gosec/rules
Grant Murphy 9bc02396e8 Introduce entropy checking of string
This will hopefully reduce the number of false positives when it comes
to hard coded credentials. The zxcvbn library is used to calculate the
entropy of the string. By default the first 16 characters are considered
as doing the entropy check for strings much longer than that introduces
a fairly significant performance hit.
2017-01-14 13:45:34 -08:00
..
bind.go Allow rules to register against multiple ast nodes 2016-11-13 12:55:31 -08:00
bind_test.go Updated imports to new repository location. 2016-11-02 16:54:20 -07:00
blacklist.go Allow rules to register against multiple ast nodes 2016-11-13 12:55:31 -08:00
blacklist_test.go Ensure initialization only imports are ignored 2016-11-07 09:28:37 -08:00
errors.go Update error test case 2016-11-18 14:09:10 -08:00
errors_test.go Fix test cases with invalid sample code 2017-01-13 12:40:49 -08:00
fileperms.go Address unhandled error conditions 2016-12-02 10:20:23 -08:00
fileperms_test.go Fix test cases with invalid sample code 2017-01-13 12:40:49 -08:00
hardcoded_credentials.go Introduce entropy checking of string 2017-01-14 13:45:34 -08:00
hardcoded_credentials_test.go Introduce entropy checking of string 2017-01-14 13:45:34 -08:00
httpoxy_test.go Fix test cases with invalid sample code 2017-01-13 12:40:49 -08:00
nosec_test.go Fix test cases with invalid sample code 2017-01-13 12:40:49 -08:00
rand.go Backport test case for 1.5 2017-01-13 13:31:22 -08:00
rand_test.go Backport test case for 1.5 2017-01-13 13:31:22 -08:00
rsa.go Allow rules to register against multiple ast nodes 2016-11-13 12:55:31 -08:00
rsa_test.go Updated imports to new repository location. 2016-11-02 16:54:20 -07:00
sql.go Address unhandled error conditions 2016-12-02 10:20:23 -08:00
sql_test.go Fix test cases with invalid sample code 2017-01-13 12:40:49 -08:00
subproc.go Allow rules to register against multiple ast nodes 2016-11-13 12:55:31 -08:00
subproc_test.go Fix test cases with invalid sample code 2017-01-13 12:40:49 -08:00
tempfiles.go Address unhandled error conditions 2016-12-02 10:20:23 -08:00
tempfiles_test.go Updated imports to new repository location. 2016-11-02 16:54:20 -07:00
templates.go Allow rules to register against multiple ast nodes 2016-11-13 12:55:31 -08:00
templates_test.go Updated imports to new repository location. 2016-11-02 16:54:20 -07:00
tls.go Allow rules to register against multiple ast nodes 2016-11-13 12:55:31 -08:00
tls_test.go Fix test cases with invalid sample code 2017-01-13 12:40:49 -08:00
unsafe.go Update unsafe rule to match package explicitly 2016-11-15 13:53:36 -08:00
unsafe_test.go Updated imports to new repository location. 2016-11-02 16:54:20 -07:00
utils_test.go Recreate fileset each time we process a file 2016-12-02 15:21:13 -08:00
weakcrypto.go Allow rules to register against multiple ast nodes 2016-11-13 12:55:31 -08:00
weakcrypto_test.go Updated imports to new repository location. 2016-11-02 16:54:20 -07:00