Commit graph

40 commits

Author SHA1 Message Date
Julian Thome
53be8dd864 Add CWE rule mappings (#405)
* added mappings

* added cwe to template

* link in function to template

* moved mappings and added test cases

* wording

* cleanup
2019-10-31 09:22:38 +01:00
Grant Murphy
4b59c94808
Prevent null pointer exception in Sonarqube (#334)
* fix(formatters) null value causes npe in sonarqube

the json encoding of uninitialized arrays is null. this causes a npe in
sonarqube tool. we should return an empty array rather than a null value
here.

relates to: #333
2019-07-09 13:36:09 +10:00
Cosmin Cojocar
020479a832 Support multiple root paths when generating the Sonarqube report
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2019-06-24 14:35:11 +02:00
Cosmin Cojocar
46e55b908d Fix the file path in the Sonarqube report
Add some test to validate the Sonarqube formatter.

Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2019-06-24 14:10:51 +02:00
Cosmin Cojocar
950e84c3fa Handle errors to fix lint warnings
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2019-04-27 08:20:18 +02:00
kencrawford
eaba99df37 fix comment. 2019-03-21 07:30:14 +10:00
kencrawford
4cd14f9068 remove panic 2019-03-21 07:30:14 +10:00
kencrawford
66e7c8d8f8 Extract to a constant 2019-03-21 07:30:14 +10:00
kencrawford
1b28d323d8 fix sonarIssues struct 2019-03-21 07:30:14 +10:00
kencrawford
989eb3ff88 Update Hound errors 2019-03-21 07:30:14 +10:00
kencrawford
ddfe54d0a0 Add sonarqube output 2019-03-21 07:30:14 +10:00
Martin Vrachev
62b5195dd9 Report for Golang errors (#284)
* Report for Golang errors

Right now if you use Gosec to scan invalid go file and if you report the result in a text, JSON, CSV or another file format you will always receive 0 issues.
The reason for that is that Gosec can't parse the AST of invalid go files and thus will not report anything.

The real problem here is that the user will never know about the issue if he generates the output in a file.

Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2019-02-27 08:24:06 +10:00
Oleksandr Redko
3116b07de4 Fix typos in comments and rulelist (#256) 2018-10-11 14:45:31 +02:00
NeverOddOrEven
027dc2b8a7 This fixes the html template when using '-fmt=html'
- resolves HTML escaping issues within the template
 - resolves reference issues to reportInfo struct i.e. issues -> Issues, metrics -> Stats
2018-10-03 13:31:59 -05:00
Cosmin Cojocar
893b87b343 Replace gas with gosec everywhere in the project 2018-07-19 18:42:25 +02:00
Grant Murphy
da26f64208
Rename github org (#214) 2018-07-19 17:40:28 +10:00
Geoff Baskwill
b643ac26a4 Add rule ID to text output (#198) 2018-04-16 15:44:54 +10:00
cosmincojocar
1d9f816ca5 Add support for YAML output format (#177)
* Add YAML output format

* Update README
2018-03-05 22:20:24 +10:00
Delon Wong Her Laang
33fff9514f Excape html string for junit output. 2018-02-01 12:30:47 +08:00
Delon Wong Her Laang
862295cb7d Return err instead of panic. 2018-01-30 09:54:30 +08:00
Wong Her Laang
143df04ede Fixed typo. 2018-01-27 22:23:07 +08:00
Wong Her Laang
5b91afec36 Unexport junit xml structs and some further refactoring. 2018-01-27 14:45:04 +08:00
Wong Her Laang
fdc78c0c47 Changed failure text from json to plaintext. 2018-01-27 12:43:08 +08:00
Wong Her Laang
4059facfb9 Pretty print xml result for better viewing. 2018-01-27 12:25:54 +08:00
Wong Her Laang
1346bd37ca Edited README and help text. 2018-01-27 12:19:38 +08:00
Wong Her Laang
2c1a0b8732 Refactored code. 2018-01-27 12:14:35 +08:00
Wong Her Laang
7539b3735f Added xml header format. 2018-01-27 11:49:58 +08:00
Delon Wong Her Laang
b8cdc32174 Working version of xml result format. 2018-01-26 11:16:49 +08:00
Grant Murphy
af25ac1f6e fix golint errors picked up by hound-ci 2017-12-13 22:35:47 +10:00
Grant Murphy
cfa432729c fix hound-ci errors 2017-12-13 17:39:00 +10:00
Adrian Lanzafame
9c959ca0a9 Issue.Line is already a string 2017-10-01 10:31:39 +10:00
Grant Murphy
cacf21f3c0 Restructure to focus on lib rather than cli 2017-04-26 08:08:46 -07:00
Grant Murphy
8df48f9769 Fix to reporting to use output formats 2017-04-25 17:57:12 -07:00
Grant Murphy
9e2abd500f Merge pull request #66 from csstaub/cs/html-output
Add support for HTML output
2016-11-03 21:15:17 -07:00
Grant Murphy
74b6633ee0 Updated imports to new repository location. 2016-11-02 16:54:20 -07:00
Cedric Staub
911c69646d Add support for HTML output 2016-10-21 13:18:56 -07:00
Cedric Staub
2ec102c7bf Use encoding/csv for CSV output
The encoding/csv package will take care of quoting, double-quoting,
and other CSV quirks -- avoids having to fiddle with text templates.
2016-07-27 20:55:09 -07:00
Cedric Staub
271cff19f7
Use encoding/json for -fmt json output 2016-07-25 16:40:49 -07:00
Cedric Staub
c6e25a9b64
Make sure -fmt json produces valid output 2016-07-25 16:10:00 -07:00
Tim Kelsey
4f3d620d37 Initial public release 2016-07-20 15:56:32 +01:00