diff --git a/README.md b/README.md index 9d5ed3fbf0..946536a944 100644 --- a/README.md +++ b/README.md @@ -234,7 +234,7 @@ You can also configure the hard-coded credentials rule `G101` with additional pa Some rules require a specific Go version which is retrieved from the Go module file present in the project. If this version cannot be found, it will fallback to Go runtime version. -The Go module version is parsed using the `go list` command which in some cases might lead to performance degradation. In this situation, the go module version can be easily disabled by setting the environment variable `GOSECNOMODVERSION=on`. +The Go module version is parsed using the `go list` command which in some cases might lead to performance degradation. In this situation, the go module version can be easily provided by setting the environment variable `GOSECGOVERSION=go1.21.1`. ### Dependencies diff --git a/helpers.go b/helpers.go index 5493efebd5..1089f52c0f 100644 --- a/helpers.go +++ b/helpers.go @@ -32,8 +32,8 @@ import ( "strings" ) -// noGoModVersion disables the parsing of go version from go module file present in the project -const noGoModVersion = "GOSECNOMODVERSION" +// envGoModVersion overrides the Go version detection. +const envGoModVersion = "GOSECGOVERSION" // MatchCallByPackage ensures that the specified package is imported, // adjusts the name for any aliases and ignores cases that are @@ -501,13 +501,16 @@ func RootPath(root string) (string, error) { // GoVersion returns parsed version of Go mod version and fallback to runtime version if not found. func GoVersion() (int, int, int) { - _, ok := os.LookupEnv(noGoModVersion) - if !ok { - if goModVersion, err := goModVersion(); err == nil { - return parseGoVersion(goModVersion) - } + if env, ok := os.LookupEnv(envGoModVersion); ok { + return parseGoVersion(strings.TrimPrefix(env, "go")) } - return parseGoVersion(strings.TrimPrefix(runtime.Version(), "go")) + + goVersion, err := goModVersion() + if err != nil { + return parseGoVersion(strings.TrimPrefix(runtime.Version(), "go")) + } + + return parseGoVersion(goVersion) } type goListOutput struct {