mirror of
https://github.com/securego/gosec.git
synced 2024-12-24 11:35:52 +00:00
Disclaimer about project status
This commit is contained in:
parent
f9bf428e75
commit
9ce14dc683
1 changed files with 6 additions and 1 deletions
|
@ -2,6 +2,11 @@
|
||||||
|
|
||||||
Inspects source code for security problems by scanning the Go AST.
|
Inspects source code for security problems by scanning the Go AST.
|
||||||
|
|
||||||
|
### Project status
|
||||||
|
|
||||||
|
Gas is still in alpha and accepting feedback from early adopters. We do
|
||||||
|
not consider it production ready at this time.
|
||||||
|
|
||||||
### Usage
|
### Usage
|
||||||
|
|
||||||
Gas can be configured to only run a subset of rules, to exclude certain file
|
Gas can be configured to only run a subset of rules, to exclude certain file
|
||||||
|
@ -31,7 +36,7 @@ explicitly enabled to meet the [intermediate compatibility]( https://wiki.mozill
|
||||||
- __tls_old__ - Checks to ensure ciphers and protocol versions are
|
- __tls_old__ - Checks to ensure ciphers and protocol versions are
|
||||||
explicitly enabled to meet the [older compatibility](https://wiki.mozilla.org/Security/Server_Side_TLS#Old_compatibility_.28default.29) standards recommended by Mozilla.
|
explicitly enabled to meet the [older compatibility](https://wiki.mozilla.org/Security/Server_Side_TLS#Old_compatibility_.28default.29) standards recommended by Mozilla.
|
||||||
- __templates__ - Detect cases where input is not escaped when entered into Go HTML templates.
|
- __templates__ - Detect cases where input is not escaped when entered into Go HTML templates.
|
||||||
- exec - Report cases where the application is executing an external process.
|
- __exec__ - Report cases where the application is executing an external process.
|
||||||
- __errors__ - Report error return values that are ignored.
|
- __errors__ - Report error return values that are ignored.
|
||||||
- __httpoxy__ - Report on CGI usage as it may indicate vulnerability to the [httpoxy](https://httpoxy.org/) vulnerability.
|
- __httpoxy__ - Report on CGI usage as it may indicate vulnerability to the [httpoxy](https://httpoxy.org/) vulnerability.
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue