From c06903addd3db311885ef977576fd22c4e51894f Mon Sep 17 00:00:00 2001 From: Cosmin Cojocar Date: Wed, 18 Oct 2023 14:25:50 +0200 Subject: [PATCH] Fix test that checks the overriden nosec directive Signed-off-by: Cosmin Cojocar --- analyzer.go | 7 ++++++- analyzer_test.go | 6 +++--- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/analyzer.go b/analyzer.go index 980bbe4..416fb21 100644 --- a/analyzer.go +++ b/analyzer.go @@ -537,7 +537,12 @@ func (gosec *Analyzer) ignore(n ast.Node) map[string]issue.SuppressionInfo { if groups, ok := gosec.context.Comments[n]; ok && !gosec.ignoreNosec { // Checks if an alternative for #nosec is set and, if not, uses the default. - noSecDefaultTag := NoSecTag(string(Nosec)) + noSecDefaultTag, err := gosec.config.GetGlobal(Nosec) + if err != nil { + noSecDefaultTag = NoSecTag(string(Nosec)) + } else { + noSecDefaultTag = NoSecTag(noSecDefaultTag) + } noSecAlternativeTag, err := gosec.config.GetGlobal(NoSecAlternative) if err != nil { noSecAlternativeTag = noSecDefaultTag diff --git a/analyzer_test.go b/analyzer_test.go index 7622b3e..792b514 100644 --- a/analyzer_test.go +++ b/analyzer_test.go @@ -306,21 +306,21 @@ var _ = Describe("Analyzer", func() { Expect(nosecIssues).Should(HaveLen(sample.Errors)) }) - XIt("should be possible to overwrite nosec comments, and report issues but the should not be counted", func() { + It("should be possible to overwrite nosec comments, and report issues but they should not be counted", func() { // Rule for MD5 weak crypto usage sample := testutils.SampleCodeG401[0] source := sample.Code[0] // overwrite nosec option nosecIgnoreConfig := gosec.NewConfig() - nosecIgnoreConfig.SetGlobal(gosec.Nosec, "true") + nosecIgnoreConfig.SetGlobal(gosec.Nosec, "mynosec") nosecIgnoreConfig.SetGlobal(gosec.ShowIgnored, "true") customAnalyzer := gosec.NewAnalyzer(nosecIgnoreConfig, tests, false, false, 1, logger) customAnalyzer.LoadRules(rules.Generate(false, rules.NewRuleFilter(false, "G401")).RulesInfo()) nosecPackage := testutils.NewTestPackage() defer nosecPackage.Close() - nosecSource := strings.Replace(source, "h := md5.New()", "h := md5.New() //#nosec", 1) + nosecSource := strings.Replace(source, "h := md5.New()", "h := md5.New() // #mynosec", 1) nosecPackage.AddFile("md5.go", nosecSource) err := nosecPackage.Build() Expect(err).ShouldNot(HaveOccurred())