From 1ac6e8066f9db6db1be319e8cf0441c0640be702 Mon Sep 17 00:00:00 2001 From: Fernandez Ludovic Date: Fri, 8 Mar 2024 19:58:07 +0100 Subject: [PATCH] feat: use gosec severities --- pkg/golinters/gosec.go | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/pkg/golinters/gosec.go b/pkg/golinters/gosec.go index 235f0e91419d..0c09c5967262 100644 --- a/pkg/golinters/gosec.go +++ b/pkg/golinters/gosec.go @@ -97,7 +97,7 @@ func runGoSec(lintCtx *linter.Context, pass *analysis.Pass, settings *config.GoS issues := make([]goanalysis.Issue, 0, len(secIssues)) for _, i := range secIssues { - text := fmt.Sprintf("%s: %s", i.RuleID, i.What) // TODO: use severity and confidence + text := fmt.Sprintf("%s: %s", i.RuleID, i.What) var r *result.Range @@ -118,6 +118,7 @@ func runGoSec(lintCtx *linter.Context, pass *analysis.Pass, settings *config.GoS } issues = append(issues, goanalysis.NewIssue(&result.Issue{ + Severity: convertScoreToString(i.Severity), Pos: token.Position{ Filename: i.File, Line: line, @@ -149,6 +150,19 @@ func toGosecConfig(settings *config.GoSecSettings) gosec.Config { return conf } +func convertScoreToString(score issue.Score) string { + switch score { + case issue.Low: + return "low" + case issue.Medium: + return "medium" + case issue.High: + return "high" + default: + return "" + } +} + // based on https://github.com/securego/gosec/blob/47bfd4eb6fc7395940933388550b547538b4c946/config.go#L52-L62 func convertGosecGlobals(globalOptionFromConfig any, conf gosec.Config) { globalOptionMap, ok := globalOptionFromConfig.(map[string]any)