From f5a476365b4873cae5cba419762087fcb109f947 Mon Sep 17 00:00:00 2001 From: Alex Gartner Date: Thu, 11 Jul 2024 15:54:17 -0700 Subject: [PATCH] Use zeta-chain-gosec --- .github/workflows/sast-linters.yml | 27 ++------------------------- Makefile | 4 ++-- scripts/cosmos-gosec.sh | 7 ------- 3 files changed, 4 insertions(+), 34 deletions(-) delete mode 100644 scripts/cosmos-gosec.sh diff --git a/.github/workflows/sast-linters.yml b/.github/workflows/sast-linters.yml index 653f2b5dce..5e776a2427 100644 --- a/.github/workflows/sast-linters.yml +++ b/.github/workflows/sast-linters.yml @@ -25,33 +25,10 @@ jobs: with: fetch-depth: 0 - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version: '1.22' - - name: Run Gosec Security Scanner - uses: securego/gosec@v2.20.0 - with: - args: ./... - - gosec-cosmos: - runs-on: ubuntu-22.04 - env: - GO111MODULE: on - steps: - - name: Checkout Source - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Set up Go - uses: actions/setup-go@v5 + uses: zeta-chain/gosec@v2.21.0-zeta with: - go-version: '1.22' - - - name: Run Cosmos Gosec Security Scanner - run: make lint-cosmos-gosec + args: -exclude-generated ./... lint: runs-on: ubuntu-22.04 diff --git a/Makefile b/Makefile index 471c9af947..5516fe78af 100644 --- a/Makefile +++ b/Makefile @@ -139,8 +139,8 @@ lint-pre: lint: lint-pre @golangci-lint run -lint-cosmos-gosec: - @bash ./scripts/cosmos-gosec.sh +lint-gosec: + @bash ./scripts/gosec.sh gosec: gosec -exclude-dir=localnet ./... diff --git a/scripts/cosmos-gosec.sh b/scripts/cosmos-gosec.sh deleted file mode 100644 index 0863a94cce..0000000000 --- a/scripts/cosmos-gosec.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/usr/bin/env bash - -# Install gosec -go install github.com/cosmos/gosec/v2/cmd/gosec@latest - -# Run gosec -gosec -include=G701,G703,G704 ./... \ No newline at end of file