Open p0mvn opened 1 year ago
I feel like this has to be something handled within gosec
So, I can think of 2-3 ways to do it, but in our internal chat, I started here:
https://github.com/crypto-com/cosmos-sdk-codeql
there's also:
https://github.com/informalsystems/gosec
but in general, the crypto.com tooling has replaced the informalsysstems/gosec repo in our code practice.
Background
We need a static analysis tool to detect iterators that were not closed.
Example problem: https://github.com/osmosis-labs/osmosis/blob/a1dc69413fd908810dbafe150967e814b796897b/x/superfluid/keeper/intermediary_account.go#L134
Suggested Approach
Acceptance Criteria