gosec: allow global config (#2880)

golangci · Jun 6, 2022 · c531fc2 · c531fc2
1 parent 8d2eb67
commit c531fc2
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 3 deletions.
diff --git a/.golangci.reference.yml b/.golangci.reference.yml
@@ -797,6 +797,20 @@ linters-settings:
 
     # To specify the configuration of rules.
     config:
+      # Globals are applicable to all rules.
+      global:
+        # If true, ignore #nosec in comments (and an alternative as well).
+        # Default: false
+        nosec: true
+        # Add an alternative comment prefix to #nosec (both will work at the same time).
+        # Default: ""
+        "#nosec": "#my-custom-nosec"
+        # Define whether nosec issues are counted as finding or not.
+        # Default: false
+        show-ignored: true
+        # Audit mode enables addition checks that for normal code analysis might be too nosy.
+        # Default: false
+        audit: true
       G101:
         # Regexp pattern for variables and constants to find.
         # Default: "(?i)passwd|pass|password|pwd|secret|token|pw|apiKey|bearer|cred"

diff --git a/pkg/golinters/gosec.go b/pkg/golinters/gosec.go
@@ -34,9 +34,12 @@ func NewGosec(settings *config.GoSecSettings) *goanalysis.Linter {
 		filters = gosecRuleFilters(settings.Includes, settings.Excludes)
 
 		for k, v := range settings.Config {
-			// Uses ToUpper because the parsing of the map's key change the key to lowercase.
-			// The value is not impacted by that: the case is respected.
-			conf.Set(strings.ToUpper(k), v)
+			if k != gosec.Globals {
+				// Uses ToUpper because the parsing of the map's key change the key to lowercase.
+				// The value is not impacted by that: the case is respected.
+				k = strings.ToUpper(k)
+			}
+			conf.Set(k, v)
 		}
 	}