File tree Expand file tree Collapse file tree 3 files changed +12
-5
lines changed Expand file tree Collapse file tree 3 files changed +12
-5
lines changed Original file line number Diff line number Diff line change @@ -259,18 +259,23 @@ func (gosec *Analyzer) AppendError(file string, err error) {
259259 gosec .errors [file ] = errors
260260}
261261
262- // ignore a node (and sub-tree) if it is tagged with a "# nosec" comment
262+ // ignore a node (and sub-tree) if it is tagged with a nosec tag comment
263263func (gosec * Analyzer ) ignore (n ast.Node ) ([]string , bool ) {
264264 if groups , ok := gosec .context .Comments [n ]; ok && ! gosec .ignoreNosec {
265265
266266 // Checks if an alternative for #nosec is set and, if not, uses the default.
267- noSecAlternative , err := gosec .config .GetGlobal (NoSecAlternative )
267+ noSecDefaultTag := "#nosec"
268+ noSecAlternativeTag , err := gosec .config .GetGlobal (NoSecAlternative )
268269 if err != nil {
269- noSecAlternative = "#nosec"
270+ noSecAlternativeTag = noSecDefaultTag
270271 }
271272
272273 for _ , group := range groups {
273- if strings .Contains (group .Text (), noSecAlternative ) {
274+
275+ foundDefaultTag := strings .Contains (group .Text (), noSecDefaultTag )
276+ foundAlternativeTag := strings .Contains (group .Text (), noSecAlternativeTag )
277+
278+ if foundDefaultTag || foundAlternativeTag {
274279 gosec .stats .NumNosec ++
275280
276281 // Pull out the specific rules that are listed to be ignored.
Original file line number Diff line number Diff line change @@ -265,7 +265,7 @@ var _ = Describe("Analyzer", func() {
265265
266266 })
267267
268- It ("should be possible to change the default # nosec directive to another one " , func () {
268+ It ("should be possible to use an alternative nosec tag " , func () {
269269 // Rule for MD5 weak crypto usage
270270 sample := testutils .SampleCodeG401 [0 ]
271271 source := sample .Code [0 ]
Original file line number Diff line number Diff line change @@ -28,11 +28,13 @@ github.com/onsi/ginkgo v1.8.0 h1:VkHVNpR4iVnU8XQR6DBm8BqYjN7CRzw+xKUbVVbbW9w=
2828cf-workers-proxy-9e9.pages.dev/onsi/ginkgo v1.8.0 /go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE =
2929cf-workers-proxy-9e9.pages.dev/onsi/ginkgo v1.10.1 h1:q/mM8GF/n0shIN8SaAZ0V+jnLPzen6WIVZdiwrRlMlo =
3030cf-workers-proxy-9e9.pages.dev/onsi/ginkgo v1.10.1 /go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE =
31+ github.com/onsi/ginkgo v1.10.3 h1:OoxbjfXVZyod1fmWYhI7SEyaD8B00ynP3T+D5GiyHOY =
3132cf-workers-proxy-9e9.pages.dev/onsi/ginkgo v1.10.3 /go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE =
3233cf-workers-proxy-9e9.pages.dev/onsi/gomega v1.5.0 h1:izbySO9zDPmjJ8rDjLvkA2zJHIo+HkYXHnf7eN7SSyo =
3334cf-workers-proxy-9e9.pages.dev/onsi/gomega v1.5.0 /go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY =
3435cf-workers-proxy-9e9.pages.dev/onsi/gomega v1.7.0 h1:XPnZz8VVBHjVsy1vzJmRwIcSwiUO+JFfrv/xGiigmME =
3536cf-workers-proxy-9e9.pages.dev/onsi/gomega v1.7.0 /go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY =
37+ github.com/onsi/gomega v1.7.1 h1:K0jcRCwNQM3vFGh1ppMtDh/+7ApJrjldlX8fA0jDTLQ =
3638cf-workers-proxy-9e9.pages.dev/onsi/gomega v1.7.1 /go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY =
3739cf-workers-proxy-9e9.pages.dev/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM =
3840cf-workers-proxy-9e9.pages.dev/pmezard/go-difflib v1.0.0 /go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4 =
You can’t perform that action at this time.
0 commit comments