Handle properly the gosec module version v2

Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
knightyzl · Apr 6, 2020 · c6e10af · c6e10af
1 parent e946c8c
commit c6e10af
Show file tree

Hide file tree

Showing 45 changed files with 69 additions and 163 deletions.
diff --git a/analyzer_test.go b/analyzer_test.go
@@ -7,13 +7,13 @@ import (
 	"os"
 	"strings"
 
-	"github.com/securego/gosec"
-	"github.com/securego/gosec/rules"
+	"github.com/securego/gosec/v2"
+	"github.com/securego/gosec/v2/rules"
 	"golang.org/x/tools/go/packages"
 
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
-	"github.com/securego/gosec/testutils"
+	"github.com/securego/gosec/v2/testutils"
 )
 
 var _ = Describe("Analyzer", func() {

diff --git a/call_list_test.go b/call_list_test.go
@@ -5,8 +5,8 @@ import (
 
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
-	"github.com/securego/gosec"
-	"github.com/securego/gosec/testutils"
+	"github.com/securego/gosec/v2"
+	"github.com/securego/gosec/v2/testutils"
 )
 
 var _ = Describe("Call List", func() {

diff --git a/cmd/gosec/main.go b/cmd/gosec/main.go
@@ -23,9 +23,9 @@ import (
 	"sort"
 	"strings"
 
-	"github.com/securego/gosec"
-	"github.com/securego/gosec/output"
-	"github.com/securego/gosec/rules"
+	"github.com/securego/gosec/v2"
+	"github.com/securego/gosec/v2/output"
+	"github.com/securego/gosec/v2/rules"
 )
 
 const (

diff --git a/cmd/gosec/sort_issues.go b/cmd/gosec/sort_issues.go
@@ -3,7 +3,7 @@ package main
 import (
 	"sort"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type sortBySeverity []*gosec.Issue

diff --git a/cmd/tlsconfig/header_template.go b/cmd/tlsconfig/header_template.go
@@ -8,6 +8,6 @@ package {{.}}
 import (
 	"go/ast"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 `))
diff --git a/config_test.go b/config_test.go
@@ -6,7 +6,7 @@ import (
 
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 var _ = Describe("Configuration", func() {

diff --git a/go.mod b/go.mod
@@ -1,17 +1,15 @@
-module github.com/securego/gosec
+module github.com/securego/gosec/v2
 
 require (
+	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/golang/protobuf v1.3.2 // indirect
 	github.com/kr/pretty v0.1.0 // indirect
-	github.com/kr/pty v1.1.8 // indirect
-	github.com/lib/pq v1.2.0 // indirect
+	github.com/lib/pq v1.3.0 // indirect
 	github.com/mozilla/tls-observatory v0.0.0-20200317151703-4fa42e1c2dee
 	github.com/nbutton23/zxcvbn-go v0.0.0-20180912185939-ae427f1e4c1d
 	github.com/onsi/ginkgo v1.12.0
 	github.com/onsi/gomega v1.9.0
-	github.com/stretchr/objx v0.2.0 // indirect
 	github.com/stretchr/testify v1.4.0 // indirect
-	golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f // indirect
 	golang.org/x/text v0.3.2 // indirect
 	golang.org/x/tools v0.0.0-20200331202046-9d5940d49312
 	gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect

diff --git a/go.sum b/go.sum
diff --git a/helpers_test.go b/helpers_test.go
@@ -9,8 +9,8 @@ import (
 
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
-	"github.com/securego/gosec"
-	"github.com/securego/gosec/testutils"
+	"github.com/securego/gosec/v2"
+	"github.com/securego/gosec/v2/testutils"
 )
 
 var _ = Describe("Helpers", func() {

diff --git a/import_tracker_test.go b/import_tracker_test.go
@@ -1,8 +1,8 @@
 package gosec_test
 
 import (
-	"github.com/securego/gosec"
-	"github.com/securego/gosec/testutils"
+	"github.com/securego/gosec/v2"
+	"github.com/securego/gosec/v2/testutils"
 
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"

diff --git a/issue_test.go b/issue_test.go
@@ -5,9 +5,9 @@ import (
 
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
-	"github.com/securego/gosec"
-	"github.com/securego/gosec/rules"
-	"github.com/securego/gosec/testutils"
+	"github.com/securego/gosec/v2"
+	"github.com/securego/gosec/v2/rules"
+	"github.com/securego/gosec/v2/testutils"
 )
 
 var _ = Describe("Issue", func() {

diff --git a/output/formatter.go b/output/formatter.go
@@ -25,7 +25,7 @@ import (
 	"strings"
 	plainTemplate "text/template"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 	"gopkg.in/yaml.v2"
 )
 

diff --git a/output/formatter_test.go b/output/formatter_test.go
@@ -8,7 +8,7 @@ import (
 
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 	"gopkg.in/yaml.v2"
 )
 

diff --git a/output/junit_xml_format.go b/output/junit_xml_format.go
@@ -5,7 +5,7 @@ import (
 	htmlLib "html"
 	"strconv"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type junitXMLReport struct {
@@ -43,11 +43,10 @@ func generatePlaintext(issue *gosec.Issue) string {
 func groupDataByRules(data *reportInfo) map[string][]*gosec.Issue {
 	groupedData := make(map[string][]*gosec.Issue)
 	for _, issue := range data.Issues {
-		if _, ok := groupedData[issue.What]; ok {
-			groupedData[issue.What] = append(groupedData[issue.What], issue)
-		} else {
-			groupedData[issue.What] = []*gosec.Issue{issue}
+		if _, ok := groupedData[issue.What]; !ok {
+			groupedData[issue.What] = []*gosec.Issue{}
 		}
+		groupedData[issue.What] = append(groupedData[issue.What], issue)
 	}
 	return groupedData
 }

diff --git a/output/sonarqube_format.go b/output/sonarqube_format.go
@@ -1,6 +1,6 @@
 package output
 
-import "github.com/securego/gosec"
+import "github.com/securego/gosec/v2"
 
 type textRange struct {
 	StartLine   int `json:"startLine"`

diff --git a/resolve_test.go b/resolve_test.go
@@ -5,8 +5,8 @@ import (
 
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
-	"github.com/securego/gosec"
-	"github.com/securego/gosec/testutils"
+	"github.com/securego/gosec/v2"
+	"github.com/securego/gosec/v2/testutils"
 )
 
 var _ = Describe("Resolve ast node to concrete value", func() {

diff --git a/rule_test.go b/rule_test.go
@@ -6,7 +6,7 @@ import (
 
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type mockrule struct {

diff --git a/rules/archive.go b/rules/archive.go
@@ -4,7 +4,7 @@ import (
 	"go/ast"
 	"go/types"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type archive struct {

diff --git a/rules/bad_defer.go b/rules/bad_defer.go
@@ -5,7 +5,7 @@ import (
 	"go/ast"
 	"strings"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type deferType struct {

diff --git a/rules/bind.go b/rules/bind.go
@@ -18,7 +18,7 @@ import (
 	"go/ast"
 	"regexp"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 // Looks for net.Listen("0.0.0.0") or net.Listen(":8080")

diff --git a/rules/blacklist.go b/rules/blacklist.go
@@ -18,7 +18,7 @@ import (
 	"go/ast"
 	"strings"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type blacklistedImport struct {

diff --git a/rules/decompression-bomb.go b/rules/decompression-bomb.go
@@ -18,7 +18,7 @@ import (
 	"fmt"
 	"go/ast"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type decompressionBombCheck struct {

diff --git a/rules/errors.go b/rules/errors.go
@@ -18,7 +18,7 @@ import (
 	"go/ast"
 	"go/types"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type noErrorCheck struct {

diff --git a/rules/fileperms.go b/rules/fileperms.go
@@ -19,7 +19,7 @@ import (
 	"go/ast"
 	"strconv"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type filePermissions struct {

diff --git a/rules/hardcoded_credentials.go b/rules/hardcoded_credentials.go
@@ -20,7 +20,7 @@ import (
 	"strconv"
 
 	zxcvbn "github.com/nbutton23/zxcvbn-go"
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type credentials struct {

diff --git a/rules/integer_overflow.go b/rules/integer_overflow.go
@@ -18,7 +18,7 @@ import (
 	"fmt"
 	"go/ast"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type integerOverflowCheck struct {

diff --git a/rules/pprof.go b/rules/pprof.go
@@ -3,7 +3,7 @@ package rules
 import (
 	"go/ast"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type pprofCheck struct {

diff --git a/rules/rand.go b/rules/rand.go
@@ -17,7 +17,7 @@ package rules
 import (
 	"go/ast"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type weakRand struct {

diff --git a/rules/readfile.go b/rules/readfile.go
@@ -18,7 +18,7 @@ import (
 	"go/ast"
 	"go/types"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type readfile struct {

diff --git a/rules/rsa.go b/rules/rsa.go
@@ -18,7 +18,7 @@ import (
 	"fmt"
 	"go/ast"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type weakKeyStrength struct {

diff --git a/rules/rulelist.go b/rules/rulelist.go
@@ -14,7 +14,7 @@
 
 package rules
 
-import "github.com/securego/gosec"
+import "github.com/securego/gosec/v2"
 
 // RuleDefinition contains the description of a rule and a mechanism to
 // create it.

diff --git a/rules/rules_test.go b/rules/rules_test.go
@@ -7,9 +7,9 @@ import (
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
 
-	"github.com/securego/gosec"
-	"github.com/securego/gosec/rules"
-	"github.com/securego/gosec/testutils"
+	"github.com/securego/gosec/v2"
+	"github.com/securego/gosec/v2/rules"
+	"github.com/securego/gosec/v2/testutils"
 )
 
 var _ = Describe("gosec rules", func() {

diff --git a/rules/sql.go b/rules/sql.go
@@ -18,7 +18,7 @@ import (
 	"go/ast"
 	"regexp"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type sqlStatement struct {

diff --git a/rules/ssh.go b/rules/ssh.go
@@ -3,7 +3,7 @@ package rules
 import (
 	"go/ast"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type sshHostKey struct {

diff --git a/rules/ssrf.go b/rules/ssrf.go
@@ -4,7 +4,7 @@ import (
 	"go/ast"
 	"go/types"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type ssrf struct {

diff --git a/rules/subproc.go b/rules/subproc.go
@@ -18,7 +18,7 @@ import (
 	"go/ast"
 	"go/types"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type subprocess struct {

diff --git a/rules/tempfiles.go b/rules/tempfiles.go
@@ -18,7 +18,7 @@ import (
 	"go/ast"
 	"regexp"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type badTempFile struct {

diff --git a/rules/templates.go b/rules/templates.go
@@ -17,7 +17,7 @@ package rules
 import (
 	"go/ast"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type templateCheck struct {

diff --git a/rules/tls.go b/rules/tls.go
@@ -20,7 +20,7 @@ import (
 	"fmt"
 	"go/ast"
 
-	"github.com/securego/gosec"
+	"github.com/securego/gosec/v2"
 )
 
 type insecureConfigTLS struct {