CI: Implement securego/gosec (+ log name fix)
This commit is contained in:
GitHub
revize
32ce00d1a3
|
|
@ -1,25 +1,26 @@
|
|||
name: Go
|
||||
name: Vibe Check
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ master ]
|
||||
branches: [ master, development ]
|
||||
pull_request:
|
||||
branches: [ master ]
|
||||
|
||||
jobs:
|
||||
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@v2
|
||||
with:
|
||||
go-version: 1.18
|
||||
|
||||
- name: Build
|
||||
run: go build -v ./...
|
||||
|
||||
- name: Vet
|
||||
- name: go vet -v ./...
|
||||
run: go vet -v ./...
|
||||
- name: gosec ./...
|
||||
run: | # https://github.com/securego/gosec/issues/469
|
||||
export PATH=$PATH:$(go env GOPATH)/bin
|
||||
go install github.com/securego/gosec/v2/cmd/gosec@latest
|
||||
gosec ./...
|
||||
- name: go build -v ./...
|
||||
run: go build -v ./...
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ func main() {
|
|||
signal.Notify(stopChan, syscall.SIGINT, syscall.SIGTERM)
|
||||
|
||||
go func() {
|
||||
log.Error().Err(http.Serve()).Msg("HTTP err")
|
||||
log.Error().Err(http.Serve()).Msg("HTTP error")
|
||||
}()
|
||||
|
||||
<-stopChan // wait for SIGINT
|
||||
|
|
|
|||
|
|
@ -54,7 +54,7 @@ func writeConfig() {
|
|||
}
|
||||
|
||||
if _, err := os.Stat(prefConfigLocation); os.IsNotExist(err) {
|
||||
if err = os.MkdirAll(prefConfigLocation, 0o755); err != nil {
|
||||
if err = os.MkdirAll(prefConfigLocation, 0o750); err != nil {
|
||||
println("error writing new config: " + err.Error())
|
||||
os.Exit(1)
|
||||
}
|
||||
|
|
@ -111,6 +111,7 @@ func getConfigPaths() (paths []string) {
|
|||
}
|
||||
|
||||
func loadCustomConfig(path string) {
|
||||
/* #nosec */
|
||||
if f, err = os.Open(path); err != nil {
|
||||
println("Error opening specified config file: " + path)
|
||||
println(err.Error())
|
||||
|
|
|
|||
|
|
@ -32,12 +32,13 @@ func StartLogger() zerolog.Logger {
|
|||
|
||||
if snek.GetBool("logger.use_date_filename") {
|
||||
tn := strings.ReplaceAll(time.Now().Format(time.RFC822), " ", "_")
|
||||
tn = strings.ReplaceAll(logFileName, ":", "-")
|
||||
tn = strings.ReplaceAll(tn, ":", "-")
|
||||
logFileName = logFileName + "_" + tn
|
||||
}
|
||||
|
||||
CurrentLogFile = logDir + logFileName + ".log"
|
||||
|
||||
/* #nosec */
|
||||
if logFile, err = os.OpenFile(CurrentLogFile, os.O_RDWR|os.O_CREATE|os.O_APPEND, 0o666); err != nil {
|
||||
println("cannot create log file: " + err.Error())
|
||||
os.Exit(1)
|
||||
|
|
|
|||
|
|
@ -21,7 +21,6 @@ func bannerFail(errs ...error) {
|
|||
func Banner() {
|
||||
if runtime.GOOS == "windows" || config.NoColor {
|
||||
println(config.Title + " " + config.Version)
|
||||
println(" ")
|
||||
return
|
||||
}
|
||||
PrintBanner()
|
||||
|
|
|
|||
|
|
@ -95,6 +95,8 @@ func (mm MarkovMap) Get(w1, w2 string) string {
|
|||
return ""
|
||||
}
|
||||
|
||||
// We don't care about cryptographically sound entropy here, ignore gosec G404.
|
||||
/* #nosec */
|
||||
r := rand.Intn(len(suffix))
|
||||
return suffix[r]
|
||||
}
|
||||
|
|
|
|||
Načítá se…
Odkázat v novém úkolu