Skip to content

Commit

Permalink
Fix test that checks the overriden nosec directive
Browse files Browse the repository at this point in the history
Signed-off-by: Cosmin Cojocar <[email protected]>
  • Loading branch information
ccojocar committed Oct 18, 2023
1 parent af45442 commit d4a420c
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 4 deletions.
7 changes: 6 additions & 1 deletion analyzer.go
Original file line number Diff line number Diff line change
Expand Up @@ -537,7 +537,12 @@ func (gosec *Analyzer) ignore(n ast.Node) map[string]issue.SuppressionInfo {
if groups, ok := gosec.context.Comments[n]; ok && !gosec.ignoreNosec {

// Checks if an alternative for #nosec is set and, if not, uses the default.
noSecDefaultTag := NoSecTag(string(Nosec))
noSecDefaultTag, err := gosec.config.GetGlobal(Nosec)
if err != nil {
noSecDefaultTag = NoSecTag(string(Nosec))
} else {
noSecDefaultTag = NoSecTag(noSecDefaultTag)
}
noSecAlternativeTag, err := gosec.config.GetGlobal(NoSecAlternative)
if err != nil {
noSecAlternativeTag = noSecDefaultTag
Expand Down
6 changes: 3 additions & 3 deletions analyzer_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -306,21 +306,21 @@ var _ = Describe("Analyzer", func() {
Expect(nosecIssues).Should(HaveLen(sample.Errors))
})

XIt("should be possible to overwrite nosec comments, and report issues but the should not be counted", func() {
It("should be possible to overwrite nosec comments, and report issues but they should not be counted", func() {
// Rule for MD5 weak crypto usage
sample := testutils.SampleCodeG401[0]
source := sample.Code[0]

// overwrite nosec option
nosecIgnoreConfig := gosec.NewConfig()
nosecIgnoreConfig.SetGlobal(gosec.Nosec, "true")
nosecIgnoreConfig.SetGlobal(gosec.Nosec, "mynosec")
nosecIgnoreConfig.SetGlobal(gosec.ShowIgnored, "true")
customAnalyzer := gosec.NewAnalyzer(nosecIgnoreConfig, tests, false, false, 1, logger)
customAnalyzer.LoadRules(rules.Generate(false, rules.NewRuleFilter(false, "G401")).RulesInfo())

nosecPackage := testutils.NewTestPackage()
defer nosecPackage.Close()
nosecSource := strings.Replace(source, "h := md5.New()", "h := md5.New() //#nosec", 1)
nosecSource := strings.Replace(source, "h := md5.New()", "h := md5.New() // #mynosec", 1)
nosecPackage.AddFile("md5.go", nosecSource)
err := nosecPackage.Build()
Expect(err).ShouldNot(HaveOccurred())
Expand Down

0 comments on commit d4a420c

Please sign in to comment.