gosec

go/gosec

mirror of https://github.com/securego/gosec.git synced 2025-03-17 20:57:54 +02:00

History

Dimitar Banchev 0eb8143c23 Added new rule G407(hardcoded IV/nonce)

The rule is supposed to detect for the usage of hardcoded or static nonce/Iv in many encryption algorithms:

* The different modes of AES (mainly tested here)
* It should be able to work with ascon

Currently the rules doesn't check when constant variables are used.

TODO: Improve the rule, to detected for constatant variable usage

2024-08-30 19:35:07 +02:00

cwe_suite_test.go

Update to ginkgo v2 (#753 )

2022-01-03 18:11:35 +01:00

data_test.go

correct gci linter (#946 )

2023-03-30 09:31:24 +02:00

data.go

Added new rule G407(hardcoded IV/nonce)

2024-08-30 19:35:07 +02:00

types_test.go

correct gci linter (#946 )

2023-03-30 09:31:24 +02:00

types.go

fix: make sure that nil Cwe pointer is handled when getting the CWE ID

2022-08-20 13:32:31 +02:00