mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 03:55:54 +00:00
Update to Go 1.20 and fix unit tests (#923)
* Fix unit tests for Go 1.20 * Update to Go 1.20 in the build scripts * Remove support for 1.18 in the build * Fix the golangci lint version according to Go version used * Fix golangci version string * Fix gci linter warning * Remove golint in favour of golangci
This commit is contained in:
parent
b4270dd020
commit
df14837174
5 changed files with 18 additions and 18 deletions
12
.github/workflows/ci.yml
vendored
12
.github/workflows/ci.yml
vendored
|
@ -10,17 +10,15 @@ jobs:
|
||||||
test:
|
test:
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
go_version:
|
version: [{go: '1.19.5', golangci: 'v1.50.1'}, {go: '1.20', golangci: 'latest'}]
|
||||||
- '1.18.10' # TODO: remove this once actions/setup-go@v3 uses latest as latest; see https://github.com/securego/gosec/pull/880
|
|
||||||
- '1.19.5' # TODO: remove this once actions/setup-go@v3 uses latest as latest; see https://github.com/securego/gosec/pull/880
|
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
env:
|
env:
|
||||||
GO111MODULE: on
|
GO111MODULE: on
|
||||||
steps:
|
steps:
|
||||||
- name: Setup go ${{ matrix.go_version }}
|
- name: Setup go ${{ matrix.version.go }}
|
||||||
uses: actions/setup-go@v3
|
uses: actions/setup-go@v3
|
||||||
with:
|
with:
|
||||||
go-version: ${{ matrix.go_version }}
|
go-version: ${{ matrix.version.go }}
|
||||||
- name: Checkout Source
|
- name: Checkout Source
|
||||||
uses: actions/checkout@v3
|
uses: actions/checkout@v3
|
||||||
- uses: actions/cache@v3
|
- uses: actions/cache@v3
|
||||||
|
@ -32,7 +30,7 @@ jobs:
|
||||||
- name: lint
|
- name: lint
|
||||||
uses: golangci/golangci-lint-action@v3
|
uses: golangci/golangci-lint-action@v3
|
||||||
with:
|
with:
|
||||||
version: latest
|
version: ${{ matrix.version.golangci }}
|
||||||
- name: Run Tests
|
- name: Run Tests
|
||||||
run: make test
|
run: make test
|
||||||
coverage:
|
coverage:
|
||||||
|
@ -44,7 +42,7 @@ jobs:
|
||||||
- name: Setup go
|
- name: Setup go
|
||||||
uses: actions/setup-go@v3
|
uses: actions/setup-go@v3
|
||||||
with:
|
with:
|
||||||
go-version: '1.19.5' # TODO: remove this once actions/setup-go@v3 uses latest as latest; see https://github.com/securego/gosec/pull/880
|
go-version: '1.20'
|
||||||
- name: Checkout Source
|
- name: Checkout Source
|
||||||
uses: actions/checkout@v3
|
uses: actions/checkout@v3
|
||||||
- uses: actions/cache@v3
|
- uses: actions/cache@v3
|
||||||
|
|
4
.github/workflows/release.yml
vendored
4
.github/workflows/release.yml
vendored
|
@ -17,7 +17,7 @@ jobs:
|
||||||
- name: Set up Go
|
- name: Set up Go
|
||||||
uses: actions/setup-go@v3
|
uses: actions/setup-go@v3
|
||||||
with:
|
with:
|
||||||
go-version: '1.19.5'
|
go-version: '1.20'
|
||||||
- name: Install Cosign
|
- name: Install Cosign
|
||||||
uses: sigstore/cosign-installer@v2
|
uses: sigstore/cosign-installer@v2
|
||||||
with:
|
with:
|
||||||
|
@ -66,7 +66,7 @@ jobs:
|
||||||
tags: ${{steps.meta.outputs.tags}}
|
tags: ${{steps.meta.outputs.tags}}
|
||||||
labels: ${{steps.meta.outputs.labels}}
|
labels: ${{steps.meta.outputs.labels}}
|
||||||
push: true
|
push: true
|
||||||
build-args: GO_VERSION=1.19
|
build-args: GO_VERSION=1.20
|
||||||
- name: Sign Docker Image
|
- name: Sign Docker Image
|
||||||
run: cosign sign -key /tmp/cosign.key ${TAGS}
|
run: cosign sign -key /tmp/cosign.key ${TAGS}
|
||||||
env:
|
env:
|
||||||
|
|
10
Makefile
10
Makefile
|
@ -14,12 +14,11 @@ GO := GO111MODULE=on go
|
||||||
GO_NOMOD :=GO111MODULE=off go
|
GO_NOMOD :=GO111MODULE=off go
|
||||||
GOPATH ?= $(shell $(GO) env GOPATH)
|
GOPATH ?= $(shell $(GO) env GOPATH)
|
||||||
GOBIN ?= $(GOPATH)/bin
|
GOBIN ?= $(GOPATH)/bin
|
||||||
GOLINT ?= $(GOBIN)/golint
|
|
||||||
GOSEC ?= $(GOBIN)/gosec
|
GOSEC ?= $(GOBIN)/gosec
|
||||||
GINKGO ?= $(GOBIN)/ginkgo
|
GINKGO ?= $(GOBIN)/ginkgo
|
||||||
GO_MINOR_VERSION = $(shell $(GO) version | cut -c 14- | cut -d' ' -f1 | cut -d'.' -f2)
|
GO_MINOR_VERSION = $(shell $(GO) version | cut -c 14- | cut -d' ' -f1 | cut -d'.' -f2)
|
||||||
GOVULN_MIN_VERSION = 17
|
GOVULN_MIN_VERSION = 17
|
||||||
GO_VERSION = 1.19
|
GO_VERSION = 1.20
|
||||||
|
|
||||||
default:
|
default:
|
||||||
$(MAKE) build
|
$(MAKE) build
|
||||||
|
@ -34,7 +33,7 @@ install-govulncheck:
|
||||||
go install golang.org/x/vuln/cmd/govulncheck@latest; \
|
go install golang.org/x/vuln/cmd/govulncheck@latest; \
|
||||||
fi
|
fi
|
||||||
|
|
||||||
test: install-test-deps build fmt lint sec govulncheck
|
test: install-test-deps build fmt vet sec govulncheck
|
||||||
$(GINKGO) -v --fail-fast
|
$(GINKGO) -v --fail-fast
|
||||||
|
|
||||||
fmt:
|
fmt:
|
||||||
|
@ -42,10 +41,7 @@ fmt:
|
||||||
@FORMATTED=`$(GO) fmt ./...`
|
@FORMATTED=`$(GO) fmt ./...`
|
||||||
@([ ! -z "$(FORMATTED)" ] && printf "Fixed unformatted files:\n$(FORMATTED)") || true
|
@([ ! -z "$(FORMATTED)" ] && printf "Fixed unformatted files:\n$(FORMATTED)") || true
|
||||||
|
|
||||||
lint:
|
vet:
|
||||||
@echo "LINTING: golint"
|
|
||||||
$(GO_NOMOD) get -u golang.org/x/lint/golint
|
|
||||||
$(GOLINT) -set_exit_status ./...
|
|
||||||
@echo "VETTING"
|
@echo "VETTING"
|
||||||
$(GO) vet ./...
|
$(GO) vet ./...
|
||||||
|
|
||||||
|
|
|
@ -4,6 +4,7 @@ import (
|
||||||
"errors"
|
"errors"
|
||||||
"log"
|
"log"
|
||||||
"os"
|
"os"
|
||||||
|
"regexp"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
. "github.com/onsi/ginkgo/v2"
|
. "github.com/onsi/ginkgo/v2"
|
||||||
|
@ -152,13 +153,19 @@ var _ = Describe("Analyzer", func() {
|
||||||
err = analyzer.Process(buildTags, pkg.Path)
|
err = analyzer.Process(buildTags, pkg.Path)
|
||||||
Expect(err).ShouldNot(HaveOccurred())
|
Expect(err).ShouldNot(HaveOccurred())
|
||||||
_, _, errors := analyzer.Report()
|
_, _, errors := analyzer.Report()
|
||||||
Expect(len(errors)).To(Equal(1))
|
foundErr := false
|
||||||
for _, ferr := range errors {
|
for _, ferr := range errors {
|
||||||
Expect(len(ferr)).To(Equal(1))
|
Expect(len(ferr)).To(Equal(1))
|
||||||
|
match, err := regexp.MatchString(ferr[0].Err, `expected declaration, found '}'`)
|
||||||
|
if !match || err != nil {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
foundErr = true
|
||||||
Expect(ferr[0].Line).To(Equal(4))
|
Expect(ferr[0].Line).To(Equal(4))
|
||||||
Expect(ferr[0].Column).To(Equal(5))
|
Expect(ferr[0].Column).To(Equal(5))
|
||||||
Expect(ferr[0].Err).Should(MatchRegexp(`expected declaration, found '}'`))
|
Expect(ferr[0].Err).Should(MatchRegexp(`expected declaration, found '}'`))
|
||||||
}
|
}
|
||||||
|
Expect(foundErr).To(BeTrue())
|
||||||
})
|
})
|
||||||
|
|
||||||
It("should not report errors when a nosec line comment is present", func() {
|
It("should not report errors when a nosec line comment is present", func() {
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
package html
|
package html
|
||||||
|
|
||||||
import (
|
import (
|
||||||
// use go embed to import template
|
|
||||||
_ "embed"
|
_ "embed"
|
||||||
"html/template"
|
"html/template"
|
||||||
"io"
|
"io"
|
||||||
|
|
Loading…
Reference in a new issue