Switch to valuespec instead of gendecl for hardcoded credential rule (#186)

rules/hardcoded_credentials.go

@@ -16,7 +16,6 @@ package rules
 
 import (
 	"go/ast"
-	"go/token"
 	"regexp"
 	"strconv"
 
@@ -53,8 +52,8 @@ func (r *credentials) Match(n ast.Node, ctx *gas.Context) (*gas.Issue, error) {
 	switch node := n.(type) {
 	case *ast.AssignStmt:
 		return r.matchAssign(node, ctx)
-	case *ast.GenDecl:
+	case *ast.ValueSpec:
-		return r.matchGenDecl(node, ctx)
+		return r.matchValueSpec(node, ctx)
 	}
 	return nil, nil
 }
@@ -76,12 +75,7 @@ func (r *credentials) matchAssign(assign *ast.AssignStmt, ctx *gas.Context) (*ga
 	return nil, nil
 }
 
-func (r *credentials) matchGenDecl(decl *ast.GenDecl, ctx *gas.Context) (*gas.Issue, error) {
+func (r *credentials) matchValueSpec(valueSpec *ast.ValueSpec, ctx *gas.Context) (*gas.Issue, error) {
-	if decl.Tok != token.CONST && decl.Tok != token.VAR {
-		return nil, nil
-	}
-	for _, spec := range decl.Specs {
-		if valueSpec, ok := spec.(*ast.ValueSpec); ok {
 	for index, ident := range valueSpec.Names {
 		if r.pattern.MatchString(ident.Name) && valueSpec.Values != nil {
 			// const foo, bar = "same value"
@@ -95,8 +89,6 @@ func (r *credentials) matchGenDecl(decl *ast.GenDecl, ctx *gas.Context) (*gas.Is
 			}
 		}
 	}
-		}
-	}
 	return nil, nil
 }
 
@@ -146,5 +138,5 @@ func NewHardcodedCredentials(conf gas.Config) (gas.Rule, []ast.Node) {
 			Confidence: gas.Low,
 			Severity:   gas.High,
 		},
-	}, []ast.Node{(*ast.AssignStmt)(nil), (*ast.GenDecl)(nil)}
+	}, []ast.Node{(*ast.AssignStmt)(nil), (*ast.ValueSpec)(nil)}
 }