* feature(issue): Add function to return file path and line number
* docs(formatter/CreateReport): Update formats accepted
* feature(formatter): Add color output for text format
Basic color support for text format. For now, only the "Summary" title
and "Issues" section has color
* feature(formatter): Highlight issues based on severity
Given an issue, the file path is painted based on its severity.
We're using the following rules: high is red, medium is yellow and
low is simple black & white
* feature(main): Add color flag
It's only valid for text format
* refactor(formatter): Passing color flag forward
This takes into account the filtered number of issues instead of
the total number. This number is more relevant to developers, as
the intention was to not take certain issues into account anyway.
* Report for Golang errors
Right now if you use Gosec to scan invalid go file and if you report the result in a text, JSON, CSV or another file format you will always receive 0 issues.
The reason for that is that Gosec can't parse the AST of invalid go files and thus will not report anything.
The real problem here is that the user will never know about the issue if he generates the output in a file.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
* Support package resolution and filepaths
This change introduces the logic to resolve packages using gotool
and build packages from filepaths. It assumes that the packages
being scanned are located within the GOPATH.
If the GOPATH environment variable is not set the GOPATH is derived
as $HOME/go.
Relates to #184
* Fix build error
* Address unhandled error
* Fix formatting error
* Handle multiple paths on GOPATH
* Add a semantic version to the usage text
* Add a comment to the version function
* Inject the version, git tag and build date as build variables
* Update README
* Fix lint warnings
* Update README
* Manage dependencies with dep tool instead of godep
* Add a Makefile for common build tasks
* Update the build file to use the make tool
* Update Dockerfile
* Add docker entry point in to make the passing of arguments easy
* Update README
* Add missing tools to the build
* Drop 1.7 support and add 1.10
* Fix Go 1.10 according with the travis guidelines
https://docs.travis-ci.com/user/languages/go/
* Update the tls-observatory package
* Fix lint warnings
* Change the output of the tests to be more verbose
* Check if the are build errors before executing the rule test
* Add a tool to generate the TLS configuration form Mozilla's ciphers recommendation (#178)
* Add a tool which generates the TLS rule configuration from Mozilla server side
TLS configuration
* Update README
* Remove trailing space in README
* Update dependencies
* Fix the commends of the generated functions
* Add nil pointer check to rule. (#181)
TypeOf returns the type of expression e, or nil if not found. We are
calling .String() on a value that may be nil in this clause.
Relates to #174
* Add support for YAML output format (#177)
* Add YAML output format
* Update README
* added rule to check for tainted file path
* added #nosec to main/issue.go
* updated test case import
