go/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2025-07-03 00:27:05 +02:00
Code Issues Releases Activity

Ignore the issues from generated files when using the analysis framework (#1079)

Browse Source 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
This commit is contained in:
Cosmin Cojocar
2023-11-30 17:42:44 +01:00
committed by GitHub
parent 43b7cbf661
commit eb256a7d70
2 changed files with 69 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
analyzer.go
View File

@ -414,6 +414,9 @@ func (gosec *Analyzer) CheckAnalyzers(pkg *packages.Package) {
SSA: ssaResult.(*buildssa.SSA),
},
}
generatedFiles := gosec.generatedFiles(pkg)
for _, analyzer := range gosec.analyzerList {
pass := &analysis.Pass{
Analyzer: analyzer,
@ -441,6 +444,11 @@ func (gosec *Analyzer) CheckAnalyzers(pkg *packages.Package) {
if result != nil {
if passIssues, ok := result.([]*issue.Issue); ok {
for _, iss := range passIssues {
if gosec.excludeGenerated {
if _, ok := generatedFiles[iss.File]; ok {
continue
}
}
gosec.updateIssues(iss)
}
}
@ -448,6 +456,21 @@ func (gosec *Analyzer) CheckAnalyzers(pkg *packages.Package) {
}
}
func (gosec *Analyzer) generatedFiles(pkg *packages.Package) map[string]bool {
generatedFiles := map[string]bool{}
for _, file := range pkg.Syntax {
if isGeneratedFile(file) {
fp := pkg.Fset.File(file.Pos())
if fp == nil {
// skip files which cannot be located
continue
}
generatedFiles[fp.Name()] = true
}
}
return generatedFiles
}
// buildSSA runs the SSA pass which builds the SSA representation of the package. It handles gracefully any panic.
func (gosec *Analyzer) buildSSA(pkg *packages.Package) (interface{}, error) {
defer func() {