mirror of
https://github.com/securego/gosec.git
synced 2024-12-24 03:25:53 +00:00
Build improvments (#179)
* Add a semantic version to the usage text * Add a comment to the version function * Inject the version, git tag and build date as build variables * Update README * Fix lint warnings * Update README * Manage dependencies with dep tool instead of godep * Add a Makefile for common build tasks * Update the build file to use the make tool * Update Dockerfile * Add docker entry point in to make the passing of arguments easy * Update README * Add missing tools to the build * Drop 1.7 support and add 1.10 * Fix Go 1.10 according with the travis guidelines https://docs.travis-ci.com/user/languages/go/ * Update the tls-observatory package * Fix lint warnings * Change the output of the tests to be more verbose * Check if the are build errors before executing the rule test
This commit is contained in:
parent
2115402409
commit
e809226800
13 changed files with 311 additions and 348 deletions
19
.travis.yml
19
.travis.yml
|
@ -1,25 +1,20 @@
|
|||
language: go
|
||||
|
||||
go:
|
||||
- 1.7
|
||||
- 1.8
|
||||
- 1.9
|
||||
- "1.10"
|
||||
- tip
|
||||
|
||||
install:
|
||||
- go get -u github.com/golang/dep/cmd/dep
|
||||
- go get -u github.com/golang/lint/golint
|
||||
- go get -v github.com/onsi/ginkgo/ginkgo
|
||||
- go get -v github.com/onsi/gomega
|
||||
- go get -v golang.org/x/crypto/ssh
|
||||
- go get github.com/GoASTScanner/gas/cmd/gas/...
|
||||
- go get -u github.com/onsi/ginkgo/ginkgo
|
||||
- go get -u github.com/onsi/gomega
|
||||
- go get -u golang.org/x/crypto/ssh
|
||||
- go get -u github.com/GoASTScanner/gas/cmd/gas/...
|
||||
- go get -v -t ./...
|
||||
- export PATH=$PATH:$HOME/gopath/bin
|
||||
|
||||
before_script:
|
||||
- test -z "$(gofmt -s -l -w $(find . -type f -name '*.go' -not -path './vendor/*') | tee /dev/stderr)"
|
||||
- test -z "$(golint . | tee /dev/stderr)"
|
||||
- go vet $(go list ./... | grep -v /vendor/)
|
||||
- gas ./...
|
||||
|
||||
script: ginkgo -r
|
||||
script: make test
|
||||
|
||||
|
|
25
Dockerfile
25
Dockerfile
|
@ -1,23 +1,8 @@
|
|||
# Docker version must be 17.05 or higher to allow multistage build
|
||||
# See build and run instructions in README.md
|
||||
FROM golang:1.9.4-alpine3.7
|
||||
|
||||
# Builds Gas for utilization
|
||||
FROM golang:1.8.1-alpine as builder
|
||||
ENV workspace /go/src/github.com/GoASTScanner/gas
|
||||
ENV GOPATH /go
|
||||
COPY . $workspace
|
||||
WORKDIR $workspace
|
||||
ENV BIN=gas
|
||||
|
||||
RUN go vet $(go list ./... | grep -v /vendor/)
|
||||
RUN CGO_ENABLED=0 go build -o gas .
|
||||
COPY build/*-linux-amd64 /go/bin/$BIN
|
||||
COPY docker-entrypoint.sh /usr/local/bin
|
||||
|
||||
########################################################
|
||||
|
||||
# Runs Gas on all Go files in the current directory when
|
||||
# 'docker run' command in README is given
|
||||
FROM alpine:3.6
|
||||
|
||||
COPY --from=builder /go/src/github.com/GoASTScanner/gas/gas /
|
||||
|
||||
# Mounted directory should be placed into the workdir
|
||||
CMD /gas $(find . -path ./vendor -prune -o -type f -name "*.go")
|
||||
ENTRYPOINT ["docker-entrypoint.sh"]
|
||||
|
|
302
Godeps/Godeps.json
generated
302
Godeps/Godeps.json
generated
|
@ -1,302 +0,0 @@
|
|||
{
|
||||
"ImportPath": "github.com/GoASTScanner/gas",
|
||||
"GoVersion": "go1.9",
|
||||
"GodepVersion": "v80",
|
||||
"Packages": [
|
||||
"./..."
|
||||
],
|
||||
"Deps": [
|
||||
{
|
||||
"ImportPath": "github.com/kisielk/gotool",
|
||||
"Rev": "0de1eaf82fa3f583ce21fde859f1e7e0c5e9b220"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/mozilla/tls-observatory/constants",
|
||||
"Comment": "1.2.32-17-g17e0ce4b",
|
||||
"Rev": "17e0ce4bfc46eae3d57acf13a2d7c7517655d493"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/nbutton23/zxcvbn-go",
|
||||
"Rev": "a22cb81b2ecdde8b68e9ffb8824731cbf88e1de4"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/nbutton23/zxcvbn-go/adjacency",
|
||||
"Rev": "a22cb81b2ecdde8b68e9ffb8824731cbf88e1de4"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/nbutton23/zxcvbn-go/data",
|
||||
"Rev": "a22cb81b2ecdde8b68e9ffb8824731cbf88e1de4"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/nbutton23/zxcvbn-go/entropy",
|
||||
"Rev": "a22cb81b2ecdde8b68e9ffb8824731cbf88e1de4"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/nbutton23/zxcvbn-go/frequency",
|
||||
"Rev": "a22cb81b2ecdde8b68e9ffb8824731cbf88e1de4"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/nbutton23/zxcvbn-go/match",
|
||||
"Rev": "a22cb81b2ecdde8b68e9ffb8824731cbf88e1de4"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/nbutton23/zxcvbn-go/matching",
|
||||
"Rev": "a22cb81b2ecdde8b68e9ffb8824731cbf88e1de4"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/nbutton23/zxcvbn-go/scoring",
|
||||
"Rev": "a22cb81b2ecdde8b68e9ffb8824731cbf88e1de4"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/nbutton23/zxcvbn-go/utils/math",
|
||||
"Rev": "a22cb81b2ecdde8b68e9ffb8824731cbf88e1de4"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/ginkgo",
|
||||
"Comment": "v1.4.0-4-g11459a8",
|
||||
"Rev": "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/ginkgo/config",
|
||||
"Comment": "v1.4.0-4-g11459a8",
|
||||
"Rev": "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/ginkgo/internal/codelocation",
|
||||
"Comment": "v1.4.0-4-g11459a8",
|
||||
"Rev": "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/ginkgo/internal/containernode",
|
||||
"Comment": "v1.4.0-4-g11459a8",
|
||||
"Rev": "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/ginkgo/internal/failer",
|
||||
"Comment": "v1.4.0-4-g11459a8",
|
||||
"Rev": "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/ginkgo/internal/leafnodes",
|
||||
"Comment": "v1.4.0-4-g11459a8",
|
||||
"Rev": "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/ginkgo/internal/remote",
|
||||
"Comment": "v1.4.0-4-g11459a8",
|
||||
"Rev": "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/ginkgo/internal/spec",
|
||||
"Comment": "v1.4.0-4-g11459a8",
|
||||
"Rev": "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/ginkgo/internal/spec_iterator",
|
||||
"Comment": "v1.4.0-4-g11459a8",
|
||||
"Rev": "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/ginkgo/internal/specrunner",
|
||||
"Comment": "v1.4.0-4-g11459a8",
|
||||
"Rev": "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/ginkgo/internal/suite",
|
||||
"Comment": "v1.4.0-4-g11459a8",
|
||||
"Rev": "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/ginkgo/internal/testingtproxy",
|
||||
"Comment": "v1.4.0-4-g11459a8",
|
||||
"Rev": "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/ginkgo/internal/writer",
|
||||
"Comment": "v1.4.0-4-g11459a8",
|
||||
"Rev": "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/ginkgo/reporters",
|
||||
"Comment": "v1.4.0-4-g11459a8",
|
||||
"Rev": "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/ginkgo/reporters/stenographer",
|
||||
"Comment": "v1.4.0-4-g11459a8",
|
||||
"Rev": "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/ginkgo/reporters/stenographer/support/go-colorable",
|
||||
"Comment": "v1.4.0-4-g11459a8",
|
||||
"Rev": "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/ginkgo/reporters/stenographer/support/go-isatty",
|
||||
"Comment": "v1.4.0-4-g11459a8",
|
||||
"Rev": "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/ginkgo/types",
|
||||
"Comment": "v1.4.0-4-g11459a8",
|
||||
"Rev": "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/gomega",
|
||||
"Comment": "v1.2.0-2-gdcabb60",
|
||||
"Rev": "dcabb60a477c2b6f456df65037cb6708210fbb02"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/gomega/format",
|
||||
"Comment": "v1.2.0-2-gdcabb60",
|
||||
"Rev": "dcabb60a477c2b6f456df65037cb6708210fbb02"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/gomega/internal/assertion",
|
||||
"Comment": "v1.2.0-2-gdcabb60",
|
||||
"Rev": "dcabb60a477c2b6f456df65037cb6708210fbb02"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/gomega/internal/asyncassertion",
|
||||
"Comment": "v1.2.0-2-gdcabb60",
|
||||
"Rev": "dcabb60a477c2b6f456df65037cb6708210fbb02"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/gomega/internal/oraclematcher",
|
||||
"Comment": "v1.2.0-2-gdcabb60",
|
||||
"Rev": "dcabb60a477c2b6f456df65037cb6708210fbb02"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/gomega/internal/testingtsupport",
|
||||
"Comment": "v1.2.0-2-gdcabb60",
|
||||
"Rev": "dcabb60a477c2b6f456df65037cb6708210fbb02"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/gomega/matchers",
|
||||
"Comment": "v1.2.0-2-gdcabb60",
|
||||
"Rev": "dcabb60a477c2b6f456df65037cb6708210fbb02"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/gomega/matchers/support/goraph/bipartitegraph",
|
||||
"Comment": "v1.2.0-2-gdcabb60",
|
||||
"Rev": "dcabb60a477c2b6f456df65037cb6708210fbb02"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/gomega/matchers/support/goraph/edge",
|
||||
"Comment": "v1.2.0-2-gdcabb60",
|
||||
"Rev": "dcabb60a477c2b6f456df65037cb6708210fbb02"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/gomega/matchers/support/goraph/node",
|
||||
"Comment": "v1.2.0-2-gdcabb60",
|
||||
"Rev": "dcabb60a477c2b6f456df65037cb6708210fbb02"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/gomega/matchers/support/goraph/util",
|
||||
"Comment": "v1.2.0-2-gdcabb60",
|
||||
"Rev": "dcabb60a477c2b6f456df65037cb6708210fbb02"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/onsi/gomega/types",
|
||||
"Comment": "v1.2.0-2-gdcabb60",
|
||||
"Rev": "dcabb60a477c2b6f456df65037cb6708210fbb02"
|
||||
},
|
||||
{
|
||||
"ImportPath": "github.com/ryanuber/go-glob",
|
||||
"Comment": "v0.1-4-g256dc44",
|
||||
"Rev": "256dc444b735e061061cf46c809487313d5b0065"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/net/html",
|
||||
"Rev": "8351a756f30f1297fe94bbf4b767ec589c6ea6d0"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/net/html/atom",
|
||||
"Rev": "8351a756f30f1297fe94bbf4b767ec589c6ea6d0"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/net/html/charset",
|
||||
"Rev": "8351a756f30f1297fe94bbf4b767ec589c6ea6d0"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/sys/unix",
|
||||
"Rev": "164713f0dfcec4e80be8b53e1f0811f5f0d84578"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/text/encoding",
|
||||
"Rev": "1cbadb444a806fd9430d14ad08967ed91da4fa0a"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/text/encoding/charmap",
|
||||
"Rev": "1cbadb444a806fd9430d14ad08967ed91da4fa0a"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/text/encoding/htmlindex",
|
||||
"Rev": "1cbadb444a806fd9430d14ad08967ed91da4fa0a"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/text/encoding/internal",
|
||||
"Rev": "1cbadb444a806fd9430d14ad08967ed91da4fa0a"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/text/encoding/internal/identifier",
|
||||
"Rev": "1cbadb444a806fd9430d14ad08967ed91da4fa0a"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/text/encoding/japanese",
|
||||
"Rev": "1cbadb444a806fd9430d14ad08967ed91da4fa0a"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/text/encoding/korean",
|
||||
"Rev": "1cbadb444a806fd9430d14ad08967ed91da4fa0a"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/text/encoding/simplifiedchinese",
|
||||
"Rev": "1cbadb444a806fd9430d14ad08967ed91da4fa0a"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/text/encoding/traditionalchinese",
|
||||
"Rev": "1cbadb444a806fd9430d14ad08967ed91da4fa0a"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/text/encoding/unicode",
|
||||
"Rev": "1cbadb444a806fd9430d14ad08967ed91da4fa0a"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/text/internal/tag",
|
||||
"Rev": "1cbadb444a806fd9430d14ad08967ed91da4fa0a"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/text/internal/utf8internal",
|
||||
"Rev": "1cbadb444a806fd9430d14ad08967ed91da4fa0a"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/text/language",
|
||||
"Rev": "1cbadb444a806fd9430d14ad08967ed91da4fa0a"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/text/runes",
|
||||
"Rev": "1cbadb444a806fd9430d14ad08967ed91da4fa0a"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/text/transform",
|
||||
"Rev": "1cbadb444a806fd9430d14ad08967ed91da4fa0a"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/tools/go/ast/astutil",
|
||||
"Rev": "e531a2a1c15f94033f6fa87666caeb19a688175f"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/tools/go/buildutil",
|
||||
"Rev": "e531a2a1c15f94033f6fa87666caeb19a688175f"
|
||||
},
|
||||
{
|
||||
"ImportPath": "golang.org/x/tools/go/loader",
|
||||
"Rev": "e531a2a1c15f94033f6fa87666caeb19a688175f"
|
||||
},
|
||||
{
|
||||
"ImportPath": "gopkg.in/yaml.v2",
|
||||
"Rev": "d670f9405373e636a5a2765eea47fac0c9bc91a4"
|
||||
}
|
||||
]
|
||||
}
|
5
Godeps/Readme
generated
5
Godeps/Readme
generated
|
@ -1,5 +0,0 @@
|
|||
This directory tree is generated automatically by godep.
|
||||
|
||||
Please do not edit.
|
||||
|
||||
See https://github.com/tools/godep for more information.
|
134
Gopkg.lock
generated
Normal file
134
Gopkg.lock
generated
Normal file
|
@ -0,0 +1,134 @@
|
|||
# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
|
||||
|
||||
|
||||
[[projects]]
|
||||
name = "github.com/kisielk/gotool"
|
||||
packages = ["."]
|
||||
revision = "0de1eaf82fa3f583ce21fde859f1e7e0c5e9b220"
|
||||
|
||||
[[projects]]
|
||||
branch = "master"
|
||||
name = "github.com/mozilla/tls-observatory"
|
||||
packages = ["constants"]
|
||||
revision = "26cf7187f27c96815d0b4d4ad6da36c7161d4bf8"
|
||||
|
||||
[[projects]]
|
||||
name = "github.com/nbutton23/zxcvbn-go"
|
||||
packages = [
|
||||
".",
|
||||
"adjacency",
|
||||
"data",
|
||||
"entropy",
|
||||
"frequency",
|
||||
"match",
|
||||
"matching",
|
||||
"scoring",
|
||||
"utils/math"
|
||||
]
|
||||
revision = "a22cb81b2ecdde8b68e9ffb8824731cbf88e1de4"
|
||||
|
||||
[[projects]]
|
||||
name = "github.com/onsi/ginkgo"
|
||||
packages = [
|
||||
".",
|
||||
"config",
|
||||
"internal/codelocation",
|
||||
"internal/containernode",
|
||||
"internal/failer",
|
||||
"internal/leafnodes",
|
||||
"internal/remote",
|
||||
"internal/spec",
|
||||
"internal/spec_iterator",
|
||||
"internal/specrunner",
|
||||
"internal/suite",
|
||||
"internal/testingtproxy",
|
||||
"internal/writer",
|
||||
"reporters",
|
||||
"reporters/stenographer",
|
||||
"reporters/stenographer/support/go-colorable",
|
||||
"reporters/stenographer/support/go-isatty",
|
||||
"types"
|
||||
]
|
||||
revision = "11459a886d9cd66b319dac7ef1e917ee221372c9"
|
||||
|
||||
[[projects]]
|
||||
name = "github.com/onsi/gomega"
|
||||
packages = [
|
||||
".",
|
||||
"format",
|
||||
"internal/assertion",
|
||||
"internal/asyncassertion",
|
||||
"internal/oraclematcher",
|
||||
"internal/testingtsupport",
|
||||
"matchers",
|
||||
"matchers/support/goraph/bipartitegraph",
|
||||
"matchers/support/goraph/edge",
|
||||
"matchers/support/goraph/node",
|
||||
"matchers/support/goraph/util",
|
||||
"types"
|
||||
]
|
||||
revision = "dcabb60a477c2b6f456df65037cb6708210fbb02"
|
||||
|
||||
[[projects]]
|
||||
branch = "master"
|
||||
name = "github.com/ryanuber/go-glob"
|
||||
packages = ["."]
|
||||
revision = "256dc444b735e061061cf46c809487313d5b0065"
|
||||
|
||||
[[projects]]
|
||||
name = "golang.org/x/net"
|
||||
packages = [
|
||||
"html",
|
||||
"html/atom",
|
||||
"html/charset"
|
||||
]
|
||||
revision = "8351a756f30f1297fe94bbf4b767ec589c6ea6d0"
|
||||
|
||||
[[projects]]
|
||||
name = "golang.org/x/sys"
|
||||
packages = ["unix"]
|
||||
revision = "164713f0dfcec4e80be8b53e1f0811f5f0d84578"
|
||||
|
||||
[[projects]]
|
||||
name = "golang.org/x/text"
|
||||
packages = [
|
||||
"encoding",
|
||||
"encoding/charmap",
|
||||
"encoding/htmlindex",
|
||||
"encoding/internal",
|
||||
"encoding/internal/identifier",
|
||||
"encoding/japanese",
|
||||
"encoding/korean",
|
||||
"encoding/simplifiedchinese",
|
||||
"encoding/traditionalchinese",
|
||||
"encoding/unicode",
|
||||
"internal/gen",
|
||||
"internal/tag",
|
||||
"internal/utf8internal",
|
||||
"language",
|
||||
"runes",
|
||||
"transform",
|
||||
"unicode/cldr"
|
||||
]
|
||||
revision = "1cbadb444a806fd9430d14ad08967ed91da4fa0a"
|
||||
|
||||
[[projects]]
|
||||
name = "golang.org/x/tools"
|
||||
packages = [
|
||||
"go/ast/astutil",
|
||||
"go/buildutil",
|
||||
"go/loader"
|
||||
]
|
||||
revision = "e531a2a1c15f94033f6fa87666caeb19a688175f"
|
||||
|
||||
[[projects]]
|
||||
name = "gopkg.in/yaml.v2"
|
||||
packages = ["."]
|
||||
revision = "eb3733d160e74a9c7e442f435eb3bea458e1d19f"
|
||||
|
||||
[solve-meta]
|
||||
analyzer-name = "dep"
|
||||
analyzer-version = 1
|
||||
inputs-digest = "706e049cd8b8db8705af09e7a375a999d01373a409beadc850c80d64de9849fd"
|
||||
solver-name = "gps-cdcl"
|
||||
solver-version = 1
|
38
Gopkg.toml
Normal file
38
Gopkg.toml
Normal file
|
@ -0,0 +1,38 @@
|
|||
# Gopkg.toml example
|
||||
#
|
||||
# Refer to https://golang.github.io/dep/docs/Gopkg.toml.html
|
||||
# for detailed Gopkg.toml documentation.
|
||||
#
|
||||
# required = ["github.com/user/thing/cmd/thing"]
|
||||
# ignored = ["github.com/user/project/pkgX", "bitbucket.org/user/project/pkgA/pkgY"]
|
||||
#
|
||||
# [[constraint]]
|
||||
# name = "github.com/user/project"
|
||||
# version = "1.0.0"
|
||||
#
|
||||
# [[constraint]]
|
||||
# name = "github.com/user/project2"
|
||||
# branch = "dev"
|
||||
# source = "github.com/myfork/project2"
|
||||
#
|
||||
# [[override]]
|
||||
# name = "github.com/x/y"
|
||||
# version = "2.4.0"
|
||||
#
|
||||
# [prune]
|
||||
# non-go = false
|
||||
# go-tests = true
|
||||
# unused-packages = true
|
||||
|
||||
|
||||
[[constraint]]
|
||||
branch = "master"
|
||||
name = "github.com/mozilla/tls-observatory"
|
||||
|
||||
[[constraint]]
|
||||
branch = "master"
|
||||
name = "github.com/ryanuber/go-glob"
|
||||
|
||||
[prune]
|
||||
go-tests = true
|
||||
unused-packages = true
|
48
Makefile
Normal file
48
Makefile
Normal file
|
@ -0,0 +1,48 @@
|
|||
GIT_TAG?= $(shell git describe --always --tags)
|
||||
BUILD_DATE = $(shell date +%Y-%m-%d)
|
||||
BIN = gas
|
||||
BUILD_CMD = go build -ldflags "-X main.Version=${VERSION} -X main.GitTag=${GIT_TAG} -X main.BuildDate=${BUILD_DATE}" -o build/$(BIN)-$(VERSION)-$${GOOS}-$${GOARCH} ./cmd/gas/ &
|
||||
FMT_CMD = $(gofmt -s -l -w $(find . -type f -name '*.go' -not -path './vendor/*') | tee /dev/stderr)
|
||||
IMAGE_REPO = docker.io
|
||||
|
||||
default:
|
||||
$(MAKE) bootstrap
|
||||
$(MAKE) build
|
||||
|
||||
test: bootstrap
|
||||
test -z '$(FMT_CMD)'
|
||||
go vet $(go list ./... | grep -v /vendor/)
|
||||
golint -set_exit_status $(shell go list ./... | grep -v vendor)
|
||||
gas ./...
|
||||
ginkgo -r -v
|
||||
bootstrap:
|
||||
dep ensure
|
||||
build:
|
||||
go build -o $(BIN) ./cmd/gas/
|
||||
clean:
|
||||
rm -rf build vendor
|
||||
rm -f release image bootstrap $(BIN)
|
||||
release: bootstrap
|
||||
ifndef VERSION
|
||||
$(error VERSION flag is not set. Run 'make release VERSION=<YOUR VERSION>'.)
|
||||
endif
|
||||
@echo "Running build command..."
|
||||
bash -c '\
|
||||
export GOOS=linux; export GOARCH=amd64; export CGO_ENABLED=0; $(BUILD_CMD) \
|
||||
wait \
|
||||
'
|
||||
touch release
|
||||
|
||||
image: release
|
||||
@echo "Building the Docker image..."
|
||||
docker build -t $(IMAGE_REPO)/$(BIN):$(VERSION) .
|
||||
docker tag $(IMAGE_REPO)/$(BIN):$(VERSION) $(IMAGE_REPO)/$(BIN):latest
|
||||
touch image
|
||||
|
||||
image-push: image
|
||||
@echo "Pushing the Docker image..."
|
||||
docker push $(IMAGE_REPO)/$(BIN):$(VERSION)
|
||||
docker push $(IMAGE_REPO)/$(BIN):latest
|
||||
|
||||
.PHONY: test build clean image-push
|
||||
|
54
README.md
54
README.md
|
@ -114,8 +114,60 @@ file. The output format is controlled by the '-fmt' flag, and the output file is
|
|||
# Write output in json format to results.json
|
||||
$ gas -fmt=json -out=results.json *.go
|
||||
```
|
||||
### Development
|
||||
|
||||
### Generate TLS rule
|
||||
#### Build
|
||||
|
||||
|
||||
```
|
||||
make
|
||||
```
|
||||
|
||||
#### Tests
|
||||
|
||||
```
|
||||
make tests
|
||||
```
|
||||
|
||||
#### Release Build
|
||||
|
||||
Gas can be released as follows:
|
||||
|
||||
```bash
|
||||
make release VERSION=2.0.0
|
||||
```
|
||||
|
||||
The released version of the tool is available in the `build` folder. The build information should be displayed in the usage text.
|
||||
|
||||
```
|
||||
./build/gas-2.0.0-linux-amd64 -h
|
||||
|
||||
GAS - Go AST Scanner
|
||||
|
||||
Gas analyzes Go source code to look for common programming mistakes that
|
||||
can lead to security problems.
|
||||
|
||||
VERSION: 2.0.0
|
||||
GIT TAG: 96489ff
|
||||
BUILD DATE: 2018-02-21
|
||||
|
||||
```
|
||||
|
||||
#### Docker image
|
||||
|
||||
You can execute a release and build the docker image as follows:
|
||||
|
||||
```
|
||||
make image VERSION=2.0.0
|
||||
```
|
||||
|
||||
Now you can run the gas tool in a container against your local workspace:
|
||||
|
||||
```
|
||||
docker run -it -v <YOUR LOCAL WORKSPACE>:/workspace gas /workspace
|
||||
```
|
||||
|
||||
#### Generate TLS rule
|
||||
|
||||
The configuration of TLS rule can be generated from [Mozilla's TLS ciphers recommendation](https://statics.tls.security.mozilla.org/server-side-tls-conf.json).
|
||||
|
||||
|
|
|
@ -36,6 +36,10 @@ GAS - Go AST Scanner
|
|||
Gas analyzes Go source code to look for common programming mistakes that
|
||||
can lead to security problems.
|
||||
|
||||
VERSION: %s
|
||||
GIT TAG: %s
|
||||
BUILD DATE: %s
|
||||
|
||||
USAGE:
|
||||
|
||||
# Check a single package
|
||||
|
@ -88,6 +92,7 @@ var (
|
|||
// #nosec
|
||||
func usage() {
|
||||
|
||||
usageText := fmt.Sprintf(usageText, Version, GitTag, BuildDate)
|
||||
fmt.Fprintln(os.Stderr, usageText)
|
||||
fmt.Fprint(os.Stderr, "OPTIONS:\n\n")
|
||||
flag.PrintDefaults()
|
||||
|
|
10
cmd/gas/version.go
Normal file
10
cmd/gas/version.go
Normal file
|
@ -0,0 +1,10 @@
|
|||
package main
|
||||
|
||||
// Version is the build version
|
||||
var Version string
|
||||
|
||||
// GitTag is the git tag of the build
|
||||
var GitTag string
|
||||
|
||||
// BuildDate is the date when the build was created
|
||||
var BuildDate string
|
2
docker-entrypoint.sh
Executable file
2
docker-entrypoint.sh
Executable file
|
@ -0,0 +1,2 @@
|
|||
#!/usr/bin/env sh
|
||||
${BIN} "$@"
|
|
@ -32,9 +32,10 @@ var _ = Describe("gas rules", func() {
|
|||
pkg := testutils.NewTestPackage()
|
||||
defer pkg.Close()
|
||||
pkg.AddFile(fmt.Sprintf("sample_%d.go", n), sample.Code)
|
||||
pkg.Build()
|
||||
e := analyzer.Process(pkg.Path)
|
||||
Expect(e).ShouldNot(HaveOccurred())
|
||||
err := pkg.Build()
|
||||
Expect(err).ShouldNot(HaveOccurred())
|
||||
err = analyzer.Process(pkg.Path)
|
||||
Expect(err).ShouldNot(HaveOccurred())
|
||||
issues, _ := analyzer.Report()
|
||||
if len(issues) != sample.Errors {
|
||||
fmt.Println(sample.Code)
|
||||
|
|
10
rules/sql.go
10
rules/sql.go
|
@ -28,12 +28,12 @@ type sqlStatement struct {
|
|||
patterns []*regexp.Regexp
|
||||
}
|
||||
|
||||
func (r *sqlStatement) ID() string {
|
||||
return r.MetaData.ID
|
||||
func (s *sqlStatement) ID() string {
|
||||
return s.MetaData.ID
|
||||
}
|
||||
|
||||
// See if the string matches the patterns for the statement.
|
||||
func (s sqlStatement) MatchPatterns(str string) bool {
|
||||
func (s *sqlStatement) MatchPatterns(str string) bool {
|
||||
for _, pattern := range s.patterns {
|
||||
if !pattern.MatchString(str) {
|
||||
return false
|
||||
|
@ -46,8 +46,8 @@ type sqlStrConcat struct {
|
|||
sqlStatement
|
||||
}
|
||||
|
||||
func (r *sqlStrConcat) ID() string {
|
||||
return r.MetaData.ID
|
||||
func (s *sqlStrConcat) ID() string {
|
||||
return s.MetaData.ID
|
||||
}
|
||||
|
||||
// see if we can figure out what it is
|
||||
|
|
Loading…
Reference in a new issue