使用 golangci go exec 命令安全检查消息
我正在为gosecgolangci-lint 添加一个 linter,并且涵盖了除以下内容之外的所有内容:
exec.Command(params[0], params[1:]…)
我知道我可以禁用此 lint,但我不想这样做。有没有办法修复代码以满足这个 lint 的要求?
错误是:
G204: Subprocess launched with function call as argument or cmd arguments ```
暮色呼如浏览 261回答 3
3回答
-
天涯尽头无女友
您可以使用注释排除特定行,而不是禁用 linter;exec.Command(params[0], params[1:]...) //nolint:gosec -
慕姐8265434
如果您只想禁用此检查,您可以exec.Command(params[0], params[1:]...) // #nosec G204 -
宝慕林4294392
对命令调用进行硬编码。没有其他选择AFAIS。golangci.example.yml存储库中的示例配置。linters-settings: gosec: # To select a subset of rules to run. # Available rules: https://github.com/securego/gosec#available-rules includes: - G401 - G306 - G101 # To specify a set of rules to explicitly exclude. # Available rules: https://github.com/securego/gosec#available-rules excludes: - G204 # To specify the configuration of rules. # The configuration of rules is not fully documented by gosec: # https://github.com/securego/gosec#configuration # https://github.com/securego/gosec/blob/569328eade2ccbad4ce2d0f21ee158ab5356a5cf/rules/rulelist.go#L60-L102 config: G306: "0600" G101: pattern: "(?i)example" ignore_entropy: false entropy_threshold: "80.0" per_char_threshold: "3.0" truncate: "32"
随时随地看视频慕课网APP
相关分类
Go