go/gosec
go/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2024-12-28 21:08:22 +02:00
Code Issues Releases Activity

Update README

Browse Source
This commit is contained in:
Cosmin Cojocar 2018-08-08 16:41:34 +02:00
parent fb0dc73a96
commit 8dfa8dc015
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -50,7 +50,7 @@ or to specify a set of rules to explicitly exclude using the '-exclude=' flag.
- G303: Creating tempfile using a predictable path
- G304: File path provided as taint input
- G305: File traversal when extracting zip archive
- G401: Detect the usage of DES, RC4, or MD5
- G401: Detect the usage of DES, RC4, MD5 or SHA1
- G402: Look for bad TLS connection settings
- G403: Ensure minimum RSA key length of 2048 bits
- G404: Insecure random number source (rand)
@ -58,6 +58,7 @@ or to specify a set of rules to explicitly exclude using the '-exclude=' flag.
- G502: Import blacklist: crypto/des
- G503: Import blacklist: crypto/rc4
- G504: Import blacklist: net/http/cgi
- G505: Import blacklist: crypto/sha1
```

2
rules/rulelist.go
View File

@ -80,7 +80,7 @@ func Generate(filters ...RuleFilter) RuleList {
{"G305", "File path traversal when extracting zip archive", NewArchive},
// crypto
{"G401", "Detect the usage of DES, RC4, or MD5", NewUsesWeakCryptography},
{"G401", "Detect the usage of DES, RC4, MD5 or SHA1", NewUsesWeakCryptography},
{"G402", "Look for bad TLS connection settings", NewIntermediateTLSCheck},
{"G403", "Ensure minimum RSA key length of 2048 bits", NewWeakKeyStrength},
{"G404", "Insecure random number source (rand)", NewWeakRandCheck},