Skip to content

GitLab

Unverified Commit 8e2c22d0 authored by Wesley Liddick's avatar Wesley Liddick Committed by GitHub
Browse files

Merge pull request #571 from wucm667/chore/configure-gosec-exclusions 

chore: 配置 gosec 排除规则
parents c7b42148 5f4eb9f9
Hide whitespace changes
Inline Side-by-side
.github/workflows/security-scan.yml
View file @ 8e2c22d0
...@@ -32,7 +32,7 @@ jobs: ...@@ -32,7 +32,7 @@ jobs:
working-directory: backend working-directory: backend
run: | run: |
go install github.com/securego/gosec/v2/cmd/gosec@latest go install github.com/securego/gosec/v2/cmd/gosec@latest
gosec -severity high -confidence high ./... gosec -conf .gosec.yaml -severity high -confidence high ./...
frontend-security: frontend-security:
runs-on: ubuntu-latest runs-on: ubuntu-latest
......
backend/.gosec.yaml 0 → 100644
View file @ 8e2c22d0
global:
# Exclude G704 (SSRF via taint analysis) - this is an API gateway platform
# that by design proxies requests to configurable upstream services.
# All upstream URLs are sourced from admin-configured settings or known
# third-party API endpoints, not from end-user input.
exclude:
- G704
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment