actions/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2024-11-05 19:45:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
743 commits 2 branches 41 tags 20 MiB
Commit graph

93 commits

Author SHA1 Message Date
kruskal
7d539ed494
feat: add concurrency option to parallelize package loading (#778) 
* feat: add concurrency option to parallelize package loading

* refactor: move wg.add inside the for loop

* fix: gracefully stop the workers on error

* test: add test for concurrent scan
 2022-02-16 18:23:37 +01:00
Cosmin Cojocar
7be6d4efb5
Add os.Create to the readfile rule (#761) 2022-01-12 19:33:17 +01:00
kaiili
9d66b0d346
Fix false negatives for SQL injection in multi-line queries 2022-01-05 12:05:53 +01:00
Cosmin Cojocar
ad5d74d5a1
Update to ginkgo v2 (#753) 2022-01-03 18:11:35 +01:00
kaiili
3038a30e3c
Add in the config file settings for exclude and include options 
Co-authored-by: kaiili <kaii@openingsource.org>
 2021-12-20 23:43:50 +01:00
Ville Skyttä
d23ab2d997
Remove space between // and #nosec in examples and internal use 
Comments intended for machines to read do not have the space by
convention.
 2021-12-15 19:31:14 +01:00
Yiwei Ding
b45f95f6ad
Add support for suppressing the findings 2021-12-09 11:53:36 +01:00
Ville Skyttä
f1f0056a90
Spelling fixes (#717) 2021-11-09 21:02:24 +01:00
Ryan Leung
79c8b79263
use a better naming for the variable (#715) 
Signed-off-by: Ryan Leung <rleungx@gmail.com>
 2021-10-19 11:54:51 +02:00
Matthieu MOREL
bfb0f422fe
chore(lint): enable errorlint and gci (#698) 2021-09-13 09:40:10 +02:00
Nanik
efbefc6930
fix: create a separate type for flag that has validation (#692) 2021-09-02 14:44:20 +02:00
Cosmin Cojocar
f285d612b5
Fix formatting issues with gofumpt (#685) 
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
 2021-08-18 13:16:21 +02:00
Marc Brugger
ba23b5e49a
Add possibility to list waived (nosec) marked issues but not count them as such 2021-08-18 13:00:38 +02:00
Marc Brugger
62db81342e
Allow excluding generated files 2021-08-04 17:33:20 +02:00
Matthieu MOREL
3ff0a2cc36
Fixes #644 (#645) 2021-06-13 13:28:53 +02:00
Matthieu MOREL
1256f16f33
Fix lint and fail on error in the ci build 2021-05-31 10:44:12 +02:00
Matthieu MOREL
d040f0725f
Handle gosec version in SARIF report 2021-05-20 10:16:42 +02:00
Matthieu MOREL
d8cfcd6e76
Allow the user to enable/disable colorisation of the text report in the stdout 2021-05-10 14:18:39 +02:00
Shreyas Subhedar
a8b633f124
Adding stdout and verbose flags and refactor how the report is saved 2021-05-10 10:44:55 +02:00
Matthieu MOREL
c4f5932ab7
Refactor : Replace Cwe with cwe.Weakness 2021-05-07 16:54:34 +02:00
Matthieu MOREL
ddfa25381f
Define a report package with core and per format sub-packages 2021-05-06 09:31:51 +02:00
mrtc0
0d4f1cb2cb
Support SARIF output (#539) 
* SARIF support

* add sarif option to help text
 2020-11-02 09:13:53 +01:00
xpivarc
0ce48a584f
Reproducible junit report (#529) 
* Fix junit format ordering

Signed-off-by: L. Pivarc <lpivarc@redhat.com>

* Make ordering stable

Signed-off-by: L. Pivarc <lpivarc@redhat.com>

* Test ordering

Signed-off-by: L. Pivarc <lpivarc@redhat.com>
 2020-09-29 19:17:38 +02:00
Cosmin Cojocar
13519fda59 Update the tls configuration generate to handle also the NSS alternative names 
Regenerate the configuration of TLS rule.

Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
 2020-09-03 10:54:08 +02:00
Cosmin Cojocar
3784ffea4e Fix panic when reading the version from debug info in Go 1.13 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-06-25 15:27:53 +02:00
Cosmin Cojocar
ad1cb7e47e Make sure some version information is set when no version was injected into the binary 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-06-25 09:20:55 +02:00
Hiroaki Sano
af699f6a62
Exclude .git directory from scan (#485) 2020-06-09 15:16:27 +02:00
Cosmin Cojocar
c58f3563d3 Set the default color on only for text format 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-04-14 09:33:44 -07:00
Cosmin Cojocar
1a113d6da9 Turn the color always on when the text format is set 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-04-14 02:21:37 -07:00
Marco Antônio Singer
656691b387
feature(formatter/text): Add color option on text format (#460) 
* feature(issue): Add function to return file path and line number

* docs(formatter/CreateReport): Update formats accepted

* feature(formatter): Add color output for text format

Basic color support for text format. For now, only the "Summary" title
and "Issues" section has color

* feature(formatter): Highlight issues based on severity

Given an issue, the file path is painted based on its severity.
We're using the following rules: high is red, medium is yellow and
low is simple black & white

* feature(main): Add color flag

It's only valid for text format

* refactor(formatter): Passing color flag forward
 2020-04-14 09:50:02 +02:00
Cosmin Cojocar
c6e10af40f Handle properly the gosec module version v2 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-04-06 09:06:23 -07:00
Sam Caccavale
7525fe4bb7
Rule for defering methods which return errors (#441) 2020-03-01 21:45:37 +01:00
Sam Caccavale
a305f10eb9
Fileperms (#442) 2020-02-28 12:48:18 +01:00
Lars Lehtonen
00363edac5
remove support for go 1.11 (#444) 2020-02-28 12:47:01 +01:00
Hiroki Suezawa
79fbf3af8d Add golint format to output format (#428) 
Signed-off-by: Hiroki Suezawa <suezawa@gmail.com>
 2020-01-03 10:56:21 +01:00
Lars Lehtonen
df484bfa9e cmd/tlsconfig: remove support for deprecated tls.VersionSSL30 (#412) 
* cmd/tlsconfig: build tags to deprecate tls.VersionSSL30 from go1.14

* cmd/tlsconfig: build tags to turn off TLSv1.3 in go1.11
 2019-11-19 11:41:25 +01:00
Cosmin Cojocar
43e3664713 Build the tls config generator only with Go versions compatible with Go 1.12 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2019-09-10 11:57:18 +10:00
Cosmin Cojocar
76ce9f0147 Update to config struct to unmarshal the mozilla server-side TLS conf version 5 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2019-09-10 11:57:18 +10:00
Cosmin Cojocar
e050355b4b Update the TLS config generator to handle TLS version 1.3 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2019-09-10 11:57:18 +10:00
Cosmin Cojocar
7851918c4f Add support to exclude arbitrary folders from scanning (#353) 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2019-09-09 22:01:36 +10:00
Daniel Carlier
8932f702ce Add flag to handle '#nosec' alternative (#346) 
* Add logic to check for a #nosec alternative

* Add NoSecAlternative as a new global variable

* Add nosec-tag flag
 2019-09-04 10:20:43 +02:00
Juan Antonio Osorio Robles
39f7e7b9e0 Display filtered number of issues instead of total in stats 
This takes into account the filtered number of issues instead of
the total number. This number is more relevant to developers, as
the intention was to not take certain issues into account anyway.
 2019-07-04 10:13:09 +10:00
Cosmin Cojocar
020479a832 Support multiple root paths when generating the Sonarqube report 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2019-06-24 14:35:11 +02:00
Cosmin Cojocar
46e55b908d Fix the file path in the Sonarqube report 
Add some test to validate the Sonarqube formatter.

Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2019-06-24 14:10:51 +02:00
Sandor Szücs
9d9098fa97 print version string (#317) 
Signed-off-by: Sandor Szücs <sandor.szuecs@zalando.de>
 2019-05-17 11:33:02 +02:00
Cosmin Cojocar
ee80733faf
Add a flag to filter issues by confidence (#316) 
Refactor also how the issues are filtered by severity.

Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2019-05-10 10:15:09 +02:00
Cosmin Cojocar
b49c9532a8 Add a flag which allows to scan also the tests files 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2019-04-29 06:55:24 +02:00
Cosmin Cojocar
f1d49a6945 Remove unused code 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2019-04-29 06:54:59 +02:00
Cosmin Cojocar
e419eb8f4e Exclude correctly the vendor folder from the scanned packages 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2019-04-27 14:02:43 -07:00
Cosmin Cojocar
85eb8a52ab Scan the go packages path recursively starting from a root folder 
This is replacing the gotool.ImportPaths which seems to have some troubles with Go modules.
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2019-04-27 14:02:43 -07:00