actions/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2024-11-05 19:45:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update the README with an example to configure the hard-coded credentials rule

Browse source 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
This commit is contained in:
Cosmin Cojocar 2020-04-15 16:13:40 +02:00 committed by Cosmin Cojocar
parent 802292c54f
commit a2a40de847
1 changed files with 14 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
README.md
View file

@ -171,6 +171,20 @@ of functions which will be skipped when auditing the not checked errors:
}
```
You can also configure the hard-coded credentials rule `G101` with additional patters, or adjust the entropy threshold:
```JSON
{
"G101": {
"pattern": "(?i)passwd|pass|password|pwd|secret|private_key|token",
"ingnore_entropy": false,
"entropy_threshold": "80.0",
"per_char_threshold": "3.0",
"trucate": "32"
}
}
```
### Dependencies
gosec will fetch automatically the dependencies of the code which is being analyzed when go module is turned on (e.g.` GO111MODULE=on`). If this is not the case,