diff --git a/analyzer-checkov/src/main/java/io/codety/scanner/analyzer/checkov/CheckovCodeAnalyzer.java b/analyzer-checkov/src/main/java/io/codety/scanner/analyzer/checkov/CheckovCodeAnalyzer.java index e51aaa3..7c96dd8 100644 --- a/analyzer-checkov/src/main/java/io/codety/scanner/analyzer/checkov/CheckovCodeAnalyzer.java +++ b/analyzer-checkov/src/main/java/io/codety/scanner/analyzer/checkov/CheckovCodeAnalyzer.java @@ -41,9 +41,8 @@ public List analyzeCode(AnalyzerConfigurationDetailDto ru if(codeAnalysisIssueDtoList == null || codeAnalysisIssueDtoList.isEmpty()){ return list; } - CodeAnalysisResultDto resultDto = new CodeAnalysisResultDto(runnerConfiguration.getLanguage(), runnerConfiguration.getCodeAnalyzerType()); - resultDto.setDisplayTitle("IaC issues"); + resultDto.setDisplayTitle("IaC"); resultDto.addIssues(codeAnalysisIssueDtoList); list.add(resultDto); diff --git a/analyzer-golangcilint/src/main/java/io/codety/scanner/analyzer/golangcilint/GolangcilintCodeAnalyzer.java b/analyzer-golangcilint/src/main/java/io/codety/scanner/analyzer/golangcilint/GolangcilintCodeAnalyzer.java index 6e28a16..2bcd61c 100644 --- a/analyzer-golangcilint/src/main/java/io/codety/scanner/analyzer/golangcilint/GolangcilintCodeAnalyzer.java +++ b/analyzer-golangcilint/src/main/java/io/codety/scanner/analyzer/golangcilint/GolangcilintCodeAnalyzer.java @@ -23,50 +23,50 @@ public List analyzeCode(AnalyzerConfigurationDetailDto ru try { List goModules = GolangcilintModuleUtil.findGoModules(request.getLocalGitRepoPath()); - List cmdList = new ArrayList<>(); - cmdList.add("golangci-lint"); - cmdList.add("run"); - cmdList.add("--no-config"); - cmdList.add("--out-format"); - cmdList.add("json"); + for(File file : goModules) { + List cmdList = new ArrayList<>(); + cmdList.add("golangci-lint"); + cmdList.add("run"); + cmdList.add("--no-config"); + cmdList.add("--out-format"); + cmdList.add("json"); + if (runnerConfiguration.getPayload() == null || runnerConfiguration.getPayload().isEmpty()) { + cmdList.add("--enable-all"); - if(runnerConfiguration.getPayload() == null || runnerConfiguration.getPayload().isEmpty()){ - cmdList.add("--enable-all"); + } else { + cmdList.add("--enable-all"); + } - }else{ - cmdList.add("--enable-all"); - } - for(File file : goModules){ - cmdList.add(file.getName() + "/..."); - } + cmdList.add( "./..."); - String[] command = cmdList.toArray(new String[0]); + String[] command = cmdList.toArray(new String[0]); - RuntimeExecUtil.RuntimeExecResult runtimeExecResult = RuntimeExecUtil.exec(command, null, 60, false, null); + RuntimeExecUtil.RuntimeExecResult runtimeExecResult = RuntimeExecUtil.exec(command, file.getAbsolutePath(), 60, false, null); - String errorOutput = runtimeExecResult.getErrorOutput(); - String successOutput = runtimeExecResult.getSuccessOutput(); + String errorOutput = runtimeExecResult.getErrorOutput(); + String successOutput = runtimeExecResult.getSuccessOutput(); - if(errorOutput!=null && errorOutput.length() > 0){ - CodetyConsoleLogger.debug("Error output from golangci-lint " + errorOutput); - } - if(successOutput == null || successOutput.isEmpty()){ - return list; - } + if (errorOutput != null && errorOutput.length() > 0) { + CodetyConsoleLogger.debug("Error output from golangci-lint " + errorOutput); + } + if (successOutput == null || successOutput.isEmpty()) { + return list; + } - List codeAnalysisIssueDtoList = GolangcilintResultConverter.convertResult(successOutput); - if(codeAnalysisIssueDtoList == null || codeAnalysisIssueDtoList.isEmpty()){ - return list; - } + List codeAnalysisIssueDtoList = GolangcilintResultConverter.convertResult(successOutput); + if (codeAnalysisIssueDtoList == null || codeAnalysisIssueDtoList.isEmpty()) { + return list; + } - CodeAnalysisResultDto resultDto = new CodeAnalysisResultDto(runnerConfiguration.getLanguage(), runnerConfiguration.getCodeAnalyzerType()); + CodeAnalysisResultDto resultDto = new CodeAnalysisResultDto(runnerConfiguration.getLanguage(), runnerConfiguration.getCodeAnalyzerType()); - resultDto.setDisplayTitle("Golang"); - resultDto.addIssues(codeAnalysisIssueDtoList); + resultDto.setDisplayTitle("Golang"); + resultDto.addIssues(codeAnalysisIssueDtoList); - list.add(resultDto); + list.add(resultDto); + } } catch (Exception e) { diff --git a/code-issue-examples/go/module-with-mod/cgo-issue.go b/code-issue-examples/go/module-with-mod/cgo-issue.go index 635bfdd..c63c5a4 100644 --- a/code-issue-examples/go/module-with-mod/cgo-issue.go +++ b/code-issue-examples/go/module-with-mod/cgo-issue.go @@ -1,34 +1,21 @@ -package cgoexample +package mymodule -/* -#include -#include +import "fmt" -void myprint(char* s) { - printf("%s\n", s); -} -*/ -import "C" +func MyModule() { -import ( - "fmt" - "unsafe" -) + var u1 = "initial" + var u2 = "initial" -func Example() { - cs := C.CString("Hello from stdio\n") - C.myprint(cs) - fmt.Printf("bad format %t", cs) - C.free(unsafe.Pointer(cs)) -} + var b, c int = 1, 2 + fmt.Println(b, c) -func notFormattedForGofmt() { -} + var d = true + fmt.Println(d) -func errorForRevive(p *int) error { - if p == nil { - return nil - } else { - return nil - } + var e int + fmt.Println(e) + + f := "apple" + fmt.Println(f) } \ No newline at end of file diff --git a/code-issue-examples/go/module-with-mod/go.mod b/code-issue-examples/go/module-with-mod/go.mod index 8ef7ecc..ac8c9c8 100644 --- a/code-issue-examples/go/module-with-mod/go.mod +++ b/code-issue-examples/go/module-with-mod/go.mod @@ -1,3 +1,3 @@ -module mymodule +module hello -go 1.23.0 +go 1.22.0 diff --git a/code-issue-examples/go/module-with-mod/hello.go b/code-issue-examples/go/module-with-mod/hello.go new file mode 100644 index 0000000..f875a96 --- /dev/null +++ b/code-issue-examples/go/module-with-mod/hello.go @@ -0,0 +1,7 @@ +package hello + +func Hello() string { + var u3 = "initial" + var u4 = "initial" + return "Hello, world." +} \ No newline at end of file diff --git a/code-issue-examples/go/module-with-mod/mymodule/unused-var.go b/code-issue-examples/go/module-with-mod/mymodule/unused-var.go new file mode 100644 index 0000000..c63c5a4 --- /dev/null +++ b/code-issue-examples/go/module-with-mod/mymodule/unused-var.go @@ -0,0 +1,21 @@ +package mymodule + +import "fmt" + +func MyModule() { + + var u1 = "initial" + var u2 = "initial" + + var b, c int = 1, 2 + fmt.Println(b, c) + + var d = true + fmt.Println(d) + + var e int + fmt.Println(e) + + f := "apple" + fmt.Println(f) +} \ No newline at end of file diff --git a/image/Dockerfile b/image/Dockerfile index 7d2c7d8..1c5d208 100644 --- a/image/Dockerfile +++ b/image/Dockerfile @@ -1,6 +1,6 @@ FROM amazoncorretto:17-alpine-jdk -RUN apk add --no-cache python3 py3-pip +RUN apk add --no-cache python3 py3-pip go RUN apk add --no-cache bash openssl ca-certificates git libc6-compat libstdc++ curl cppcheck nodejs npm py3-pylint RUN npm install --prefix /usr/local/eslint9/ eslint@9.x eslint-plugin-jsdoc eslint-plugin-react eslint-plugin-vue @html-eslint/parser @html-eslint/eslint-plugin @@ -9,6 +9,10 @@ RUN npm install --prefix /usr/local/eslint8/ eslint@8.x typescript @typescript- # !!!!!!checkov build will be failed in arm64 environment, you need to append `--platform=linux/amd64` during docker build or run if you use ARM64 environment(e.g. M1+ chips MacBook) RUN pip3 install checkov --break-system-packages +# install golang +# COPY --from=golang:1.17-alpine /usr/local/go/ /usr/local/go/ +# ENV PATH="/usr/local/go/bin:${PATH}" + #golang lint RUN wget -O- -nv https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v1.60.3 RUN golangci-lint --version