mirror of
https://github.com/securego/gosec.git
synced 2024-12-24 11:35:52 +00:00
Rename github org (#214)
This commit is contained in:
parent
1923b6d18e
commit
da26f64208
36 changed files with 50 additions and 50 deletions
|
@ -11,7 +11,7 @@ install:
|
|||
- go get -u github.com/onsi/ginkgo/ginkgo
|
||||
- go get -u github.com/onsi/gomega
|
||||
- go get -u golang.org/x/crypto/ssh
|
||||
- go get -u github.com/GoASTScanner/gas/cmd/gas/...
|
||||
- go get -u github.com/securego/gas/cmd/gas/...
|
||||
- go get -v -t ./...
|
||||
- export PATH=$PATH:$HOME/gopath/bin
|
||||
|
||||
|
|
10
README.md
10
README.md
|
@ -1,6 +1,6 @@
|
|||
|
||||
|
||||
## GAS - Go AST Scanner
|
||||
## GAS - Go Application Security
|
||||
|
||||
Inspects source code for security problems by scanning the Go AST.
|
||||
|
||||
|
@ -12,15 +12,15 @@ You may obtain a copy of the License [here](http://www.apache.org/licenses/LICEN
|
|||
|
||||
### Project status
|
||||
|
||||
[![Build Status](https://travis-ci.org/GoASTScanner/gas.svg?branch=master)](https://travis-ci.org/GoASTScanner/gas)
|
||||
[![GoDoc](https://godoc.org/github.com/GoASTScanner/gas?status.svg)](https://godoc.org/github.com/GoASTScanner/gas)
|
||||
[![Build Status](https://travis-ci.org/securego/gas.svg?branch=master)](https://travis-ci.org/securego/gas)
|
||||
[![GoDoc](https://godoc.org/github.com/securego/gas?status.svg)](https://godoc.org/github.com/securego/gas)
|
||||
|
||||
Gas is still in alpha and accepting feedback from early adopters. We do
|
||||
not consider it production ready at this time.
|
||||
|
||||
### Install
|
||||
|
||||
`$ go get github.com/GoASTScanner/gas/cmd/gas/...`
|
||||
`$ go get github.com/securego/gas/cmd/gas/...`
|
||||
|
||||
### Usage
|
||||
|
||||
|
@ -188,7 +188,7 @@ The configuration of TLS rule can be generated from [Mozilla's TLS ciphers recom
|
|||
First you need to install the generator tool:
|
||||
|
||||
```
|
||||
go get github.com/GoASTScanner/gas/cmd/tlsconfig/...
|
||||
go get github.com/securego/gas/cmd/tlsconfig/...
|
||||
```
|
||||
|
||||
You can invoke now the `go generate` in the root of the project:
|
||||
|
|
|
@ -6,12 +6,12 @@ import (
|
|||
"os"
|
||||
"strings"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/GoASTScanner/gas/rules"
|
||||
"github.com/securego/gas"
|
||||
"github.com/securego/gas/rules"
|
||||
|
||||
"github.com/GoASTScanner/gas/testutils"
|
||||
. "github.com/onsi/ginkgo"
|
||||
. "github.com/onsi/gomega"
|
||||
"github.com/securego/gas/testutils"
|
||||
)
|
||||
|
||||
var _ = Describe("Analyzer", func() {
|
||||
|
|
|
@ -3,10 +3,10 @@ package gas_test
|
|||
import (
|
||||
"go/ast"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/GoASTScanner/gas/testutils"
|
||||
. "github.com/onsi/ginkgo"
|
||||
. "github.com/onsi/gomega"
|
||||
"github.com/securego/gas"
|
||||
"github.com/securego/gas/testutils"
|
||||
)
|
||||
|
||||
var _ = Describe("call list", func() {
|
||||
|
|
|
@ -27,10 +27,10 @@ import (
|
|||
"sort"
|
||||
"strings"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/GoASTScanner/gas/output"
|
||||
"github.com/GoASTScanner/gas/rules"
|
||||
"github.com/kisielk/gotool"
|
||||
"github.com/securego/gas"
|
||||
"github.com/securego/gas/output"
|
||||
"github.com/securego/gas/rules"
|
||||
)
|
||||
|
||||
const (
|
||||
|
|
|
@ -3,7 +3,7 @@ package main
|
|||
import (
|
||||
"sort"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type sortBySeverity []*gas.Issue
|
||||
|
|
|
@ -8,6 +8,6 @@ package {{.}}
|
|||
import (
|
||||
"go/ast"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
`))
|
||||
|
|
|
@ -3,9 +3,9 @@ package gas_test
|
|||
import (
|
||||
"bytes"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
. "github.com/onsi/ginkgo"
|
||||
. "github.com/onsi/gomega"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
var _ = Describe("Configuration", func() {
|
||||
|
|
|
@ -3,11 +3,11 @@ package gas_test
|
|||
import (
|
||||
"go/ast"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/GoASTScanner/gas/rules"
|
||||
"github.com/GoASTScanner/gas/testutils"
|
||||
. "github.com/onsi/ginkgo"
|
||||
. "github.com/onsi/gomega"
|
||||
"github.com/securego/gas"
|
||||
"github.com/securego/gas/rules"
|
||||
"github.com/securego/gas/testutils"
|
||||
)
|
||||
|
||||
var _ = Describe("Issue", func() {
|
||||
|
|
|
@ -22,7 +22,7 @@ import (
|
|||
"io"
|
||||
plainTemplate "text/template"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
"gopkg.in/yaml.v2"
|
||||
)
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@ import (
|
|||
htmlLib "html"
|
||||
"strconv"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type junitXMLReport struct {
|
||||
|
|
|
@ -3,10 +3,10 @@ package gas_test
|
|||
import (
|
||||
"go/ast"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/GoASTScanner/gas/testutils"
|
||||
. "github.com/onsi/ginkgo"
|
||||
. "github.com/onsi/gomega"
|
||||
"github.com/securego/gas"
|
||||
"github.com/securego/gas/testutils"
|
||||
)
|
||||
|
||||
var _ = Describe("Resolve ast node to concrete value", func() {
|
||||
|
|
|
@ -4,9 +4,9 @@ import (
|
|||
"fmt"
|
||||
"go/ast"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
. "github.com/onsi/ginkgo"
|
||||
. "github.com/onsi/gomega"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type mockrule struct {
|
||||
|
|
|
@ -4,7 +4,7 @@ import (
|
|||
"go/ast"
|
||||
"go/types"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type archive struct {
|
||||
|
|
|
@ -17,7 +17,7 @@ package rules
|
|||
import (
|
||||
"go/ast"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type usingBigExp struct {
|
||||
|
|
|
@ -18,7 +18,7 @@ import (
|
|||
"go/ast"
|
||||
"regexp"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
// Looks for net.Listen("0.0.0.0") or net.Listen(":8080")
|
||||
|
|
|
@ -18,7 +18,7 @@ import (
|
|||
"go/ast"
|
||||
"strings"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type blacklistedImport struct {
|
||||
|
|
|
@ -18,7 +18,7 @@ import (
|
|||
"go/ast"
|
||||
"go/types"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type noErrorCheck struct {
|
||||
|
|
|
@ -19,7 +19,7 @@ import (
|
|||
"go/ast"
|
||||
"strconv"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type filePermissions struct {
|
||||
|
|
|
@ -19,8 +19,8 @@ import (
|
|||
"regexp"
|
||||
"strconv"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/nbutton23/zxcvbn-go"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type credentials struct {
|
||||
|
|
|
@ -17,7 +17,7 @@ package rules
|
|||
import (
|
||||
"go/ast"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type weakRand struct {
|
||||
|
|
|
@ -18,7 +18,7 @@ import (
|
|||
"go/ast"
|
||||
"go/types"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type readfile struct {
|
||||
|
|
|
@ -18,7 +18,7 @@ import (
|
|||
"fmt"
|
||||
"go/ast"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type weakKeyStrength struct {
|
||||
|
|
|
@ -15,7 +15,7 @@
|
|||
package rules
|
||||
|
||||
import (
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
// RuleDefinition contains the description of a rule and a mechanism to
|
||||
|
|
|
@ -4,12 +4,12 @@ import (
|
|||
"fmt"
|
||||
"log"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
|
||||
"github.com/GoASTScanner/gas/rules"
|
||||
"github.com/GoASTScanner/gas/testutils"
|
||||
. "github.com/onsi/ginkgo"
|
||||
. "github.com/onsi/gomega"
|
||||
"github.com/securego/gas/rules"
|
||||
"github.com/securego/gas/testutils"
|
||||
)
|
||||
|
||||
var _ = Describe("gas rules", func() {
|
||||
|
|
|
@ -18,7 +18,7 @@ import (
|
|||
"go/ast"
|
||||
"regexp"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type sqlStatement struct {
|
||||
|
|
|
@ -3,7 +3,7 @@ package rules
|
|||
import (
|
||||
"go/ast"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type sshHostKey struct {
|
||||
|
|
|
@ -18,7 +18,7 @@ import (
|
|||
"go/ast"
|
||||
"go/types"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type subprocess struct {
|
||||
|
|
|
@ -18,7 +18,7 @@ import (
|
|||
"go/ast"
|
||||
"regexp"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type badTempFile struct {
|
||||
|
|
|
@ -17,7 +17,7 @@ package rules
|
|||
import (
|
||||
"go/ast"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type templateCheck struct {
|
||||
|
|
|
@ -20,7 +20,7 @@ import (
|
|||
"fmt"
|
||||
"go/ast"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type insecureConfigTLS struct {
|
||||
|
|
|
@ -3,7 +3,7 @@ package rules
|
|||
import (
|
||||
"go/ast"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
// NewModernTLSCheck creates a check for Modern TLS ciphers
|
||||
|
|
|
@ -17,7 +17,7 @@ package rules
|
|||
import (
|
||||
"go/ast"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type usingUnsafe struct {
|
||||
|
|
|
@ -17,7 +17,7 @@ package rules
|
|||
import (
|
||||
"go/ast"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
type usesWeakCryptography struct {
|
||||
|
|
|
@ -10,7 +10,7 @@ import (
|
|||
"path"
|
||||
"strings"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
"golang.org/x/tools/go/loader"
|
||||
)
|
||||
|
||||
|
|
|
@ -3,7 +3,7 @@ package testutils
|
|||
import (
|
||||
"go/ast"
|
||||
|
||||
"github.com/GoASTScanner/gas"
|
||||
"github.com/securego/gas"
|
||||
)
|
||||
|
||||
// MockVisitor is useful for stubbing out ast.Visitor with callback
|
||||
|
|
Loading…
Reference in a new issue