-
Notifications
You must be signed in to change notification settings - Fork 24
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update args for gosec, with no args it runs the -h option #47
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
@@ -622,7 +623,8 @@ func (s *service) getNewIsilonConfigs(ctx context.Context, configBytes []byte) ( | |||
} | |||
|
|||
newIsiClusters := make(map[interface{}]interface{}) | |||
for i, config := range inputConfigs.IsilonClusters { | |||
for i, clusterConfig := range inputConfigs.IsilonClusters { | |||
config := clusterConfig |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why introduce one more variable? either use config or clusterConfig, and remove one of these.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is to address the below,
[/github/workspace/service/service.go:664] - G601 (CWE-118): Implicit memory aliasing in for loop. (Confidence: MEDIUM, Severity: MEDIUM)
664: config.isiSvc, _ = s.GetIsiService(clientCtx, &config, logLevel)
Description
By default gosec expects args without it it defaults to -h option and lists the way to run gosec and does not run any actual test.
Excluded G304 for the below, which seems a valid change needed.
[/github/workspace/service/service.go:561] - G304 (CWE-22): Potential file inclusion via variable (Confidence: HIGH, Severity: MEDIUM)
Made changes to address the below,
Addressed other issues.
GitHub Issues
List the GitHub issues impacted by this PR:
Checklist:
How Has This Been Tested?
Please describe the tests that you ran to verify your changes. Please also list any relevant details for your test configuration