Skip to content

Commit b49c953

Browse files
ccojocarCosmin Cojocar
authored andcommitted
Add a flag which allows to scan also the tests files
Signed-off-by: Cosmin Cojocar <[email protected]>
1 parent f1d49a6 commit b49c953

File tree

4 files changed

+22
-8
lines changed

4 files changed

+22
-8
lines changed

analyzer.go

Lines changed: 13 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -66,10 +66,11 @@ type Analyzer struct {
6666
issues []*Issue
6767
stats *Metrics
6868
errors map[string][]Error // keys are file paths; values are the golang errors in those files
69+
tests bool
6970
}
7071

7172
// NewAnalyzer builds a new analyzer.
72-
func NewAnalyzer(conf Config, logger *log.Logger) *Analyzer {
73+
func NewAnalyzer(conf Config, tests bool, logger *log.Logger) *Analyzer {
7374
ignoreNoSec := false
7475
if enabled, err := conf.IsGlobalEnabled(Nosec); err == nil {
7576
ignoreNoSec = enabled
@@ -86,6 +87,7 @@ func NewAnalyzer(conf Config, logger *log.Logger) *Analyzer {
8687
issues: make([]*Issue, 0, 16),
8788
stats: &Metrics{},
8889
errors: make(map[string][]Error),
90+
tests: tests,
8991
}
9092
}
9193

@@ -123,7 +125,7 @@ func (gosec *Analyzer) pkgConfig(buildTags []string) *packages.Config {
123125
return &packages.Config{
124126
Mode: packages.LoadSyntax,
125127
BuildFlags: []string{tagsFlag},
126-
Tests: true,
128+
Tests: gosec.tests,
127129
}
128130
}
129131

@@ -145,6 +147,15 @@ func (gosec *Analyzer) load(pkgPath string, conf *packages.Config) ([]*packages.
145147
packageFiles = append(packageFiles, path.Join(pkgPath, filename))
146148
}
147149

150+
if gosec.tests {
151+
testsFiles := []string{}
152+
testsFiles = append(testsFiles, basePackage.TestGoFiles...)
153+
testsFiles = append(testsFiles, basePackage.XTestGoFiles...)
154+
for _, filename := range testsFiles {
155+
packageFiles = append(packageFiles, path.Join(pkgPath, filename))
156+
}
157+
}
158+
148159
pkgs, err := packages.Load(conf, packageFiles...)
149160
if err != nil {
150161
return []*packages.Package{}, err

analyzer_test.go

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,10 +20,11 @@ var _ = Describe("Analyzer", func() {
2020
analyzer *gosec.Analyzer
2121
logger *log.Logger
2222
buildTags []string
23+
tests bool
2324
)
2425
BeforeEach(func() {
2526
logger, _ = testutils.NewLogger()
26-
analyzer = gosec.NewAnalyzer(nil, logger)
27+
analyzer = gosec.NewAnalyzer(nil, tests, logger)
2728
})
2829

2930
Context("when processing a package", func() {
@@ -226,7 +227,7 @@ var _ = Describe("Analyzer", func() {
226227
// overwrite nosec option
227228
nosecIgnoreConfig := gosec.NewConfig()
228229
nosecIgnoreConfig.SetGlobal(gosec.Nosec, "true")
229-
customAnalyzer := gosec.NewAnalyzer(nosecIgnoreConfig, logger)
230+
customAnalyzer := gosec.NewAnalyzer(nosecIgnoreConfig, tests, logger)
230231
customAnalyzer.LoadRules(rules.Generate(rules.NewRuleFilter(false, "G401")).Builders())
231232

232233
nosecPackage := testutils.NewTestPackage()

cmd/gosec/main.go

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -98,12 +98,14 @@ var (
9898
// do not fail
9999
flagNoFail = flag.Bool("no-fail", false, "Do not fail the scanning, even if issues were found")
100100

101+
// scan tests files
102+
flagScanTests = flag.Bool("tests", false, "Scan tests files")
103+
101104
logger *log.Logger
102105
)
103106

104107
// #nosec
105108
func usage() {
106-
107109
usageText := fmt.Sprintf(usageText, Version, GitTag, BuildDate)
108110
fmt.Fprintln(os.Stderr, usageText)
109111
fmt.Fprint(os.Stderr, "OPTIONS:\n\n")
@@ -198,7 +200,6 @@ func convertToScore(severity string) (gosec.Score, error) {
198200
}
199201

200202
func main() {
201-
202203
// Setup usage description
203204
flag.Usage = usage
204205

@@ -247,7 +248,7 @@ func main() {
247248
}
248249

249250
// Create the analyzer
250-
analyzer := gosec.NewAnalyzer(config, logger)
251+
analyzer := gosec.NewAnalyzer(config, *flagScanTests, logger)
251252
analyzer.LoadRules(ruleDefinitions.Builders())
252253

253254
var vendor *regexp.Regexp

rules/rules_test.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,12 +25,13 @@ var _ = Describe("gosec rules", func() {
2525
analyzer *gosec.Analyzer
2626
runner func(string, []testutils.CodeSample, ...option)
2727
buildTags []string
28+
tests bool
2829
)
2930

3031
BeforeEach(func() {
3132
logger, _ = testutils.NewLogger()
3233
config = gosec.NewConfig()
33-
analyzer = gosec.NewAnalyzer(config, logger)
34+
analyzer = gosec.NewAnalyzer(config, tests, logger)
3435
runner = func(rule string, samples []testutils.CodeSample, options ...option) {
3536
for _, o := range options {
3637
config.SetGlobal(o.name, o.value)

0 commit comments

Comments
 (0)