From 31178e5eac66bc90bcce798449bbc08f4584c6ec Mon Sep 17 00:00:00 2001 From: Dan Molik Date: Sat, 27 Aug 2022 08:10:33 -0400 Subject: [PATCH] add GoSec and Golangci-lint --- .github/workflows/gosec.yaml | 25 +++++++++++++++++++++++++ .github/workflows/lint.yaml | 21 +++++++++++++++++++++ mapstructure.go | 5 +++-- 3 files changed, 49 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/gosec.yaml create mode 100644 .github/workflows/lint.yaml diff --git a/.github/workflows/gosec.yaml b/.github/workflows/gosec.yaml new file mode 100644 index 00000000..3545c82a --- /dev/null +++ b/.github/workflows/gosec.yaml @@ -0,0 +1,25 @@ +on: [push, pull_request] +name: GoSec +jobs: + gosec: + strategy: + matrix: + go-version: [1.18.x] + os: [ubuntu-latest] + runs-on: ${{ matrix.os }} + steps: + - name: Install Go + uses: actions/setup-go@v3 + with: + go-version: ${{ matrix.go-version }} + - name: Checkout code + uses: actions/checkout@v3 + - name: Security Scan + uses: securego/gosec@master + with: + args: '-fmt sarif -out results.sarif ./...' + - name: Upload SARIF file + uses: github/codeql-action/upload-sarif@v2 + with: + # Path to SARIF file relative to the root of the repository + sarif_file: results.sarif diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml new file mode 100644 index 00000000..d2068340 --- /dev/null +++ b/.github/workflows/lint.yaml @@ -0,0 +1,21 @@ +on: [push, pull_request] +name: Lint +jobs: + lint: + strategy: + matrix: + go-version: [1.18.x] + os: [ubuntu-latest] + runs-on: ${{ matrix.os }} + steps: + - name: Install Go + uses: actions/setup-go@v3 + with: + go-version: ${{ matrix.go-version }} + - name: Checkout code + uses: actions/checkout@v3 + - name: golangci-lint + uses: golangci/golangci-lint-action@v3 + with: + version: v1.49 + args: --tests=false diff --git a/mapstructure.go b/mapstructure.go index 7581806a..c0df10f7 100644 --- a/mapstructure.go +++ b/mapstructure.go @@ -590,6 +590,7 @@ func (d *Decoder) decodeString(name string, data interface{}, val reflect.Value) case reflect.Uint8: var uints []uint8 if dataKind == reflect.Array { + // nolint:gosimple uints = make([]uint8, dataVal.Len(), dataVal.Len()) for i := range uints { uints[i] = dataVal.Index(i).Interface().(uint8) @@ -939,12 +940,12 @@ func (d *Decoder) decodeMapFromStruct(name string, dataVal reflect.Value, val re if tagValue[:index] == "-" { continue } - // If "omitempty" is specified in the tag, it ignores empty values. + // nolint:gosimple // If "omitempty" is specified in the tag, it ignores empty values. if strings.Index(tagValue[index+1:], "omitempty") != -1 && isEmptyValue(v) { continue } - // If "squash" is specified in the tag, we squash the field down. + // nolint:gosimple // If "squash" is specified in the tag, we squash the field down. squash = squash || strings.Index(tagValue[index+1:], "squash") != -1 if squash { // When squashing, the embedded type can be a pointer to a struct.