diff --git a/cmd/gosec/main.go b/cmd/gosec/main.go index 9c9fb52..330280d 100644 --- a/cmd/gosec/main.go +++ b/cmd/gosec/main.go @@ -185,6 +185,14 @@ func loadConfig(configFile string) (gosec.Config, error) { if *flagAlternativeNoSec != "" { config.SetGlobal(gosec.NoSecAlternative, *flagAlternativeNoSec) } + // set global option IncludeRules ,when flag set or global option IncludeRules is nil + if v, _ := config.GetGlobal(gosec.IncludeRules); *flagRulesInclude != "" || v == "" { + config.SetGlobal(gosec.IncludeRules, *flagRulesInclude) + } + // set global option ExcludeRules ,when flag set or global option IncludeRules is nil + if v, _ := config.GetGlobal(gosec.ExcludeRules); flagRulesExclude.String() != "" || v == "" { + config.SetGlobal(gosec.ExcludeRules, flagRulesExclude.String()) + } return config, nil } @@ -348,7 +356,16 @@ func main() { } // Load enabled rule definitions - ruleList := loadRules(*flagRulesInclude, flagRulesExclude.String()) + excludeRules, err := config.GetGlobal(gosec.ExcludeRules) + if err != nil { + logger.Fatal(err) + } + includeRules, err := config.GetGlobal(gosec.IncludeRules) + if err != nil { + logger.Fatal(err) + } + // get a bug + ruleList := loadRules(includeRules, excludeRules) if len(ruleList.Rules) == 0 { logger.Fatal("No rules are configured") } diff --git a/config.go b/config.go index fe60b2f..59f48bc 100644 --- a/config.go +++ b/config.go @@ -26,6 +26,10 @@ const ( Audit GlobalOption = "audit" // NoSecAlternative global option alternative for #nosec directive NoSecAlternative GlobalOption = "#nosec" + // ExcludeRules global option for some rules should not be load + ExcludeRules GlobalOption = "exclude" + // IncludeRules global option for should be load + IncludeRules GlobalOption = "include" ) // Config is used to provide configuration and customization to each of the rules.