Skip to content

Add support for tainted nodes #3

Add support for tainted nodes

Add support for tainted nodes #3

Workflow file for this run

name: Run Gosec
on:
push:
branches:
- gosec # for testing this workflow
pull_request:
branches:
- main
jobs:
tests:
runs-on: ubuntu-latest
env:
GO111MODULE: on
steps:
- name: Checkout Source
uses: actions/checkout@v2
- name: Download Gosec
run: curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sudo sh -s -- -b /usr/bin v2.18.2
- name: Run Gosec Security Scanner
#G107: Url provided to HTTP request as taint input
#G109: Potential Integer overflow made by strconv.Atoi result conversion to int16/32
#G304: prevent loading configuration files from variable locations (we want to do this in local development)
#G601: Implicit memory aliasing in for loop. (disabled due to false positives for safe code)
run: gosec -exclude=G107,G109,G304,G601 ./...