Exclude correctly the vendor folder from the scanned packages

ccojocar · gcmurphy · commit e419eb8f4e1e · 2019-04-27T14:02:43.000-07:00
Signed-off-by: Cosmin Cojocar &lt;cosmin.cojocar@gmx.ch&gt;
diff --git a/cmd/gosec/main.go b/cmd/gosec/main.go
@@ -250,7 +250,10 @@ func main() {
 	analyzer := gosec.NewAnalyzer(config, logger)
 	analyzer.LoadRules(ruleDefinitions.Builders())
 
-	vendor := regexp.MustCompile(`[\\/]vendor([\\/]|$)`)
+	var vendor *regexp.Regexp
+	if !*flagScanVendor {
+		vendor = regexp.MustCompile(`([\\/])?vendor([\\/])?`)
+	}
 	var packages []string
 	for _, path := range flag.Args() {
 		pcks, err := gosec.PackagePaths(path, vendor)
