search

saucelabs / forwarder

Forwarder is a production-ready, fast MITM proxy with PAC support. It's suitable for debugging, intercepting and manipulating HTTP traffic. It's used as a core component of Sauce Labs Sauce Connect Proxy.
https://forwarder-proxy.io
Mozilla Public License 2.0
234 stars 13 forks source link

martian: enable gosec linter #361

Open Choraden opened 1 year ago

Choraden commented 1 year ago

The gosec linter was disabled in ed512616.

Choraden commented 1 year ago

I have doubts about the quality of the linter. This is ok. 

tlsCfg := new(tls.Config)

This is wrong.

G402: TLS MinVersion too low. (gosec)
tlsCfg := &tls.Config{}
Choraden commented 1 year ago

Another example:

tlsCfg := &tls.Config{
    MinVersion:         tls.VersionTLS12,
    InsecureSkipVerify: true,
}
G402: TLS InsecureSkipVerify set true. (gosec)

But this is ok

tlsCfg := &tls.Config{
    MinVersion:         tls.VersionTLS12,
}
tlsCfg.InsecureSkipVerify = true