github.com/nozzle/golangci-lint@v1.49.0-nz3/test/testdata/gosec.go (about) 1 //golangcitest:args -Egosec 2 package testdata 3 4 import ( 5 "crypto/md5" // want "G501: Blocklisted import crypto/md5: weak cryptographic primitive" 6 "fmt" 7 "log" 8 "os" 9 "os/exec" 10 ) 11 12 func Gosec() { 13 h := md5.New() // want "G401: Use of weak cryptographic primitive" 14 log.Print(h) 15 } 16 17 func GosecNolintGas() { 18 h := md5.New() //nolint:gas 19 log.Print(h) 20 } 21 22 func GosecNolintGosec() { 23 h := md5.New() //nolint:gosec 24 log.Print(h) 25 } 26 27 func GosecNoErrorCheckingByDefault() { 28 f, _ := os.Create("foo") 29 fmt.Println(f) 30 } 31 32 func GosecG204SubprocWithFunc() { 33 arg := func() string { 34 return "/tmp/dummy" 35 } 36 37 exec.Command("ls", arg()).Run() // want "G204: Subprocess launched with a potential tainted input or cmd arguments" 38 }