Feature/static code security scanner - Githubissues

Optum / dce-cli

Disposable Cloud Environment CLI

Apache License 2.0

38 stars 20 forks source link

Feature/static code security scanner #74

Closed joshmarsh closed 4 years ago

joshmarsh commented 4 years ago

Proposed changes

gosec is a static code analysis tool that scans for known security vulnerabilities. This PR adds gosec to the pipeline and fixes some issues raised by the tool.

Example of gosec working in our pipeline

Types of changes

[ ] Bugfix (non-breaking change which fixes an issue)
[ ] New feature (non-breaking change which adds functionality)
[ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
[x] Refactor (changes to code, which do not change application behavior)

Checklist

[x] I have filled out this PR template
[x] I have read the CONTRIBUTING doc
[ ] I have added automated tests that prove my fix is effective or that my feature works
[ ] I have added necessary documentation (README.md, inline comments, etc.)
[ ] I have updated the CHANGELOG.md under a ## next release, with a short summary of my changes

Relevant Links

Further comments

joshmarsh commented 4 years ago

Example of gosec working in our pipeline