actions/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2024-11-05 11:35:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #24 from csstaub/cs/smarter-creds-check

Browse source 
Smarter hard-coded credentials check
This commit is contained in:
Tim Kelsey 2016-07-28 10:31:33 +01:00 committed by GitHub
commit c5d271566c
1 changed files with 7 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
rules/hardcoded_credentials.go
View file

@ -15,9 +15,10 @@
package rules
import (
gas "github.com/HewlettPackard/gas/core"
"go/ast"
"regexp"
gas "github.com/HewlettPackard/gas/core"
)
type CredsAssign struct {
@ -30,8 +31,11 @@ func (r *CredsAssign) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, err erro
for _, i := range node.Lhs {
if ident, ok := i.(*ast.Ident); ok {
if r.pattern.MatchString(ident.Name) {
gi = gas.NewIssue(c, n, r.What, r.Severity, r.Confidence)
break
for _, e := range node.Rhs {
if _, ok := e.(*ast.BasicLit); ok {
return gas.NewIssue(c, n, r.What, r.Severity, r.Confidence), nil
}
}
}
}
}