mirror of
https://github.com/securego/gosec.git
synced 2024-12-24 03:25:53 +00:00
Fix test that checks the overriden nosec directive
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
This commit is contained in:
parent
bde26196d0
commit
c06903addd
2 changed files with 9 additions and 4 deletions
|
@ -537,7 +537,12 @@ func (gosec *Analyzer) ignore(n ast.Node) map[string]issue.SuppressionInfo {
|
||||||
if groups, ok := gosec.context.Comments[n]; ok && !gosec.ignoreNosec {
|
if groups, ok := gosec.context.Comments[n]; ok && !gosec.ignoreNosec {
|
||||||
|
|
||||||
// Checks if an alternative for #nosec is set and, if not, uses the default.
|
// Checks if an alternative for #nosec is set and, if not, uses the default.
|
||||||
noSecDefaultTag := NoSecTag(string(Nosec))
|
noSecDefaultTag, err := gosec.config.GetGlobal(Nosec)
|
||||||
|
if err != nil {
|
||||||
|
noSecDefaultTag = NoSecTag(string(Nosec))
|
||||||
|
} else {
|
||||||
|
noSecDefaultTag = NoSecTag(noSecDefaultTag)
|
||||||
|
}
|
||||||
noSecAlternativeTag, err := gosec.config.GetGlobal(NoSecAlternative)
|
noSecAlternativeTag, err := gosec.config.GetGlobal(NoSecAlternative)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
noSecAlternativeTag = noSecDefaultTag
|
noSecAlternativeTag = noSecDefaultTag
|
||||||
|
|
|
@ -306,21 +306,21 @@ var _ = Describe("Analyzer", func() {
|
||||||
Expect(nosecIssues).Should(HaveLen(sample.Errors))
|
Expect(nosecIssues).Should(HaveLen(sample.Errors))
|
||||||
})
|
})
|
||||||
|
|
||||||
XIt("should be possible to overwrite nosec comments, and report issues but the should not be counted", func() {
|
It("should be possible to overwrite nosec comments, and report issues but they should not be counted", func() {
|
||||||
// Rule for MD5 weak crypto usage
|
// Rule for MD5 weak crypto usage
|
||||||
sample := testutils.SampleCodeG401[0]
|
sample := testutils.SampleCodeG401[0]
|
||||||
source := sample.Code[0]
|
source := sample.Code[0]
|
||||||
|
|
||||||
// overwrite nosec option
|
// overwrite nosec option
|
||||||
nosecIgnoreConfig := gosec.NewConfig()
|
nosecIgnoreConfig := gosec.NewConfig()
|
||||||
nosecIgnoreConfig.SetGlobal(gosec.Nosec, "true")
|
nosecIgnoreConfig.SetGlobal(gosec.Nosec, "mynosec")
|
||||||
nosecIgnoreConfig.SetGlobal(gosec.ShowIgnored, "true")
|
nosecIgnoreConfig.SetGlobal(gosec.ShowIgnored, "true")
|
||||||
customAnalyzer := gosec.NewAnalyzer(nosecIgnoreConfig, tests, false, false, 1, logger)
|
customAnalyzer := gosec.NewAnalyzer(nosecIgnoreConfig, tests, false, false, 1, logger)
|
||||||
customAnalyzer.LoadRules(rules.Generate(false, rules.NewRuleFilter(false, "G401")).RulesInfo())
|
customAnalyzer.LoadRules(rules.Generate(false, rules.NewRuleFilter(false, "G401")).RulesInfo())
|
||||||
|
|
||||||
nosecPackage := testutils.NewTestPackage()
|
nosecPackage := testutils.NewTestPackage()
|
||||||
defer nosecPackage.Close()
|
defer nosecPackage.Close()
|
||||||
nosecSource := strings.Replace(source, "h := md5.New()", "h := md5.New() //#nosec", 1)
|
nosecSource := strings.Replace(source, "h := md5.New()", "h := md5.New() // #mynosec", 1)
|
||||||
nosecPackage.AddFile("md5.go", nosecSource)
|
nosecPackage.AddFile("md5.go", nosecSource)
|
||||||
err := nosecPackage.Build()
|
err := nosecPackage.Build()
|
||||||
Expect(err).ShouldNot(HaveOccurred())
|
Expect(err).ShouldNot(HaveOccurred())
|
||||||
|
|
Loading…
Reference in a new issue