Dmitry Salakhov
6c57ae1628
Fix sarif formatting issues ( #565 )
...
* include tool version
* change declared safix shema version
* dedup rules, fix result locations
* refactor rules collection creation
2021-02-05 10:06:04 +01:00
Mark Wolfe
732f759e4f
fix for sarif which maps level from issue severity
2021-01-21 18:26:43 +01:00
Mark Wolfe
327b2a0841
ensure the sarif results are an empty array if nothing is reported
2021-01-21 11:03:13 +01:00
mrtc0
0d4f1cb2cb
Support SARIF output ( #539 )
...
* SARIF support
* add sarif option to help text
2020-11-02 09:13:53 +01:00
xpivarc
0ce48a584f
Reproducible junit report ( #529 )
...
* Fix junit format ordering
Signed-off-by: L. Pivarc <lpivarc@redhat.com>
* Make ordering stable
Signed-off-by: L. Pivarc <lpivarc@redhat.com>
* Test ordering
Signed-off-by: L. Pivarc <lpivarc@redhat.com>
2020-09-29 19:17:38 +02:00
Cosmin Cojocar
6bcd89aa6b
Mark all lines of a multi-line finding
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2020-07-07 10:00:15 +02:00
Cosmin Cojocar
4d4e5949c6
Add some comments
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2020-07-07 10:00:15 +02:00
Cosmin Cojocar
d1467ac998
Extend the code snippet included in the issue and refactored how the code snippet is printed
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2020-07-07 10:00:15 +02:00
Cosmin Cojocar
c4417de46d
Use the latest color package to get the color working with tmux
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2020-04-14 02:21:37 -07:00
Marco Antônio Singer
656691b387
feature(formatter/text): Add color option on text format ( #460 )
...
* feature(issue): Add function to return file path and line number
* docs(formatter/CreateReport): Update formats accepted
* feature(formatter): Add color output for text format
Basic color support for text format. For now, only the "Summary" title
and "Issues" section has color
* feature(formatter): Highlight issues based on severity
Given an issue, the file path is painted based on its severity.
We're using the following rules: high is red, medium is yellow and
low is simple black & white
* feature(main): Add color flag
It's only valid for text format
* refactor(formatter): Passing color flag forward
2020-04-14 09:50:02 +02:00
Cosmin Cojocar
c6e10af40f
Handle properly the gosec module version v2
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2020-04-06 09:06:23 -07:00
Hiroki Suezawa
79fbf3af8d
Add golint format to output format ( #428 )
...
Signed-off-by: Hiroki Suezawa <suezawa@gmail.com>
2020-01-03 10:56:21 +01:00
Julian Thome
53be8dd864
Add CWE rule mappings ( #405 )
...
* added mappings
* added cwe to template
* link in function to template
* moved mappings and added test cases
* wording
* cleanup
2019-10-31 09:22:38 +01:00
Grant Murphy
4b59c94808
Prevent null pointer exception in Sonarqube ( #334 )
...
* fix(formatters) null value causes npe in sonarqube
the json encoding of uninitialized arrays is null. this causes a npe in
sonarqube tool. we should return an empty array rather than a null value
here.
relates to: #333
2019-07-09 13:36:09 +10:00
Cosmin Cojocar
020479a832
Support multiple root paths when generating the Sonarqube report
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2019-06-24 14:35:11 +02:00
Cosmin Cojocar
46e55b908d
Fix the file path in the Sonarqube report
...
Add some test to validate the Sonarqube formatter.
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2019-06-24 14:10:51 +02:00
Cosmin Cojocar
950e84c3fa
Handle errors to fix lint warnings
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2019-04-27 08:20:18 +02:00
kencrawford
eaba99df37
fix comment.
2019-03-21 07:30:14 +10:00
kencrawford
4cd14f9068
remove panic
2019-03-21 07:30:14 +10:00
kencrawford
66e7c8d8f8
Extract to a constant
2019-03-21 07:30:14 +10:00
kencrawford
1b28d323d8
fix sonarIssues struct
2019-03-21 07:30:14 +10:00
kencrawford
989eb3ff88
Update Hound errors
2019-03-21 07:30:14 +10:00
kencrawford
ddfe54d0a0
Add sonarqube output
2019-03-21 07:30:14 +10:00
Martin Vrachev
62b5195dd9
Report for Golang errors ( #284 )
...
* Report for Golang errors
Right now if you use Gosec to scan invalid go file and if you report the result in a text, JSON, CSV or another file format you will always receive 0 issues.
The reason for that is that Gosec can't parse the AST of invalid go files and thus will not report anything.
The real problem here is that the user will never know about the issue if he generates the output in a file.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2019-02-27 08:24:06 +10:00
Oleksandr Redko
3116b07de4
Fix typos in comments and rulelist ( #256 )
2018-10-11 14:45:31 +02:00
Cosmin Cojocar
893b87b343
Replace gas with gosec everywhere in the project
2018-07-19 18:42:25 +02:00
Grant Murphy
da26f64208
Rename github org ( #214 )
2018-07-19 17:40:28 +10:00
Geoff Baskwill
b643ac26a4
Add rule ID to text output ( #198 )
2018-04-16 15:44:54 +10:00
cosmincojocar
1d9f816ca5
Add support for YAML output format ( #177 )
...
* Add YAML output format
* Update README
2018-03-05 22:20:24 +10:00
Delon Wong Her Laang
862295cb7d
Return err instead of panic.
2018-01-30 09:54:30 +08:00
Wong Her Laang
4059facfb9
Pretty print xml result for better viewing.
2018-01-27 12:25:54 +08:00
Wong Her Laang
1346bd37ca
Edited README and help text.
2018-01-27 12:19:38 +08:00
Wong Her Laang
2c1a0b8732
Refactored code.
2018-01-27 12:14:35 +08:00
Wong Her Laang
7539b3735f
Added xml header format.
2018-01-27 11:49:58 +08:00
Delon Wong Her Laang
b8cdc32174
Working version of xml result format.
2018-01-26 11:16:49 +08:00
Grant Murphy
af25ac1f6e
fix golint errors picked up by hound-ci
2017-12-13 22:35:47 +10:00
Grant Murphy
cfa432729c
fix hound-ci errors
2017-12-13 17:39:00 +10:00
Adrian Lanzafame
9c959ca0a9
Issue.Line is already a string
2017-10-01 10:31:39 +10:00
Grant Murphy
cacf21f3c0
Restructure to focus on lib rather than cli
2017-04-26 08:08:46 -07:00
Grant Murphy
8df48f9769
Fix to reporting to use output formats
2017-04-25 17:57:12 -07:00
Grant Murphy
9e2abd500f
Merge pull request #66 from csstaub/cs/html-output
...
Add support for HTML output
2016-11-03 21:15:17 -07:00
Grant Murphy
74b6633ee0
Updated imports to new repository location.
2016-11-02 16:54:20 -07:00
Cedric Staub
911c69646d
Add support for HTML output
2016-10-21 13:18:56 -07:00
Cedric Staub
2ec102c7bf
Use encoding/csv for CSV output
...
The encoding/csv package will take care of quoting, double-quoting,
and other CSV quirks -- avoids having to fiddle with text templates.
2016-07-27 20:55:09 -07:00
Cedric Staub
271cff19f7
Use encoding/json for -fmt json output
2016-07-25 16:40:49 -07:00
Cedric Staub
c6e25a9b64
Make sure -fmt json produces valid output
2016-07-25 16:10:00 -07:00
Tim Kelsey
4f3d620d37
Initial public release
2016-07-20 15:56:32 +01:00