actions/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2025-03-01 12:43:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Remove GOPATH check to allow running gosec outside of GOPATH

Browse source 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
This commit is contained in:
Cosmin Cojocar 2019-04-25 09:35:07 +02:00 committed by Grant Murphy
parent 6c174a61d4
commit ea16ff1f9e
1 changed files with 3 additions and 52 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

55
cmd/gosec/main.go
View file

@ -20,7 +20,6 @@ import (
"io/ioutil" "io/ioutil"
"log" "log"
"os" "os"
"path/filepath"
"regexp" "regexp"
"sort" "sort"
"strings" "strings"
@ -185,52 +184,6 @@ func saveOutput(filename, format, rootPath string, issues []*gosec.Issue, metric
return nil return nil
} }
func cleanPath(path string) (string, error) {
cleanFailed := fmt.Errorf("%s is not within the $GOPATH and cannot be processed", path)
nonRecursivePath := strings.TrimSuffix(path, "/...")
// do not attempt to clean directs that are resolvable on gopath
if _, err := os.Stat(nonRecursivePath); err != nil && os.IsNotExist(err) {
log.Printf("directory %s doesn't exist, checking if is a package on $GOPATH", path)
for _, basedir := range gosec.Gopath() {
dir := filepath.Join(basedir, "src", nonRecursivePath)
if st, err := os.Stat(dir); err == nil && st.IsDir() {
log.Printf("located %s in %s", path, dir)
return path, nil
}
}
return "", cleanFailed
}
// ensure we resolve package directory correctly based on $GOPATH
pkgPath, err := gosec.GetPkgRelativePath(path)
if err != nil {
return "", cleanFailed
}
return pkgPath, nil
}
func cleanPaths(paths []string) []string {
var clean []string
for _, path := range paths {
cleaned, err := cleanPath(path)
if err != nil {
log.Fatal(err)
}
clean = append(clean, cleaned)
}
return clean
}
func resolvePackage(pkg string, searchPaths []string) string {
for _, basedir := range searchPaths {
dir := filepath.Join(basedir, "src", pkg)
if st, err := os.Stat(dir); err == nil && st.IsDir() {
return dir
}
}
return pkg
}
func convertToScore(severity string) (gosec.Score, error) { func convertToScore(severity string) (gosec.Score, error) {
severity = strings.ToLower(severity) severity = strings.ToLower(severity)
switch severity { switch severity {
@ -299,19 +252,16 @@ func main() {
analyzer.LoadRules(ruleDefinitions.Builders()) analyzer.LoadRules(ruleDefinitions.Builders())
vendor := regexp.MustCompile(`[\\/]vendor([\\/]|$)`) vendor := regexp.MustCompile(`[\\/]vendor([\\/]|$)`)
var packages []string var packages []string
// Iterate over packages on the import paths // Iterate over packages on the import paths
gopaths := gosec.Gopath() for _, pkg := range gotool.ImportPaths(flag.Args()) {
for _, pkg := range gotool.ImportPaths(cleanPaths(flag.Args())) {
// Skip vendor directory // Skip vendor directory
if !*flagScanVendor { if !*flagScanVendor {
if vendor.MatchString(pkg) { if vendor.MatchString(pkg) {
continue continue
} }
} }
packages = append(packages, resolvePackage(pkg, gopaths)) packages = append(packages, pkg)
} }
var buildTags []string var buildTags []string
@ -343,6 +293,7 @@ func main() {
if !issuesFound && *flagQuiet { if !issuesFound && *flagQuiet {
os.Exit(0) os.Exit(0)
} }
rootPath := packages[0] rootPath := packages[0]
// Create output report // Create output report
if err := saveOutput(*flagOutput, *flagFormat, rootPath, issues, metrics, errors); err != nil { if err := saveOutput(*flagOutput, *flagFormat, rootPath, issues, metrics, errors); err != nil {