Cosmin Cojocar

@msvticket are you refereeing to build pods? Which kind of installation are you running classic or serverless?

Thanks. It think the app label is already there https://github.com/jenkins-x-buildpacks/jenkins-x-kubernetes/blob/4b98c965ddfc6f8a7fd1ffebf6d1757b6d9acc71/packs/maven/charts/templates/deployment.yaml#L14.

There is this basic rule which needs to be improved in order to catch the assignment to all the types mentioned above. https://github.com/securego/gosec/blob/master/rules/templates.go. Something like: ``` var myHtml template.HTML :=...

I think this would be a useful addition. Probably leveraging the opcode generated by the regexp parser will be best. https://golang.org/pkg/regexp/syntax/#Op. This might be also interested to have a look...

I agree that it could be useful to detect the panics especially for DoS. Any thoughts how we can do this reliably?

@gcmurphy Do you think can we detect the panics by just blacklisting the functions/methods which possibly panic inside? In addition, we need to check that there isn't any recovery clause.

It would make sense to converted to cobra, but I would create another issue for this work.

@mmorel-35 Can this issue be closed? Thanks

> This is more like an epic (scrum), rather than an issue. It might make more sense to have individual issues referencing this issue. Agree. Please just create issues which...

I believe using also the SSA representation in addition to AST, it would make such an analysis achievable. Some pointers: - https://golang-ssaview.herokuapp.com/ - https://github.com/golang/tools/blob/master/go/ssa/ssautil/load.go - https://blog.trailofbits.com/2020/05/22/emerging-talent-winternship-2020-highlights/ (See Go SSA based...