mirror of
https://github.com/securego/gosec.git
synced 2024-11-05 11:35:51 +00:00
feat: add env var to override the Go version detection
This commit is contained in:
parent
75dd9d61ff
commit
5f0084eb01
2 changed files with 12 additions and 9 deletions
|
@ -234,7 +234,7 @@ You can also configure the hard-coded credentials rule `G101` with additional pa
|
|||
|
||||
Some rules require a specific Go version which is retrieved from the Go module file present in the project. If this version cannot be found, it will fallback to Go runtime version.
|
||||
|
||||
The Go module version is parsed using the `go list` command which in some cases might lead to performance degradation. In this situation, the go module version can be easily disabled by setting the environment variable `GOSECNOMODVERSION=on`.
|
||||
The Go module version is parsed using the `go list` command which in some cases might lead to performance degradation. In this situation, the go module version can be easily provided by setting the environment variable `GOSECGOVERSION=go1.21.1`.
|
||||
|
||||
### Dependencies
|
||||
|
||||
|
|
19
helpers.go
19
helpers.go
|
@ -32,8 +32,8 @@ import (
|
|||
"strings"
|
||||
)
|
||||
|
||||
// noGoModVersion disables the parsing of go version from go module file present in the project
|
||||
const noGoModVersion = "GOSECNOMODVERSION"
|
||||
// envGoModVersion overrides the Go version detection.
|
||||
const envGoModVersion = "GOSECGOVERSION"
|
||||
|
||||
// MatchCallByPackage ensures that the specified package is imported,
|
||||
// adjusts the name for any aliases and ignores cases that are
|
||||
|
@ -501,13 +501,16 @@ func RootPath(root string) (string, error) {
|
|||
|
||||
// GoVersion returns parsed version of Go mod version and fallback to runtime version if not found.
|
||||
func GoVersion() (int, int, int) {
|
||||
_, ok := os.LookupEnv(noGoModVersion)
|
||||
if !ok {
|
||||
if goModVersion, err := goModVersion(); err == nil {
|
||||
return parseGoVersion(goModVersion)
|
||||
}
|
||||
if env, ok := os.LookupEnv(envGoModVersion); ok {
|
||||
return parseGoVersion(strings.TrimPrefix(env, "go"))
|
||||
}
|
||||
return parseGoVersion(strings.TrimPrefix(runtime.Version(), "go"))
|
||||
|
||||
goVersion, err := goModVersion()
|
||||
if err != nil {
|
||||
return parseGoVersion(strings.TrimPrefix(runtime.Version(), "go"))
|
||||
}
|
||||
|
||||
return parseGoVersion(goVersion)
|
||||
}
|
||||
|
||||
type goListOutput struct {
|
||||
|
|
Loading…
Reference in a new issue