actions/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2024-11-06 12:05:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
620 commits 2 branches 41 tags 20 MiB
Commit graph

14 commits

Author SHA1 Message Date
Matthieu MOREL
37639537ce
Migrate sonar types in a dedicated package (#604) 2021-05-05 16:21:53 +02:00
mrtc0
0d4f1cb2cb
Support SARIF output (#539) 
* SARIF support

* add sarif option to help text
 2020-11-02 09:13:53 +01:00
xpivarc
0ce48a584f
Reproducible junit report (#529) 
* Fix junit format ordering

Signed-off-by: L. Pivarc <lpivarc@redhat.com>

* Make ordering stable

Signed-off-by: L. Pivarc <lpivarc@redhat.com>

* Test ordering

Signed-off-by: L. Pivarc <lpivarc@redhat.com>
 2020-09-29 19:17:38 +02:00
Cosmin Cojocar
d1467ac998 Extend the code snippet included in the issue and refactored how the code snippet is printed 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-07-07 10:00:15 +02:00
Marco Antônio Singer
656691b387
feature(formatter/text): Add color option on text format (#460) 
* feature(issue): Add function to return file path and line number

* docs(formatter/CreateReport): Update formats accepted

* feature(formatter): Add color output for text format

Basic color support for text format. For now, only the "Summary" title
and "Issues" section has color

* feature(formatter): Highlight issues based on severity

Given an issue, the file path is painted based on its severity.
We're using the following rules: high is red, medium is yellow and
low is simple black & white

* feature(main): Add color flag

It's only valid for text format

* refactor(formatter): Passing color flag forward
 2020-04-14 09:50:02 +02:00
Cosmin Cojocar
c6e10af40f Handle properly the gosec module version v2 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-04-06 09:06:23 -07:00
Hiroki Suezawa
a4d7b3628b Add G110(Potential DoS vulnerability via decompression bomb) 
Signed-off-by: Hiroki Suezawa <suezawa@gmail.com>
 2020-01-20 10:37:56 +01:00
Cosmin Cojocar
a1969e208c
Handle all errors in the formatter tests (#431) 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-01-16 09:05:38 +01:00
Hiroki Suezawa
9cb83e10af Add a rule which detects when there is potential integer overflow (#422) 
* Add G109(Potential Integer OverFlow Detection)

Signed-off-by: Hiroki Suezawa <suezawa@gmail.com>

* add CWE to G109(Potential Integer Overflow)

Signed-off-by: Hiroki Suezawa <suezawa@gmail.com>

* Modify G109 to use gosec.Context

Signed-off-by: Hiroki Suezawa <suezawa@gmail.com>
 2020-01-06 09:55:52 +01:00
Hiroki Suezawa
79fbf3af8d Add golint format to output format (#428) 
Signed-off-by: Hiroki Suezawa <suezawa@gmail.com>
 2020-01-03 10:56:21 +01:00
Julian Thome
53be8dd864 Add CWE rule mappings (#405) 
* added mappings

* added cwe to template

* link in function to template

* moved mappings and added test cases

* wording

* cleanup
 2019-10-31 09:22:38 +01:00
Grant Murphy
4b59c94808
Prevent null pointer exception in Sonarqube (#334) 
* fix(formatters) null value causes npe in sonarqube

the json encoding of uninitialized arrays is null. this causes a npe in
sonarqube tool. we should return an empty array rather than a null value
here.

relates to: #333
 2019-07-09 13:36:09 +10:00
Cosmin Cojocar
020479a832 Support multiple root paths when generating the Sonarqube report 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2019-06-24 14:35:11 +02:00
Cosmin Cojocar
46e55b908d Fix the file path in the Sonarqube report 
Add some test to validate the Sonarqube formatter.

Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2019-06-24 14:10:51 +02:00