gosec returned 5 issues #170
Description
$ ./security.sh
...
Results:
Golang errors in file: [/memfs/git/keys/keyring/keyring.go]:
> [line 13 : column 9] - undeclared name: newSystem
[/memfs/git/keys/saltpack/sign.go:281] - G304 (CWE-22): Potential file inclusion via variable (Confidence: HIGH, Severity: MEDIUM)
280: outTmp := out + ".tmp"
> 281: outFile, err := os.Create(outTmp)
282: if err != nil {
[/memfs/git/keys/saltpack/sign.go:208] - G304 (CWE-22): Potential file inclusion via variable (Confidence: HIGH, Severity: MEDIUM)
207: outTmp := out + ".tmp"
> 208: outFile, err := os.Create(outTmp)
209: if err != nil {
[/memfs/git/keys/keyring/backup.go:20] - G304 (CWE-22): Potential file inclusion via variable (Confidence: HIGH, Severity: MEDIUM)
19:
> 20: file, err := os.Create(tmpPath)
21: if err != nil {
[/memfs/git/keys/http/client/client.go:210] - G307 (CWE-703): Deferring unsafe method "Close" on type "io.ReadCloser" (Confidence: HIGH, Severity: MEDIUM)
209: }
> 210: defer resp.Body.Close()
211: return c.response(req.Path, resp)
[/memfs/git/keys/http/client.go:124] - G307 (CWE-703): Deferring unsafe method "Close" on type "io.ReadCloser" (Confidence: HIGH, Severity: MEDIUM)
123:
> 124: defer resp.Body.Close()
125: if resp.StatusCode/200 != 1 {
Summary:
Gosec : dev
Files : 103
Lines : 11782
Nosec : 6
Issues : 5
Commit 258cbb4