search

securego / gosec

Go security checker
https://securego.io
Apache License 2.0
7.71k stars 606 forks source link

Fix multifile analyzer ignores #1167

Closed gartnera closed 2 months ago

gartnera commented 2 months ago

On master, #nosec G115 will not work if your package has multiple files. This appears to be because the ignores populated in CheckRules are cleared after every file. These ignores are needed in the CheckAnalyzers call that happen after CheckRules.

Fix this by not clearing the ignores every loop. All tests cases appear to still pass:

ginkgo run
<snip>
Ran 144 of 144 Specs in 6.095 seconds
SUCCESS! -- 144 Passed | 0 Failed | 0 Pending | 0 Skipped
PASS
ccojocar commented 2 months ago

@gartnera Thanks for this fix. Please could have a look at the lint warnings. I think you need reformat the go115_samples.go file by running the command gofumpt -w testutils/go115_samples.go.

codecov-commenter commented 2 months ago

:warning: Please install the 'codecov app svg image' to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 69.52%. Comparing base (87fcb9b) to head (7a4df24). Report is 1 commits behind head on master.

:exclamation: Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #1167 +/- ## ========================================== + Coverage 69.25% 69.52% +0.26% ========================================== Files 71 71 Lines 3864 3865 +1 ========================================== + Hits 2676 2687 +11 + Misses 1069 1061 -8 + Partials 119 117 -2 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.