diff --git a/.golangci.yml b/.golangci.yml index 987dfc9..52e4d7c 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,33 +1,40 @@ linters: enable: - - asciicheck - - bodyclose - - depguard - - dogsled - - durationcheck - - errcheck - - errorlint - - exportloopref - - gci - - gofmt - - gofumpt - - goimports - - gosec - - gosimple - - govet - - importas - - ineffassign - - megacheck - - misspell - - nakedret - - nolintlint - - revive - - staticcheck - - typecheck - - unconvert - - unparam - - unused - - wastedassign + - asciicheck + - bodyclose + - depguard + - dogsled + - durationcheck + - errcheck + - errorlint + - exportloopref + - gci + - gofmt + - gofumpt + - goimports + - gosec + - gosimple + - govet + - importas + - ineffassign + - megacheck + - misspell + - nakedret + - nolintlint + - revive + - staticcheck + - typecheck + - unconvert + - unparam + - unused + - wastedassign + +linters-settings: + gci: + sections: + - standard + - default + - prefix(github.com/securego) run: timeout: 5m diff --git a/analyzers/ssrf.go b/analyzers/ssrf.go index a5a935f..a9dbd95 100644 --- a/analyzers/ssrf.go +++ b/analyzers/ssrf.go @@ -15,10 +15,11 @@ package analyzers import ( - "github.com/securego/gosec/v2/issue" "golang.org/x/tools/go/analysis" "golang.org/x/tools/go/analysis/passes/buildssa" "golang.org/x/tools/go/ssa" + + "github.com/securego/gosec/v2/issue" ) func newSSRFAnalyzer(id string, description string) *analysis.Analyzer { diff --git a/analyzers/util.go b/analyzers/util.go index 1347c80..b090a3e 100644 --- a/analyzers/util.go +++ b/analyzers/util.go @@ -21,9 +21,10 @@ import ( "os" "strconv" - "github.com/securego/gosec/v2/issue" "golang.org/x/tools/go/analysis" "golang.org/x/tools/go/analysis/passes/buildssa" + + "github.com/securego/gosec/v2/issue" ) // SSAAnalyzerResult contains various information returned by the diff --git a/call_list_test.go b/call_list_test.go index 6373dd9..c9ec453 100644 --- a/call_list_test.go +++ b/call_list_test.go @@ -5,6 +5,7 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "github.com/securego/gosec/v2" "github.com/securego/gosec/v2/testutils" ) diff --git a/cmd/gosec/sort_issues_test.go b/cmd/gosec/sort_issues_test.go index 0777e62..c7880b2 100644 --- a/cmd/gosec/sort_issues_test.go +++ b/cmd/gosec/sort_issues_test.go @@ -5,6 +5,7 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "github.com/securego/gosec/v2/issue" ) diff --git a/config_test.go b/config_test.go index 3d49111..40a0d8e 100644 --- a/config_test.go +++ b/config_test.go @@ -6,6 +6,7 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "github.com/securego/gosec/v2" ) diff --git a/cwe/data_test.go b/cwe/data_test.go index b77bf3a..d708c3c 100644 --- a/cwe/data_test.go +++ b/cwe/data_test.go @@ -3,6 +3,7 @@ package cwe_test import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "github.com/securego/gosec/v2/cwe" ) diff --git a/cwe/types_test.go b/cwe/types_test.go index 6fde26c..46b2a61 100644 --- a/cwe/types_test.go +++ b/cwe/types_test.go @@ -3,6 +3,7 @@ package cwe_test import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "github.com/securego/gosec/v2/cwe" ) diff --git a/flag_test.go b/flag_test.go index c3bc7a6..97edf00 100644 --- a/flag_test.go +++ b/flag_test.go @@ -6,6 +6,7 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "github.com/securego/gosec/v2/cmd/vflag" ) diff --git a/helpers_test.go b/helpers_test.go index 094ae24..c91c7de 100644 --- a/helpers_test.go +++ b/helpers_test.go @@ -8,6 +8,7 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "github.com/securego/gosec/v2" "github.com/securego/gosec/v2/testutils" ) diff --git a/import_tracker_test.go b/import_tracker_test.go index 4837312..f6ad13a 100644 --- a/import_tracker_test.go +++ b/import_tracker_test.go @@ -3,6 +3,7 @@ package gosec_test import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "github.com/securego/gosec/v2" "github.com/securego/gosec/v2/testutils" ) diff --git a/issue/issue_test.go b/issue/issue_test.go index d10fa60..6e53a58 100644 --- a/issue/issue_test.go +++ b/issue/issue_test.go @@ -5,6 +5,7 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "github.com/securego/gosec/v2" "github.com/securego/gosec/v2/issue" "github.com/securego/gosec/v2/rules" diff --git a/report/formatter_test.go b/report/formatter_test.go index 0688d1a..f028913 100644 --- a/report/formatter_test.go +++ b/report/formatter_test.go @@ -8,12 +8,13 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "gopkg.in/yaml.v3" + "github.com/securego/gosec/v2" "github.com/securego/gosec/v2/cwe" "github.com/securego/gosec/v2/issue" "github.com/securego/gosec/v2/report/junit" "github.com/securego/gosec/v2/report/sonar" - "gopkg.in/yaml.v3" ) func createIssueWithFileWhat(file, what string) *issue.Issue { diff --git a/report/sarif/formatter.go b/report/sarif/formatter.go index cfc1486..231519c 100644 --- a/report/sarif/formatter.go +++ b/report/sarif/formatter.go @@ -7,6 +7,7 @@ import ( "strings" "github.com/google/uuid" + "github.com/securego/gosec/v2" "github.com/securego/gosec/v2/cwe" "github.com/securego/gosec/v2/issue" diff --git a/report/sarif/sarif_test.go b/report/sarif/sarif_test.go index 29ca85f..667f39a 100644 --- a/report/sarif/sarif_test.go +++ b/report/sarif/sarif_test.go @@ -6,6 +6,7 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "github.com/securego/gosec/v2" "github.com/securego/gosec/v2/issue" "github.com/securego/gosec/v2/report/sarif" diff --git a/report/sonar/sonar_test.go b/report/sonar/sonar_test.go index 13a0fb1..9591993 100644 --- a/report/sonar/sonar_test.go +++ b/report/sonar/sonar_test.go @@ -3,6 +3,7 @@ package sonar_test import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "github.com/securego/gosec/v2" "github.com/securego/gosec/v2/issue" "github.com/securego/gosec/v2/report/sonar" diff --git a/report/text/writer.go b/report/text/writer.go index f7d50a3..d839a43 100644 --- a/report/text/writer.go +++ b/report/text/writer.go @@ -11,6 +11,7 @@ import ( "text/template" "github.com/gookit/color" + "github.com/securego/gosec/v2" "github.com/securego/gosec/v2/issue" ) diff --git a/report/yaml/writer.go b/report/yaml/writer.go index 0cb59c9..54fe968 100644 --- a/report/yaml/writer.go +++ b/report/yaml/writer.go @@ -3,8 +3,9 @@ package yaml import ( "io" - "github.com/securego/gosec/v2" "gopkg.in/yaml.v3" + + "github.com/securego/gosec/v2" ) // WriteReport write a report in yaml format to the output writer diff --git a/resolve_test.go b/resolve_test.go index f4c872d..9ca1f11 100644 --- a/resolve_test.go +++ b/resolve_test.go @@ -5,6 +5,7 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "github.com/securego/gosec/v2" "github.com/securego/gosec/v2/testutils" ) diff --git a/rule_test.go b/rule_test.go index 1dfbd30..9830268 100644 --- a/rule_test.go +++ b/rule_test.go @@ -6,6 +6,7 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "github.com/securego/gosec/v2" "github.com/securego/gosec/v2/issue" ) diff --git a/rules/hardcoded_credentials.go b/rules/hardcoded_credentials.go index d908e0b..eac50d7 100644 --- a/rules/hardcoded_credentials.go +++ b/rules/hardcoded_credentials.go @@ -21,6 +21,7 @@ import ( "strconv" zxcvbn "github.com/nbutton23/zxcvbn-go" + "github.com/securego/gosec/v2" "github.com/securego/gosec/v2/issue" ) diff --git a/rules/rules_test.go b/rules/rules_test.go index 1be4d3e..ce1e5cd 100644 --- a/rules/rules_test.go +++ b/rules/rules_test.go @@ -6,6 +6,7 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "github.com/securego/gosec/v2" "github.com/securego/gosec/v2/rules" "github.com/securego/gosec/v2/testutils" diff --git a/testutils/pkg.go b/testutils/pkg.go index 2fa4721..2ad0796 100644 --- a/testutils/pkg.go +++ b/testutils/pkg.go @@ -8,8 +8,9 @@ import ( "path" "strings" - "github.com/securego/gosec/v2" "golang.org/x/tools/go/packages" + + "github.com/securego/gosec/v2" ) type buildObj struct {