chore(go): introduce gosec linter #9658
Annotations
10 errors and 1 warning
|
Run make lint:
pkg/fluxinstall/product.go#L91
G306: Expect WriteFile permissions to be 0600 or less (gosec)
|
|
Run make lint:
pkg/fluxinstall/product.go#L188
G110: Potential DoS vulnerability via decompression bomb (gosec)
|
|
Run make lint:
pkg/fluxexec/cmd.go#L33
G204: Subprocess launched with a potential tainted input or cmd arguments (gosec)
|
|
Run make lint:
pkg/utils/common_test.go#L106
G306: Expect WriteFile permissions to be 0600 or less (gosec)
|
|
Run make lint:
pkg/utils/common_test.go#L118
G306: Expect WriteFile permissions to be 0600 or less (gosec)
|
|
Run make lint:
pkg/validate/validate.go#L315
G110: Potential DoS vulnerability via decompression bomb (gosec)
|
|
Run make lint:
pkg/validate/validate.go#L309
G115: integer overflow conversion int64 -> uint32 (gosec)
|
|
Run make lint:
pkg/server/auth/auth.go#L5
G501: Blocklisted import crypto/md5: weak cryptographic primitive (gosec)
|
|
Run make lint:
pkg/server/auth/auth.go#L109
G401: Use of weak cryptographic primitive (gosec)
|
|
Run make lint:
pkg/oidc/check/server.go#L74
G102: Binds to all network interfaces (gosec)
|
|
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Loading