(runtime.Version(), "go"))
|
||||||
|
}
|
||||||
|
|
||||||
|
return parseGoVersion(goVersion)
|
||||||
}
|
}
|
||||||
|
|
||||||
type goListOutput struct {
|
type goListOutput struct {
|
||||||
|
|
Loading…
Reference in a new issue