gosec icon indicating copy to clipboard operation
gosec copied to clipboard
verified publisher icon securego

Generic blocklist rule

Open ccojocar opened this issue 6 years ago • 0 comments

Summary

Some imports are currently blocked-listed by hard-coding them in various blockedlist rules. https://github.com/securego/gosec/blob/36a82ea85e59163446547798563e24ee8d5a27c7/rules/blacklist.go#L50

https://github.com/securego/gosec/blob/36a82ea85e59163446547798563e24ee8d5a27c7/rules/rulelist.go#L90

I think that it would be nice to define a generic blocklist rule which is able to parse the blocklisted import paths from the rule config.

Steps to reproduce the behavior

gosec version

Go version (output of 'go version')

Operating system / Environment

Expected behavior

Actual behavior

ccojocar avatar Jun 25 '19 07:06 ccojocar