Merge pull request #31 from Conjur-Enterprise/fix-gosec

CNJR-5372: Fix 'nosec' comments
cyberark · Jun 25, 2024 · dbc5a3d · dbc5a3d
2 parents 510f413 + 1bb865c
commit dbc5a3d
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 3 deletions.
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -209,6 +209,17 @@ To run linting checks via the Code Climate golint engine, simply run:
 ./bin/check_style
 ```
 
+### gosec
+
+We use [gosec](https://github.com/securego/gosec) to perform static analysis of
+our codebase in our CI for all changed code. To run gosec locally for the entire
+repository, simply run:
+
+```sh-session
+go install github.com/securego/gosec/v2/cmd/gosec@latest
+$(go env GOPATH)/bin/gosec ./...
+```
+
 ### Testing Individual Connectors
 
 For instructions on how to test individual connectors, see the README.md file in

diff --git a/bin/juxtaposer/tester/db/db.go b/bin/juxtaposer/tester/db/db.go
@@ -77,13 +77,12 @@ func (manager *DriverManager) ensureWantedDbDataState() error {
 		insertItemStatement := QueryTypes["insertItem"] +
 			fmt.Sprintf("(%s)", manager.Tester.GetQueryMarkers(5))
 
-		/* #nosec */
 		err = manager.Tester.Query(insertItemStatement,
 			fmt.Sprintf("%s%d", NameFieldPrefix, itemIndex),
 			itemIndex,
 			time.Now().AddDate(0, 0, itemIndex),
 			float32(itemIndex)*10,
-			rand.Int31()&0x1,
+			rand.Int31()&0x1, // #nosec
 		)
 
 		if err != nil {

diff --git a/third_party/go-mssqldb b/third_party/go-mssqldb