kubevirt / containerized-data-importer / #4693
49%

DEFAULT BRANCH: main
Ran
Jobs 1
Files 153
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 58.427% (-0.05%) from 58.481%
#4693

push

travis-ci

web-flow 
Enable Gosec linter (#3283)

* Move gosec into golangci-lint

Remove gosec target and scripts and use the golangci-lint linter
This ensures we stay up-to-date (so long as golangci-lint is up to date
too).

Signed-off-by: Edu Gómez Escandell <egomez@redhat.com>

* G601: Disable for-loop variable aliassing warning (not relevant fro Go>=1.22)

Signed-off-by: Edu Gómez Escandell <egomez@redhat.com>

* G101: Ignore warning about plain-text credentials

They are false positives

Signed-off-by: Edu Gómez Escandell <egomez@redhat.com>

* G102: Don't listen to all interfaces

Signed-off-by: Edu Gómez Escandell <egomez@redhat.com>

* G107: Ignore potentially tainted GET requests

They are all in test code

Signed-off-by: Edu Gómez Escandell <egomez@redhat.com>

* G109: Avoid integer overflows after parsing strings

Signed-off-by: Edu Gómez Escandell <egomez@redhat.com>

* G110: Potential DoS vulnerability via decompression bomb

Signed-off-by: Edu Gómez Escandell <egomez@redhat.com>

* G112: Potential Slowloris Attack because ReadHeaderTimeout is not configured

Signed-off-by: Edu Gómez Escandell <egomez@redhat.com>

* G114: Use of net/http serve function that has no support for setting timeouts

Signed-off-by: Edu Gómez Escandell <egomez@redhat.com>

* G204: Subprocess launched with a potential tainted input or cmd arguments

Signed-off-by: Edu Gómez Escandell <egomez@redhat.com>

* G305: File traversal when extracting zip/tar archive

Signed-off-by: Edu Gómez Escandell <egomez@redhat.com>

* G306: Expect WriteFile permissions to be 0600 or less

Signed-off-by: Edu Gómez Escandell <egomez@redhat.com>

* Bugfix: Misuse of file descriptor flags in file permission bits

os.WriteFile always uses O_WRONLY|O_CREATE|O_TRUNC, the third argument
is for the file's permission bits. This code is misleading, it will
truncate the file and not append to it. For that you'd need
os.Openfile(path, os.O_APPEND, 0600)

I also simplified the unnecessary []byte conversion.

Signed-... (continued)

20 of 55 new or added lines in 12 files covered. (36.36%)

9 existing lines in 2 files now uncovered.

16012 of 27405 relevant lines covered (58.43%)

0.65 hits per line

Jobs
ID Job ID Ran Files Coverage
1 #4693.1 0
58.43
Source Files on build #4693
Detailed source file information is not available for this build.