go/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2025-11-23 22:15:04 +02:00
Code Issues Releases Activity

Check for both default and alternative nosec tags (#426)

Browse Source 
* Check both nosec tags

* Adjust test to find vulnerabilities

* Add a few alias in Makefile to get GOPATH
This commit is contained in:
Rafael dos Santos
2020-01-06 05:47:28 -03:00
committed by Cosmin Cojocar
parent 79fbf3af8d
commit f43a957359
5 changed files with 37 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
analyzer_test.go
View File

@@ -265,7 +265,7 @@ var _ = Describe("Analyzer", func() {
})
It("should be possible to change the default #nosec directive to another one", func() {
It("should be possible to use an alternative nosec tag", func() {
// Rule for MD5 weak crypto usage
sample := testutils.SampleCodeG401[0]
source := sample.Code[0]
@@ -289,7 +289,7 @@ var _ = Describe("Analyzer", func() {
})
It("should not ignore vulnerabilities", func() {
It("should ignore vulnerabilities when the default tag is found", func() {
// Rule for MD5 weak crypto usage
sample := testutils.SampleCodeG401[0]
source := sample.Code[0]
@@ -309,7 +309,7 @@ var _ = Describe("Analyzer", func() {
err = customAnalyzer.Process(buildTags, nosecPackage.Path)
Expect(err).ShouldNot(HaveOccurred())
nosecIssues, _, _ := customAnalyzer.Report()
Expect(nosecIssues).Should(HaveLen(sample.Errors))
Expect(nosecIssues).Should(HaveLen(0))
})