cosmos gosec issues - Githubissues

cosmos / gosec

Apache License 2.0

19 stars 6 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

disable map check

#70 tac0turtle closed 1 year ago
0
Deadlock between gosec and golint

#69 kocubinski opened 1 year ago
0
rules/sdk: exempt "core", "runtime" from map iteration checks

#68 odeke-em closed 2 years ago
0
rules/sdk/blocklist: permit depinject to import unsafe

#67 odeke-em closed 2 years ago
0
rules/sdk: allow hash.Hash.Write et al to ignore errors since contract permits

#66 odeke-em closed 2 years ago
1
analyzer: parallelize (*Analyzer).Process for better CPU use

#65 odeke-em closed 2 years ago
2
rules/sdk: allow packages with */crypto/* to import unsafe

#64 odeke-em closed 2 years ago
0
rules/sdk: G702: Blocklisted import crypto/rand should not flag for crypto related code

#63 odeke-em closed 2 years ago
0
rules/sdk: G703 errors not propagated should obey hash.Hash.Write not returning an error

#62 odeke-em opened 2 years ago
0
analyzer: skip over files under /tests

#61 odeke-em closed 2 years ago
0
rules: skip over directories under /tests/ and testutil

#60 odeke-em closed 2 years ago
0
Enhancement: check use of Quo functions occurring before Mul

#59 johnsaigle opened 2 years ago
1
rules/sdk: intelligently flag overflowing uint*->uint* + int*->int* conversions

#58 odeke-em closed 2 years ago
2
rules/sdk: just aliasing an integer type prevents it from being checked

#57 odeke-em closed 2 years ago
0
rules/sdk: a conversion of a smaller uint type to a larger uint type MUST NEVER report an overflow/false positive

#56 odeke-em closed 2 years ago
1
rules/sdk: more accurately determine overflow for *int*(len(...)) by type & 32/64-bit architectures

#55 odeke-em closed 2 years ago
0
rules/sdk: potential integer flow: do not flag any value with uint(,32,64)(len(...)) depending on bitsize because by the spec len can never be negative but even int will always fit inside uint, uint32, uint64

#54 odeke-em closed 2 years ago
0
(*Analyzer).Check: skip analyzing files within */testutil/*

#53 odeke-em closed 2 years ago
0
all: exclude traversing the "*/testutil/*" directory from checks

#52 odeke-em closed 2 years ago
0
rules/sdk: exclude "testutil" from map ranging checks

#51 odeke-em closed 2 years ago
1
rules/sdk: skip map iteration checks for testutil code

#50 odeke-em closed 2 years ago
0
rules/errors: allow hash.Hash.Write to not return an error as its Go contract holds

#49 odeke-em closed 2 years ago
1
.github/workflows/ci: test on Go1.17,1.18,1.19

#48 odeke-em opened 2 years ago
0
all: fix tests by migrating to github.com/onsi/ginkgo/v2

#47 odeke-em closed 2 years ago
1
rules/sdk: sdk allow unsafe+*/rand in specific packages

#46 odeke-em closed 2 years ago
1
errors: do not report a unhandled error on hash.Hash.Write code which by contract WILL NEVER return an error

#45 odeke-em closed 2 years ago
0
rules/sdk: ignore unsafe imports inside any simapp or simulation, cryptographic, testing related code

#44 odeke-em closed 2 years ago
0
rules/sdk: flag methods inside sort comparators to avoid quadratic worst case time & memory consumption: instead recommend O(n) computations and memoization of results

#43 odeke-em opened 2 years ago
0
Suggestions for improving install process

#42 johnsaigle opened 2 years ago
0
analyzer: move generated file filtering to ast.Walk phase not in package building

#41 odeke-em closed 2 years ago
0
analyzer: do not analyze generated go files

#40 odeke-em closed 2 years ago
0
output: fix sarif formatting

#39 kirbyquerby closed 2 years ago
0
Generated SARIF file is not valid SARIF

#38 v-homsi closed 2 years ago
5
all: alter/remove references to securego

#37 kirbyquerby closed 2 years ago
1
rules/sdk: flag panics in BeginBlock/Endblock

#36 odeke-em opened 2 years ago
0
.github: add actions to build and release docker image on ghcr

#35 kirbyquerby closed 2 years ago
3
go.mod: fix go vet go.sum complaints

#34 odeke-em closed 2 years ago
0
all: migrate from github.com/informalsystems/* to github.com/cosmos/*

#33 odeke-em closed 2 years ago
0
gosec docker image has been removed, which breaks github actions

#32 asalzmann closed 2 years ago
11
all: update Docker image and built to use Informal Systems

#31 odeke-em closed 2 years ago
0
rules/sdk: iterate over maps should suppress protobuf related code and auto-generated code in pb.go and pb.*.go files

#30 odeke-em closed 2 years ago
3
rules/sdk: permit additional map copying format

#29 kirbyquerby closed 2 years ago
3
rules/sdk: permit map copying in G705

#28 kirbyquerby closed 2 years ago
1
rules/sdk: add check for missing .IsNil check before deference after being cast from an interface{} to avoid nil pointer dereferences

#27 odeke-em opened 2 years ago
1
build docker image and use it in action.yml

#26 kirbyquerby closed 2 years ago
7
rules/sdk: use ctx.Info.TypeOf() to get types

#25 kirbyquerby closed 2 years ago
1
rules/sdk: G705 should allow map copying

#24 kirbyquerby closed 2 years ago
1
analyzer.go: add support for nested go modules

#23 kirbyquerby closed 2 years ago
1
.github: upgrade to actions/go + add go mod caching

#22 kirbyquerby closed 2 years ago
0
all: fix/suppress remaining warnings

#21 kirbyquerby closed 2 years ago
2