-
-
Notifications
You must be signed in to change notification settings - Fork 590
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to ignore rule by pattern matching? Something like // #nosec G104 /Print/ #949
Comments
@DavidGamba This functionality is not available at the moment. It is possible to ignore one rule for an entire line by just adding the following comment: // #nosec G104 I think this feature makes sense when there are multiple function calls returning the same warning (e.g. G104 for not checking the returned error) and one wants to ignore only some of these errors. Is this what you are thinking of? |
Yes, adding the The config file didn't work for me, even after trying different permutations:
|
I think is difficult to have pattern matching constantly across all rules because they perform different checks, and nonsec is checked globally. I would rather go with a rule configuration. Closing this for now. Thanks |
Summary
I would like to ignore the unhandled errors rule by pattern matching against the function name.
I am getting G104 errors from
fatih/color
Fprintf
calls.Steps to reproduce the behavior
gosec version
2.15.0
Go version (output of 'go version')
go version go1.20.1 darwin/arm64
Operating system / Environment
MacOS 13
Expected behavior
Updating the
// #nosec G104
annotation to allow for an additional function pattern match:Or in a config file somewhere.
Actual behavior
Nosec annotation can only be added globally without exceptions or per line.
The text was updated successfully, but these errors were encountered: