v2.17.0 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Aug 14, 2023 License: Apache-2.0 Imports: 9 Imported by: 3




View Source
const SnippetOffset = 1

SnippetOffset defines the number of lines captured before the beginning and after the end of a code snippet


This section is empty.


func CodeSnippet

func CodeSnippet(file *os.File, start int64, end int64) (string, error)

CodeSnippet extracts a code snippet based on the ast reference

func GetCweByRule

func GetCweByRule(id string) *cwe.Weakness

GetCweByRule retrieves a cwe weakness for a given RuleID


type Issue

type Issue struct {
	Severity     Score             `json:"severity"`     // issue severity (how problematic it is)
	Confidence   Score             `json:"confidence"`   // issue confidence (how sure we are we found it)
	Cwe          *cwe.Weakness     `json:"cwe"`          // Cwe associated with RuleID
	RuleID       string            `json:"rule_id"`      // Human readable explanation
	What         string            `json:"details"`      // Human readable explanation
	File         string            `json:"file"`         // File name we found it in
	Code         string            `json:"code"`         // Impacted code line
	Line         string            `json:"line"`         // Line number in file
	Col          string            `json:"column"`       // Column number in line
	NoSec        bool              `json:"nosec"`        // true if the issue is nosec
	Suppressions []SuppressionInfo `json:"suppressions"` // Suppression info of the issue

Issue is returned by a gosec rule if it discovers an issue with the scanned code.

func New

func New(fobj *token.File, node ast.Node, ruleID, desc string, severity, confidence Score) *Issue

New creates a new Issue

func (*Issue) FileLocation

func (i *Issue) FileLocation() string

FileLocation point out the file path and line number in file

func (*Issue) WithSuppressions

func (i *Issue) WithSuppressions(suppressions []SuppressionInfo) *Issue

WithSuppressions set the suppressions of the issue

type MetaData

type MetaData struct {
	ID         string
	Severity   Score
	Confidence Score
	What       string

MetaData is embedded in all gosec rules. The Severity, Confidence and What message will be passed through to reported issues.

type Score

type Score int

Score type used by severity and confidence values

const (
	// Low severity or confidence
	Low Score = iota
	// Medium severity or confidence
	// High severity or confidence

func (Score) MarshalJSON

func (c Score) MarshalJSON() ([]byte, error)

MarshalJSON is used convert a Score object into a JSON representation

func (Score) String

func (c Score) String() string

String converts a Score into a string

type SuppressionInfo

type SuppressionInfo struct {
	Kind          string `json:"kind"`
	Justification string `json:"justification"`

SuppressionInfo object is to record the kind and the justification that used to suppress violations.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL