github/prysm
1
1
Fork 0
mirror of https://github.com/OffchainLabs/prysm.git synced 2026-01-08 23:18:15 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add Gosec Github Action (#9332)

Browse Source 
* add gosec security scan

* add gosec ignores first batch

* more nosec for exec

* add filepath clean

* more nosec

* file inclusion nosec

* build

* herumi

Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com>
This commit is contained in:
Raul Jordan
2021-08-15 10:24:13 -05:00
committed by GitHub
parent 1936f991eb
commit 8122da6c97
37 changed files with 86 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
tools/analyzers/cryptorand/testdata/custom_import.go vendored
View File

@@ -8,19 +8,25 @@ import (
// UseRandNewCustomImport --
func UseRandNewCustomImport() {
// #nosec G404
source := mathRand.NewSource(time.Now().UnixNano()) // want "crypto-secure RNGs are required, use CSPRNG or PRNG defined in github.com/prysmaticlabs/prysm/shared/rand"
randGenerator := mathRand.New(source) // want "crypto-secure RNGs are required, use CSPRNG or PRNG defined in github.com/prysmaticlabs/prysm/shared/rand"
// #nosec G404
randGenerator := mathRand.New(source) // want "crypto-secure RNGs are required, use CSPRNG or PRNG defined in github.com/prysmaticlabs/prysm/shared/rand"
start := uint64(randGenerator.Intn(32))
_ = start
// #nosec G404
source = mathRand.NewSource(time.Now().UnixNano()) // want "crypto-secure RNGs are required, use CSPRNG or PRNG defined in github.com/prysmaticlabs/prysm/shared/rand"
randGenerator = mathRand.New(source) // want "crypto-secure RNGs are required, use CSPRNG or PRNG defined in github.com/prysmaticlabs/prysm/shared/rand"
// #nosec G404
randGenerator = mathRand.New(source) // want "crypto-secure RNGs are required, use CSPRNG or PRNG defined in github.com/prysmaticlabs/prysm/shared/rand"
}
// UseWithoutSeeCustomImport --
func UseWithoutSeeCustomImport() {
// #nosec G404
assignedIndex := mathRand.Intn(128) // want "crypto-secure RNGs are required, use CSPRNG or PRNG defined in github.com/prysmaticlabs/prysm/shared/rand"
_ = assignedIndex
// #nosec G404
foobar.Shuffle(10, func(i, j int) { // want "crypto-secure RNGs are required, use CSPRNG or PRNG defined in github.com/prysmaticlabs/prysm/shared/rand"
})

9
tools/analyzers/cryptorand/testdata/rand_new.go vendored
View File

@@ -8,17 +8,22 @@ import (
// UseRandNew --
func UseRandNew() {
// #nosec G404
source := rand.NewSource(time.Now().UnixNano()) // want "crypto-secure RNGs are required, use CSPRNG or PRNG defined in github.com/prysmaticlabs/prysm/shared/rand"
randGenerator := mathRand.New(source) // want "crypto-secure RNGs are required, use CSPRNG or PRNG defined in github.com/prysmaticlabs/prysm/shared/rand"
// #nosec G404
randGenerator := mathRand.New(source) // want "crypto-secure RNGs are required, use CSPRNG or PRNG defined in github.com/prysmaticlabs/prysm/shared/rand"
start := uint64(randGenerator.Intn(32))
_ = start
// #nosec G404
source = rand.NewSource(time.Now().UnixNano()) // want "crypto-secure RNGs are required, use CSPRNG or PRNG defined in github.com/prysmaticlabs/prysm/shared/rand"
randGenerator = rand.New(source) // want "crypto-secure RNGs are required, use CSPRNG or PRNG defined in github.com/prysmaticlabs/prysm/shared/rand"
// #nosec G404
randGenerator = rand.New(source) // want "crypto-secure RNGs are required, use CSPRNG or PRNG defined in github.com/prysmaticlabs/prysm/shared/rand"
}
// UseWithoutSeed --
func UseWithoutSeed() {
// #nosec G404
assignedIndex := rand.Intn(128) // want "crypto-secure RNGs are required, use CSPRNG or PRNG defined in github.com/prysmaticlabs/prysm/shared/rand"
_ = assignedIndex
}