Open ghost opened 4 years ago
Great!
Please note that the tool caught a lot of false positives. Eg. https://deepsource.io/gh/chsatyap/go-guerrilla/issue/SCC-SA4006/occurrences The vars are overwritten and we don't care about them normally, but these are helpful for me sometimes when stepping through the debugger - the value can be observed with each step. (there's no need to print it) Anyhow, nice tool - would be good to try it out on the "stream" branch later.
On Tue, 28 Jul 2020 at 17:57, Satya Pawan notifications@github.com wrote:
I forked this repo a while ago and ran a DeepSource analysis on it. DeepSource found a variety of different issues categorized based on their types and severity which you can view here https://deepsource.io/gh/chsatyap/go-guerrilla/.
Brief description - Anti-Patterns: 62 Bug Risks: 80 Performance issues: 1 Security Issues: 9
You can find a detailed description and fixes for some of them here https://deepsource.io/gh/chsatyap/go-guerrilla/issues/?category=recommended .
Please let me know what issues you'd like to focus on fixing and I'd be happy to take a look into it. Also, you can choose to hide certain types of issues too (if you wish to ignore them or you believe it is a false positive). I'd also be happy to send a patch with the DeepSource configuration file with the required fixes.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/flashmob/go-guerrilla/issues/211, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAE6MP4G3RLCFNUA7PKLYSDR52HJNANCNFSM4PKJJICQ .
False positives can be ignored. The analyzer shouldn't bring it up again. There are multiple options through which you can change the behaviour and the type of issues to be tracked.
Let me know whenever you'd like to try it out on the "stream" branch! :)
I forked this repo a while ago and ran a DeepSource analysis on it. DeepSource found a variety of different issues categorized based on their types and severity which you can view here.
Brief description - Anti-Patterns: 62 Bug Risks: 80 Performance issues: 1 Security Issues: 9
You can find a detailed description and fixes for some of them here.
Please let me know what issues you'd like to focus on fixing and I'd be happy to take a look into it. Also, you can choose to hide certain types of issues too (if you wish to ignore them or you believe it is a false positive). I'd also be happy to send a patch with the DeepSource configuration file with the required fixes.