I thought that an example where the user inputs a URL is more realistic.
Because if your operating system is already hacked then you are already screwed.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
1. Example config json included a trailing comma, even though as we obviously know this is how things should be, JSON does not agree and the parser fails miserably
2. Flag was incorrectly stated as -config in the README, the correct flag is -conf
3. Example command did not work as did not include final dot to examine the current pkg.
* Allow for SQL concatenation of nodes that resolve to literals
If node.Y resolves to a literal, it will not be considered as an issue.
* Fix typo in comment.
* Go through all files in package to resolve that identifier
* Refactor code and added comments.
* Changed checking to not var or func.
* Allow for supporting code for test cases.
* Resolve merge conflict changes.
* ignore the temporary image file used for builds
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
* no need for GOPATH in the Dockerfile
It is already set in the golang:1.10.3-alpine3.8 image.
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
* no need for GOROOT in Dockerfile
The correct value is embedded in the go tool.
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
* bump Dockerfile golang to 1.10.4
The latest golang version thus far.
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
* replace docker-entrypoint.sh with the gosec binary
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
* git ignore gosec binary
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
* refactor Dockerfile into multi-stage
First stage does the build in a pristine alpine environment. Second
stage is a minimal image with just the necessary stuff to run the
compiled binary. Also added packages for gcc and musl-dev so cgo can do
its thang.
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
* fix the image execution example in README.md
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
* Support stripping vendor paths when matching calls
* Factor out matching of formatter string
* Quoted strings are safe to use with SQL str formatted strings
* Add test for allowing quoted strings with string formatters
* Install the pq package for tests to pass
