lukaszraczylo/gohoarder
1
0
Fork 0
mirror of https://github.com/lukaszraczylo/gohoarder.git synced 2026-06-27 02:53:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixes

Browse Source
This commit is contained in:
Lukasz Raczylo
2026-01-02 18:20:15 +00:00
parent 0f7c29c3ef
commit ce5a8fbffd
37 changed files with 323 additions and 178 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/scanner/pipaudit/pipaudit.go
+4 -4
View File
@@ -75,8 +75,8 @@ func (s *Scanner) Scan(ctx context.Context, registry, packageName, version strin
}
// Run pip-audit on the package file
cmd := exec.CommandContext(ctx, "pip-audit", "-r", tmpFile, "--format", "json")
output, _ := cmd.CombinedOutput() // pip-audit returns non-zero when vulns found
cmd := exec.CommandContext(ctx, "pip-audit", "-r", tmpFile, "--format", "json") // #nosec G204 -- pip-audit command with temp file
output, _ := cmd.CombinedOutput() // pip-audit returns non-zero when vulns found
// Parse pip-audit output
var auditResult PipAuditResult
@@ -110,11 +110,11 @@ func (s *Scanner) Health(ctx context.Context) error {
// copyFile copies a file from src to dst
func (s *Scanner) copyFile(src, dst string) error {
input, err := os.ReadFile(src)
input, err := os.ReadFile(src) // #nosec G304 -- Source path is from scanner, controlled
if err != nil {
return err
}
return os.WriteFile(dst, input, 0644)
return os.WriteFile(dst, input, 0600)
}
// emptyResult returns an empty scan result