Skip to content
PR CI Workflow

chore(go): introduce gosec linter #9658

Sign in to view logs

chore(go): introduce gosec linter

chore(go): introduce gosec linter #9658

Triggered via pull request January 12, 2025 19:32
@erikgberikgb
synchronize #4501
erikgb:gosec-linter
Status Failure
Total duration 3m 54s
Artifacts 2

pr.yaml

on: pull_request
CI Test JS
3m 28s
CI Test JS
CI Test Go
2m 6s
CI Test Go
CI Check Static Checks
3m 44s
CI Check Static Checks
release
0s
release
Matrix: CI Build Image
Publish js library
0s
Publish js library
Matrix: Upload Binary - Disabled
Fit to window
Zoom out
Zoom in

Annotations

10 errors and 5 warnings
CI Check Static Checks: pkg/fluxinstall/product.go#L91
G306: Expect WriteFile permissions to be 0600 or less (gosec)
CI Check Static Checks: pkg/fluxinstall/product.go#L188
G110: Potential DoS vulnerability via decompression bomb (gosec)
CI Check Static Checks: pkg/fluxexec/cmd.go#L33
G204: Subprocess launched with a potential tainted input or cmd arguments (gosec)
CI Check Static Checks: pkg/utils/common_test.go#L106
G306: Expect WriteFile permissions to be 0600 or less (gosec)
CI Check Static Checks: pkg/utils/common_test.go#L118
G306: Expect WriteFile permissions to be 0600 or less (gosec)
CI Check Static Checks: pkg/validate/validate.go#L315
G110: Potential DoS vulnerability via decompression bomb (gosec)
CI Check Static Checks: pkg/validate/validate.go#L309
G115: integer overflow conversion int64 -> uint32 (gosec)
CI Check Static Checks: pkg/server/auth/auth.go#L5
G501: Blocklisted import crypto/md5: weak cryptographic primitive (gosec)
CI Check Static Checks: pkg/server/auth/auth.go#L109
G401: Use of weak cryptographic primitive (gosec)
CI Check Static Checks: pkg/oidc/check/server.go#L74
G102: Binds to all network interfaces (gosec)
CI Test Go
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
CI Build Image (gitops) / build-push-image
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
CI Build Image (gitops-server) / build-push-image
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
CI Test JS
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
CI Check Static Checks
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Artifacts

Produced during runtime
Name Size
weaveworks~weave-gitops~TE2YUI.dockerbuild
56.3 KB
weaveworks~weave-gitops~ZQ6C0G.dockerbuild
67.9 KB