mirror of
https://github.com/securego/gosec.git
synced 2026-01-15 01:33:41 +08:00
3150b28fc4
* feat: add goanalysis package for nogo Add goanalysis package providing a standard golang.org/x/tools/go/analysis.Analyzer for gosec. Enables integration with nogo, and go vet. - Implements analysis.Analyzer interface - Reuses SSA built by analysis framework for efficient caching - Configurable severity/confidence filtering via flags - Includes CWE IDs in diagnostics ([CWE-XXX] format) - Runs both AST rules and SSA analyzers - Respects #nosec and suppression directives Also exclude testdata from security scanning in Makefile to prevent false positives on intentionally vulnerable test files. * Also exclude testdata from github action