Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: gosec error for randomness library #1753

Merged
merged 3 commits into from
Feb 13, 2024
Merged

fix: gosec error for randomness library #1753

merged 3 commits into from
Feb 13, 2024

Conversation

lumtis
Copy link
Member

@lumtis lumtis commented Feb 13, 2024

Description

Please include a summary of the changes and the related issue. Please also include relevant motivation and context. List any dependencies that are required for this change.

Closes:

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Include instructions and any relevant details so others can reproduce.

  • Tested CCTX in localnet
  • Tested in development environment
  • Go unit tests
  • Go integration tests
  • Tested via GitHub Actions

Checklist:

  • I have added unit tests that prove my fix feature works

Copy link

!!!WARNING!!!
nosec detected in the following files: x/emissions/client/tests/suite.go

Be very careful about using #nosec in code. It can be a quick way to suppress security warnings and move forward with development, it should be employed with caution. Suppressing warnings with #nosec can hide potentially serious vulnerabilities. Only use #nosec when you're absolutely certain that the security issue is either a false positive or has been mitigated in another way.

Only suppress a single rule (or a specific set of rules) within a section of code, while continuing to scan for other problems. To do this, you can list the rule(s) to be suppressed within the #nosec annotation, e.g: /* #nosec G401 */ or //#nosec G201 G202 G203
Broad #nosec annotations should be avoided, as they can hide other vulnerabilities. The CI will block you from merging this PR until you remove #nosec annotations that do not target specific rules.

Pay extra attention to the way #nosec is being used in the files listed above.

@github-actions github-actions bot added the nosec label Feb 13, 2024
@lumtis lumtis marked this pull request as ready for review February 13, 2024 15:02
@kingpinXD kingpinXD added the no-changelog Skip changelog CI check label Feb 13, 2024
@kevinssgh kevinssgh merged commit 7f24c5a into develop Feb 13, 2024
15 checks passed
@kevinssgh kevinssgh deleted the fix/gosec branch February 13, 2024 17:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
no-changelog Skip changelog CI check nosec
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants