From db72f403eb66ca75f809c476940b176351f365b9 Mon Sep 17 00:00:00 2001 From: magodo Date: Mon, 25 Sep 2023 16:55:54 +0800 Subject: [PATCH 1/2] Stick on gosec v2.16.0 The now latest version v2.17.0 will cause error as below: Golang errors in file: []: > [line 0 : column 0] - error obtaining VCS status: exit status 128 Use -buildvcs=false to disable VCS stamping. > [line 0 : column 0] - error obtaining VCS status: exit status 128 Use -buildvcs=false to disable VCS stamping. > [line 0 : column 0] - error obtaining VCS status: exit status 128 Use -buildvcs=false to disable VCS stamping. > [line 0 : column 0] - error obtaining VCS status: exit status 128 Use -buildvcs=false to disable VCS stamping. This probably due to the fact that 2.17.0 updated its Go version, which might conflicts with the github action OS installed version. --- .github/workflows/pr.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml index 64d12cc..c6fe34e 100644 --- a/.github/workflows/pr.yaml +++ b/.github/workflows/pr.yaml @@ -25,7 +25,7 @@ jobs: uses: actions/checkout@v2 - name: Run Gosec Security Scanner - uses: securego/gosec@master + uses: securego/gosec@v2.16.0 with: args: './...' From 6c99611e4edecd67edd98064b0af8da444440b8f Mon Sep 17 00:00:00 2001 From: magodo Date: Mon, 25 Sep 2023 17:09:10 +0800 Subject: [PATCH 2/2] fix lint warnings --- auth_oidc.go | 1 + 1 file changed, 1 insertion(+) diff --git a/auth_oidc.go b/auth_oidc.go index 9a87a16..ea82ba0 100644 --- a/auth_oidc.go +++ b/auth_oidc.go @@ -96,6 +96,7 @@ func (w *OidcCredential) getAssertion(ctx context.Context) (string, error) { return "", fmt.Errorf("getAssertion: cannot request token: %v", err) } + // #nosec G307 defer resp.Body.Close() body, err := io.ReadAll(io.LimitReader(resp.Body, 1<<20)) if err != nil {