Skip to content

Commit

Permalink
Enable gosec. (#301)
Browse files Browse the repository at this point in the history
  • Loading branch information
@dhaus67
dhaus67 authored Apr 25, 2022
1 parent 733e927 commit ab8a80b
Show file tree
Hide file tree
Showing 8 changed files with 21 additions and 15 deletions.
8 changes: 7 additions & 1 deletion .golangci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,9 @@ linters-settings:
- emptyStringTest
- hugeParam
- rangeValCopy
gosec:
excludes:
- G101
gosimple:
go: "1.16"
checks: ["all"]
Expand All @@ -51,6 +54,9 @@ linters-settings:
require-specific: true # require nolint directives to be specific about which linter is being skipped
revive:
min-confidence: 0
# Due to https://github.com/golangci/golangci-lint/issues/2355 on MacOS the linter is failing with the error
# message too many files. Set the max-open-files explicitly.
max-open-files: 2048
staticcheck:
go: "1.16"
checks: ["all"]
Expand Down Expand Up @@ -85,7 +91,7 @@ linters:
- goimports
# - gomnd
# - goprintffuncname
# - gosec
- gosec
- gosimple
- govet
- ineffassign
Expand Down
6 changes: 3 additions & 3 deletions pkg/builtinchecks/built_in_checks.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,9 @@ func LoadInto(registry checkregistry.CheckRegistry) error {
if err != nil {
return err
}
for _, chk := range checks {
if err := registry.Register(&chk); err != nil {
return errors.Wrapf(err, "registering default check %s", chk.Name)
for i := range checks {
if err := registry.Register(&checks[i]); err != nil {
return errors.Wrapf(err, "registering default check %s", checks[i].Name)
}
}
return nil
Expand Down
4 changes: 2 additions & 2 deletions pkg/check/parameter_desc.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,8 +98,8 @@ func transform(p *ParameterDesc, nestingLevel int) HumanReadableParamDesc {

if len(p.SubParameters) > 0 {
subParamFields := make([]HumanReadableParamDesc, 0, len(p.SubParameters))
for _, subParam := range p.SubParameters {
subParamFields = append(subParamFields, transform(&subParam, nestingLevel+1))
for i := range p.SubParameters {
subParamFields = append(subParamFields, transform(&p.SubParameters[i], nestingLevel+1))
}
out.SubParameters = subParamFields
}
Expand Down
8 changes: 4 additions & 4 deletions pkg/command/lint/sarif_format.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,15 +66,15 @@ func formatSarif(out io.Writer, result run.Result) error {
// WithWorkingDirectory helps GitHub resolve artifact locations from repo root when their paths are absolute.
WithWorkingDirectory(sarif.NewArtifactLocation().WithUri("file://" + cwd))

for _, c := range result.Checks {
err = addSarifRule(sarifRun, &c)
for i := range result.Checks {
err = addSarifRule(sarifRun, &result.Checks[i])
if err != nil {
return err
}
}

for _, r := range result.Reports {
err = addSarifResult(sarifRun, cwd, &r)
for i := range result.Reports {
err = addSarifResult(sarifRun, cwd, &result.Reports[i])
if err != nil {
return err
}
Expand Down
4 changes: 2 additions & 2 deletions pkg/config/codegen/parse.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import (
"flag"
"fmt"
"os"
"path/filepath"
"reflect"
"strings"
"text/template"
Expand Down Expand Up @@ -231,8 +232,7 @@ func mainCmd() error {
FlagDesc: flagDesc,
})
}

outF, err := os.Create(outFileName)
outF, err := os.Create(filepath.Clean(outFileName))
if err != nil {
return errors.Wrap(err, "creating output file")
}
Expand Down
2 changes: 1 addition & 1 deletion pkg/lintcontext/create_contexts_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ func createContextsAndVerifyPaths(t *testing.T, useTarball, useAbsolutePath, ren
var lintCtxs []LintContext
if useFromArchiveFunction {
var file *os.File
file, err = os.Open(testPath)
file, err = os.Open(filepath.Clean(testPath))
require.NoError(t, err)

defer func() {
Expand Down
2 changes: 1 addition & 1 deletion pkg/lintcontext/parse_yaml.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -187,7 +187,7 @@ func (l *lintContextImpl) loadObjectsFromYAMLFile(filePath string, info os.FileI
if info.Size() > maxFileSizeBytes {
return nil
}
file, err := os.Open(filePath)
file, err := os.Open(filepath.Clean(filePath))
if err != nil {
return errors.Wrapf(err, "opening file at %s", filePath)
}
Expand Down
2 changes: 1 addition & 1 deletion pkg/templates/codegen/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -312,7 +312,7 @@ func processTemplate(dir string) error {
}

outFileName := filepath.Join(dir, "internal", "params", "gen-params.go")
outF, err := os.Create(outFileName)
outF, err := os.Create(filepath.Clean(outFileName))
if err != nil {
return errors.Wrap(err, "creating output file")
}
Expand Down

0 comments on commit ab8a80b

Please sign in to comment.