Commit graph

70 commits

Author SHA1 Message Date
coredefend
e76b258456 New Rule Tainted file (#183)
* Add a tool to generate the TLS configuration form Mozilla's ciphers recommendation (#178)

* Add a tool which generates the TLS rule configuration from Mozilla server side
TLS configuration

* Update README

* Remove trailing space in README

* Update dependencies

* Fix the commends of the generated functions

* Add nil pointer check to rule. (#181)

TypeOf returns the type of expression e, or nil if not found. We are
calling .String() on a value that may be nil in this clause.

Relates to #174

* Add support for YAML output format (#177)

* Add YAML output format

* Update README

* added rule to check for tainted file path

* added #nosec to main/issue.go

* updated test case import
2018-03-09 09:23:27 +10:00
Jon McClintock
7bb6f004ae Merge branch 'master' of https://github.com/GoASTScanner/gas into nosec-specify-rule 2018-03-08 18:52:11 +00:00
cosmincojocar
1d9f816ca5 Add support for YAML output format (#177)
* Add YAML output format

* Update README
2018-03-05 22:20:24 +10:00
Jon McClintock
1429033aca Add support for #excluding specific rules 2018-03-02 23:44:51 +00:00
cosmincojocar
edb362fc9d Add a tool to generate the TLS configuration form Mozilla's ciphers recommendation (#178)
* Add a tool which generates the TLS rule configuration from Mozilla server side
TLS configuration

* Update README

* Remove trailing space in README

* Update dependencies

* Fix the commends of the generated functions
2018-02-21 15:59:18 +10:00
Cosmin Cojocar
84bfbbfd8c Switch to sort Interface to be backward compatible with older go versions 2018-02-10 19:45:04 +01:00
Cosmin Cojocar
d4ebb032a9 Sort the issues by severity in descending order before creating the report 2018-02-08 12:12:22 +01:00
Cosmin Cojocar
c2c21553a3 Fix some gas warnings 2018-02-07 14:07:24 +01:00
Wong Her Laang
1346bd37ca Edited README and help text. 2018-01-27 12:19:38 +08:00
Grant Murphy
5361949a13 Sending log messages to multiple streams
Use the configured logger for all log messages.
2018-01-23 10:02:20 +10:00
Andrew S. Brown
22dc89384d Do a single build for all packages.
This is much faster because the loader can reuse packages.
2018-01-07 15:02:33 -08:00
Grant Murphy
4c49716f0e move utils to separate executable 2017-12-28 16:55:12 +10:00
Grant Murphy
25d74c6b20 address review comments 2017-12-14 10:04:22 +10:00
Grant Murphy
cfa432729c fix hound-ci errors 2017-12-13 17:39:00 +10:00
Grant Murphy
e3b6fd94c2 update readme to provide info regarding package level scans 2017-12-13 16:35:54 +10:00
Adrian Lanzafame
5a1133682a remove commited binary 2017-10-01 10:31:51 +10:00
Grant Murphy
6943f9e5e4 Major rework of codebase
- Get rid of 'core' and move CLI to cmd/gas directory
- Migrate (most) tests to use Ginkgo and testutils framework
- GAS now expects package to reside in $GOPATH
- GAS now can resolve dependencies for better type checking (if package
  on GOPATH)
- Simplified public API
2017-07-19 15:17:00 -06:00
Grant Murphy
026fe4c534 Simplify analyzer and command line interface
The analyzer now only handles packages rather than one off files. This
simplifies the CLI functionality significantly.
2017-05-09 21:26:53 -07:00
Grant Murphy
bf78d027a9 Restructure and introduce a standalone config 2017-04-28 14:46:26 -07:00
Grant Murphy
cacf21f3c0 Restructure to focus on lib rather than cli 2017-04-26 08:08:46 -07:00