Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Linter: gosec, Rule: G405 - Detect the usage of DES or RC4. Should we enable it? #15799

Closed
zak-pawel opened this issue Sep 1, 2024 · 1 comment · Fixed by #15835
Closed

Linter: gosec, Rule: G405 - Detect the usage of DES or RC4. Should we enable it? #15799

zak-pawel opened this issue Sep 1, 2024 · 1 comment · Fixed by #15835
Labels
linter

Comments

@zak-pawel
Copy link
Collaborator

Use Case

This issue starts discussion about enabling:

Rule G401: Detect the usage of DES, RC4, MD5 or SHA1 has been split into two different rules (G401: Detect the usage of MD5 or SHA1 and G405: Detect the usage of DES or RC4).
Rule is mapped to CWE-327: Use of a Broken or Risky Cryptographic Algorithm.

Expected behavior

Decision if rule should be enabled or not.

Actual behavior

For this rule no findings were found in current code.

Additional info

For this rule no additional configuration can be provided.
@zak-pawel zak-pawel mentioned this issue Sep 1, 2024
Closed
@zak-pawel
Copy link
Collaborator Author

I would enable it.

@srebhan srebhan removed their assignment Sep 2, 2024
@DStrand1 DStrand1 removed their assignment Sep 3, 2024
@zak-pawel zak-pawel mentioned this issue Sep 3, 2024
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
linter
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

chore(linters): Enable G405, G406, G506 and G507 rules for gosec zak-pawel/telegraf
3 participants
@zak-pawel @srebhan @DStrand1