long-agent/user-system
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e4c16dd6c5f25de6c3852f84d78dd41cccf14e4a
user-system/gosec-report.json

1454 lines
51 KiB
JSON
Raw Normal View History

test: add service layer unit tests for webhook/metadata/error/config - webhook_service_test.go: isPrivateIP, isSafeURL, computeHMAC - request_metadata_test.go: context functions - classified_error_test.go: error types - config_defaults_test.go: password reset/SMS defaults - email_config_test.go: email code defaults - auth_runtime_test.go: isUserNotFoundError Service coverage: 11.2% -> 14.7%
2026-04-09 15:30:26 +08:00
{
"Golang errors": {},
"Issues": [
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion uint64 -\u003e uint8",
"file": "D:\\project\\internal\\auth\\password.go",
"code": "105: \t\tcase \"p\":\n106: \t\t\tparallelism = uint8(val)\n107: \t\t}\n",
"line": "106",
"column": "23",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion uint64 -\u003e uint32",
"file": "D:\\project\\internal\\auth\\password.go",
"code": "103: \t\tcase \"t\":\n104: \t\t\titerations = uint32(val)\n105: \t\tcase \"p\":\n",
"line": "104",
"column": "23",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion uint64 -\u003e uint32",
"file": "D:\\project\\internal\\auth\\password.go",
"code": "101: \t\tcase \"m\":\n102: \t\t\tmemory = uint32(val)\n103: \t\tcase \"t\":\n",
"line": "102",
"column": "19",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion uint64 -\u003e int64",
"file": "D:\\project\\internal\\pkg\\antigravity\\request_transformer.go",
"code": "29: \t\t\t\th := sha256.Sum256([]byte(text))\n30: \t\t\t\tn := int64(binary.BigEndian.Uint64(h[:8])) \u0026 0x7FFFFFFFFFFFFFFF\n31: \t\t\t\treturn \"-\" + strconv.FormatInt(n, 10)\n",
"line": "30",
"column": "15",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion uint64 -\u003e int",
"file": "D:\\project\\internal\\pkg\\antigravity\\response_transformer.go",
"code": "364: \t\t\tseed ^= seed \u003c\u003c 17\n365: \t\t\tid[i] = chars[int(seed)%len(chars)]\n366: \t\t}\n",
"line": "365",
"column": "21",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion rune -\u003e byte",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "197: \t\ty := 8 + rng.Intn(12)\n198: \t\tdrawChar(img, x, y, byte(ch), charColor)\n199: \t}\n",
"line": "198",
"column": "27",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "206: \t\t\tB: uint8(rng.Intn(255)),\n207: \t\t\tA: uint8(100 + rng.Intn(100)),\n208: \t\t}\n",
"line": "207",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "205: \t\t\tG: uint8(rng.Intn(255)),\n206: \t\t\tB: uint8(rng.Intn(255)),\n207: \t\t\tA: uint8(100 + rng.Intn(100)),\n",
"line": "206",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "204: \t\t\tR: uint8(rng.Intn(255)),\n205: \t\t\tG: uint8(rng.Intn(255)),\n206: \t\t\tB: uint8(rng.Intn(255)),\n",
"line": "205",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "203: \t\tdotColor := color.RGBA{\n204: \t\t\tR: uint8(rng.Intn(255)),\n205: \t\t\tG: uint8(rng.Intn(255)),\n",
"line": "204",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "192: \t\t\tG: uint8(rng.Intn(150)),\n193: \t\t\tB: uint8(rng.Intn(150)),\n194: \t\t\tA: 255,\n",
"line": "193",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "191: \t\t\tR: uint8(rng.Intn(150)),\n192: \t\t\tG: uint8(rng.Intn(150)),\n193: \t\t\tB: uint8(rng.Intn(150)),\n",
"line": "192",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "190: \t\tcharColor := color.RGBA{\n191: \t\t\tR: uint8(rng.Intn(150)),\n192: \t\t\tG: uint8(rng.Intn(150)),\n",
"line": "191",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "177: \t\t\tG: uint8(rng.Intn(200)),\n178: \t\t\tB: uint8(rng.Intn(200)),\n179: \t\t\tA: 255,\n",
"line": "178",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "176: \t\t\tR: uint8(rng.Intn(200)),\n177: \t\t\tG: uint8(rng.Intn(200)),\n178: \t\t\tB: uint8(rng.Intn(200)),\n",
"line": "177",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "175: \t\tlineColor := color.RGBA{\n176: \t\t\tR: uint8(rng.Intn(200)),\n177: \t\t\tG: uint8(rng.Intn(200)),\n",
"line": "176",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "167: \t\tG: uint8(220 + rng.Intn(35)),\n168: \t\tB: uint8(220 + rng.Intn(35)),\n169: \t\tA: 255,\n",
"line": "168",
"column": "11",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "166: \t\tR: uint8(220 + rng.Intn(35)),\n167: \t\tG: uint8(220 + rng.Intn(35)),\n168: \t\tB: uint8(220 + rng.Intn(35)),\n",
"line": "167",
"column": "11",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "165: \tbgColor := color.RGBA{\n166: \t\tR: uint8(220 + rng.Intn(35)),\n167: \t\tG: uint8(220 + rng.Intn(35)),\n",
"line": "166",
"column": "11",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint32",
"file": "D:\\project\\internal\\auth\\password.go",
"code": "126: \t\tparallelism,\n127: \t\tuint32(len(storedHash)),\n128: \t)\n",
"line": "127",
"column": "9",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint",
"file": "D:\\project\\internal\\service\\webhook.go",
"code": "267: \t\t} else {\n268: \t\t\tbackoff = time.Duration(1\u003c\u003cuint(task.attempt)) * time.Second\n269: \t\t}\n",
"line": "268",
"column": "35",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint",
"file": "D:\\project\\internal\\pkg\\geminicli\\drive_client.go",
"code": "98: \t\t\t\tdefer func() { _ = resp.Body.Close() }()\n99: \t\t\t\tbackoff := time.Duration(1\u003c\u003cuint(attempt)) * time.Second\n100: \t\t\t\tjitter := time.Duration(rng.Intn(1000)) * time.Millisecond\n",
"line": "99",
"column": "37",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint",
"file": "D:\\project\\internal\\pkg\\geminicli\\drive_client.go",
"code": "76: \t\t\tif attempt \u003c maxRetries-1 {\n77: \t\t\t\tbackoff := time.Duration(1\u003c\u003cuint(attempt)) * time.Second\n78: \t\t\t\tjitter := time.Duration(rng.Intn(1000)) * time.Millisecond\n",
"line": "77",
"column": "37",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e int32",
"file": "D:\\project\\internal\\pkg\\errors\\errors.go",
"code": "78: \t\tStatus: Status{\n79: \t\t\tCode: int32(code),\n80: \t\t\tMessage: message,\n",
"line": "79",
"column": "18",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "338",
"url": "https://cwe.mitre.org/data/definitions/338.html"
},
"rule_id": "G404",
"details": "Use of weak random number generator (math/rand or math/rand/v2 instead of crypto/rand)",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "163: \t// 随机背景色(浅色)\n164: \trng := rand.New(rand.NewSource(time.Now().UnixNano()))\n165: \tbgColor := color.RGBA{\n",
"line": "164",
"column": "9",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "338",
"url": "https://cwe.mitre.org/data/definitions/338.html"
},
"rule_id": "G404",
"details": "Use of weak random number generator (math/rand or math/rand/v2 instead of crypto/rand)",
"file": "D:\\project\\internal\\pkg\\geminicli\\drive_client.go",
"code": "66: \tmaxRetries := 3\n67: \trng := rand.New(rand.NewSource(time.Now().UnixNano()))\n68: \tfor attempt := 0; attempt \u003c maxRetries; attempt++ {\n",
"line": "67",
"column": "9",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "338",
"url": "https://cwe.mitre.org/data/definitions/338.html"
},
"rule_id": "G404",
"details": "Use of weak random number generator (math/rand or math/rand/v2 instead of crypto/rand)",
"file": "D:\\project\\internal\\pkg\\antigravity\\request_transformer.go",
"code": "18: var (\n19: \tsessionRand = rand.New(rand.NewSource(time.Now().UnixNano()))\n20: \tsessionRandMutex sync.Mutex\n",
"line": "19",
"column": "21",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials: Google Cloud Platform OAuth",
"file": "D:\\project\\internal\\pkg\\geminicli\\constants.go",
"code": "40: \t// restrict which scopes are allowed for this client.\n41: \tGeminiCLIOAuthClientID = \"681255809395-oo8ft2oprdrnp9e3aqf6av3hmdib135j.apps.googleusercontent.com\"\n42: \tGeminiCLIOAuthClientSecret = \"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\"\n",
"line": "41",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials: Google Cloud Platform OAuth",
"file": "D:\\project\\internal\\pkg\\antigravity\\oauth.go",
"code": "25: \t// Antigravity OAuth 客户端凭证\n26: \tClientID = \"1071006060591-tmhssin2h21lcre235vtolojh4g403ep.apps.googleusercontent.com\"\n27: \n",
"line": "26",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\service\\webhook.go",
"code": "98: func defaultWebhookServiceConfig() WebhookServiceConfig {\n99: \treturn WebhookServiceConfig{\n100: \t\tEnabled: true,\n101: \t\tSecretHeader: \"X-Webhook-Signature\",\n102: \t\tTimeoutSec: 10,\n103: \t\tMaxRetries: 3,\n104: \t\tRetryBackoff: \"exponential\",\n105: \t\tWorkerCount: 4,\n106: \t\tQueueSize: 1000,\n107: \t}\n108: }\n",
"line": "99-107",
"column": "9",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\service\\auth.go",
"code": "22: \tuserInfoCachePrefix = \"auth_user_info:\"\n23: \ttokenBlacklistPrefix = \"auth_token_blacklist:\"\n24: \tdefaultUserCacheTTL = 15 * time.Minute\n",
"line": "23",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\pkg\\openai\\oauth.go",
"code": "24: \tAuthorizeURL = \"https://auth.openai.com/oauth/authorize\"\n25: \tTokenURL = \"https://auth.openai.com/oauth/token\"\n26: \n",
"line": "25",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\pkg\\oauth\\oauth.go",
"code": "22: \tAuthorizeURL = \"https://claude.ai/oauth/authorize\"\n23: \tTokenURL = \"https://platform.claude.com/v1/oauth/token\"\n24: \tRedirectURI = \"https://platform.claude.com/oauth/code/callback\"\n",
"line": "23",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\pkg\\geminicli\\constants.go",
"code": "44: \t// GeminiCLIOAuthClientSecretEnv is the environment variable name for the built-in client secret.\n45: \tGeminiCLIOAuthClientSecretEnv = \"GEMINI_CLI_OAUTH_CLIENT_SECRET\"\n46: \n",
"line": "45",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\pkg\\geminicli\\constants.go",
"code": "41: \tGeminiCLIOAuthClientID = \"681255809395-oo8ft2oprdrnp9e3aqf6av3hmdib135j.apps.googleusercontent.com\"\n42: \tGeminiCLIOAuthClientSecret = \"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\"\n43: \n",
"line": "42",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\pkg\\geminicli\\constants.go",
"code": "10: \tAuthorizeURL = \"https://accounts.google.com/o/oauth2/v2/auth\"\n11: \tTokenURL = \"https://oauth2.googleapis.com/token\"\n12: \n",
"line": "11",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\pkg\\ctxkey\\ctxkey.go",
"code": "41: \t// 用于 ClaudeCodeOnly 验证绕过(绕过 system prompt 检查,但仍需验证 User-Agent\n42: \tIsMaxTokensOneHaikuRequest Key = \"ctx_is_max_tokens_one_haiku\"\n43: \n",
"line": "42",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\pkg\\antigravity\\oauth.go",
"code": "55: // defaultClientSecret 可通过环境变量 ANTIGRAVITY_OAUTH_CLIENT_SECRET 配置\n56: var defaultClientSecret = \"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\"\n57: \n",
"line": "56",
"column": "5",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\pkg\\antigravity\\oauth.go",
"code": "28: \t// AntigravityOAuthClientSecretEnv 是 Antigravity OAuth client_secret 的环境变量名。\n29: \tAntigravityOAuthClientSecretEnv = \"ANTIGRAVITY_OAUTH_CLIENT_SECRET\"\n30: \n",
"line": "29",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\pkg\\antigravity\\oauth.go",
"code": "21: \tAuthorizeURL = \"https://accounts.google.com/o/oauth2/v2/auth\"\n22: \tTokenURL = \"https://oauth2.googleapis.com/token\"\n23: \tUserInfoURL = \"https://www.googleapis.com/oauth2/v2/userinfo\"\n",
"line": "22",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\providers\\weibo.go",
"code": "90: func (w *WeiboProvider) ExchangeCode(ctx context.Context, code string) (*WeiboTokenResponse, error) {\n91: \ttokenURL := \"https://api.weibo.com/oauth2/access_token\"\n92: \n",
"line": "91",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\providers\\twitter.go",
"code": "201: func (t *TwitterProvider) RefreshToken(ctx context.Context, refreshToken string) (*TwitterTokenResponse, error) {\n202: \ttokenURL := \"https://api.twitter.com/2/oauth2/token\"\n203: \n",
"line": "202",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\providers\\twitter.go",
"code": "128: func (t *TwitterProvider) ExchangeCode(ctx context.Context, code, codeVerifier string) (*TwitterTokenResponse, error) {\n129: \ttokenURL := \"https://api.twitter.com/2/oauth2/token\"\n130: \n",
"line": "129",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\providers\\google.go",
"code": "146: func (g *GoogleProvider) RefreshToken(ctx context.Context, refreshToken string) (*GoogleTokenResponse, error) {\n147: \ttokenURL := \"https://oauth2.googleapis.com/token\"\n148: \n",
"line": "147",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\providers\\google.go",
"code": "86: func (g *GoogleProvider) ExchangeCode(ctx context.Context, code string) (*GoogleTokenResponse, error) {\n87: \ttokenURL := \"https://oauth2.googleapis.com/token\"\n88: \n",
"line": "87",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\providers\\github.go",
"code": "59: func (g *GitHubProvider) ExchangeCode(ctx context.Context, code string) (*GitHubTokenResponse, error) {\n60: \ttokenURL := \"https://github.com/login/oauth/access_token\"\n61: \n",
"line": "60",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\providers\\douyin.go",
"code": "70: func (d *DouyinProvider) ExchangeCode(ctx context.Context, code string) (*DouyinTokenResponse, error) {\n71: \ttokenURL := \"https://open.douyin.com/oauth/access_token/\"\n72: \n",
"line": "71",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\oauth_config.go",
"code": "199: \t\t},\n200: \t\tTwitter: TwitterOAuthConfig{\n201: \t\t\tEnabled: getEnvBool(\"TWITTER_OAUTH_ENABLED\", false),\n202: \t\t\tClientID: getEnv(\"TWITTER_CLIENT_ID\", \"\"),\n203: \t\t\tClientSecret: getEnv(\"TWITTER_CLIENT_SECRET\", \"\"),\n204: \t\t\tAuthURL: \"https://twitter.com/i/oauth2/authorize\",\n205: \t\t\tTokenURL: \"https://api.twitter.com/2/oauth2/token\",\n206: \t\t\tUserInfoURL: \"https://api.twitter.com/2/users/me\",\n207: \t\t},\n208: \t}\n",
"line": "200-207",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\oauth_config.go",
"code": "190: \t\t},\n191: \t\tWeibo: WeiboOAuthConfig{\n192: \t\t\tEnabled: getEnvBool(\"WEIBO_OAUTH_ENABLED\", false),\n193: \t\t\tAppKey: getEnv(\"WEIBO_APP_KEY\", \"\"),\n194: \t\t\tAppSecret: getEnv(\"WEIBO_APP_SECRET\", \"\"),\n195: \t\t\tRedirectURI: getEnv(\"WEIBO_REDIRECT_URI\", \"\"),\n196: \t\t\tAuthURL: \"https://api.weibo.com/oauth2/authorize\",\n197: \t\t\tTokenURL: \"https://api.weibo.com/oauth2/access_token\",\n198: \t\t\tUserInfoURL: \"https://api.weibo.com/2/users/show.json\",\n199: \t\t},\n200: \t\tTwitter: TwitterOAuthConfig{\n",
"line": "191-199",
"column": "10",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\oauth_config.go",
"code": "179: \t\t},\n180: \t\tQQ: QQOAuthConfig{\n181: \t\t\tEnabled: getEnvBool(\"QQ_OAUTH_ENABLED\", false),\n182: \t\t\tAppID: getEnv(\"QQ_APP_ID\", \"\"),\n183: \t\t\tAppKey: getEnv(\"QQ_APP_KEY\", \"\"),\n184: \t\t\tAppSecret: getEnv(\"QQ_APP_SECRET\", \"\"),\n185: \t\t\tRedirectURI: getEnv(\"QQ_REDIRECT_URI\", \"\"),\n186: \t\t\tAuthURL: \"https://graph.qq.com/oauth2.0/authorize\",\n187: \t\t\tTokenURL: \"https://graph.qq.com/oauth2.0/token\",\n188: \t\t\tOpenIDURL: \"https://graph.qq.com/oauth2.0/me\",\n189: \t\t\tUserInfoURL: \"https://graph.qq.com/user/get_user_info\",\n190: \t\t},\n191: \t\tWeibo: WeiboOAuthConfig{\n",
"line": "180-190",
"column": "7",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\oauth_config.go",
"code": "171: \t\t},\n172: \t\tFacebook: FacebookOAuthConfig{\n173: \t\t\tEnabled: getEnvBool(\"FACEBOOK_OAUTH_ENABLED\", false),\n174: \t\t\tAppID: getEnv(\"FACEBOOK_APP_ID\", \"\"),\n175: \t\t\tAppSecret: getEnv(\"FACEBOOK_APP_SECRET\", \"\"),\n176: \t\t\tAuthURL: \"https://www.facebook.com/v18.0/dialog/oauth\",\n177: \t\t\tTokenURL: \"https://graph.facebook.com/v18.0/oauth/access_token\",\n178: \t\t\tUserInfoURL: \"https://graph.facebook.com/v18.0/me?fields=id,name,email,picture\",\n179: \t\t},\n180: \t\tQQ: QQOAuthConfig{\n",
"line": "172-179",
"column": "13",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\oauth_config.go",
"code": "162: \t\t},\n163: \t\tGoogle: GoogleOAuthConfig{\n164: \t\t\tEnabled: getEnvBool(\"GOOGLE_OAUTH_ENABLED\", false),\n165: \t\t\tClientID: getEnv(\"GOOGLE_CLIENT_ID\", \"\"),\n166: \t\t\tClientSecret: getEnv(\"GOOGLE_CLIENT_SECRET\", \"\"),\n167: \t\t\tAuthURL: \"https://accounts.google.com/o/oauth2/v2/auth\",\n168: \t\t\tTokenURL: \"https://oauth2.googleapis.com/token\",\n169: \t\t\tUserInfoURL: \"https://www.googleapis.com/oauth2/v2/userinfo\",\n170: \t\t\tJWTAuthURL: \"https://oauth2.googleapis.com/tokeninfo\",\n171: \t\t},\n172: \t\tFacebook: FacebookOAuthConfig{\n",
"line": "163-171",
"column": "11",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\oauth_config.go",
"code": "154: \t\t},\n155: \t\tWeChat: WeChatOAuthConfig{\n156: \t\t\tEnabled: getEnvBool(\"WECHAT_OAUTH_ENABLED\", false),\n157: \t\t\tAppID: getEnv(\"WECHAT_APP_ID\", \"\"),\n158: \t\t\tAppSecret: getEnv(\"WECHAT_APP_SECRET\", \"\"),\n159: \t\t\tAuthURL: \"https://open.weixin.qq.com/connect/qrconnect\",\n160: \t\t\tTokenURL: \"https://api.weixin.qq.com/sns/oauth2/access_token\",\n161: \t\t\tUserInfoURL: \"https://api.weixin.qq.com/sns/userinfo\",\n162: \t\t},\n163: \t\tGoogle: GoogleOAuthConfig{\n",
"line": "155-162",
"column": "11",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "400",
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
"rule_id": "G118",
"details": "Goroutine uses context.Background/TODO while request-scoped context is available",
"file": "D:\\project\\internal\\service\\user_service.go",
"code": "84: \n85: \t\tgo func() {\n86: \t\t\t// 使用带超时的独立 context不能使用请求 ctx该 goroutine 在请求完成后仍可能运行)\n",
"line": "85",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "400",
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
"rule_id": "G118",
"details": "Goroutine uses context.Background/TODO while request-scoped context is available",
"file": "D:\\project\\internal\\service\\password_reset.go",
"code": "293: \tif s.passwordHistoryRepo != nil {\n294: \t\tgo func() {\n295: \t\t\t// 使用带超时的独立 context防止 DB 写入无限等待\n",
"line": "294",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "400",
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
"rule_id": "G118",
"details": "Goroutine uses context.Background/TODO while request-scoped context is available",
"file": "D:\\project\\internal\\service\\auth_email.go",
"code": "92: \t\t// 使用独立上下文避免请求结束后被取消\n93: \t\tgo func() {\n94: \t\t\tbgCtx, cancel := context.WithTimeout(context.Background(), 30*time.Second)\n",
"line": "93",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "400",
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
"rule_id": "G118",
"details": "Goroutine uses context.Background/TODO while request-scoped context is available",
"file": "D:\\project\\internal\\service\\auth.go",
"code": "481: \n482: \tgo func() {\n483: \t\t// 使用带超时的独立 context防止日志写入无限等待\n",
"line": "482",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "MEDIUM",
"confidence": "HIGH",
"cwe": {
"id": "22",
"url": "https://cwe.mitre.org/data/definitions/22.html"
},
"rule_id": "G304",
"details": "Potential file inclusion via variable",
"file": "D:\\project\\internal\\auth\\oauth_config.go",
"code": "129: \t\t// 从文件加载配置\n130: \t\tdata, readErr := os.ReadFile(configPath)\n131: \t\tif readErr != nil {\n",
"line": "130",
"column": "20",
"nosec": false,
"suppressions": null,
"autofix": "Consider using os.Root to scope file access under a fixed root (Go \u003e=1.24). Prefer root.Open/root.Stat over os.Open/os.Stat to prevent directory traversal."
},
{
"severity": "MEDIUM",
"confidence": "HIGH",
"cwe": {
"id": "22",
"url": "https://cwe.mitre.org/data/definitions/22.html"
},
"rule_id": "G304",
"details": "Potential file inclusion via variable",
"file": "D:\\project\\internal\\auth\\jwt.go",
"code": "234: \t}\n235: \tdata, err := os.ReadFile(path)\n236: \tif err != nil {\n",
"line": "235",
"column": "15",
"nosec": false,
"suppressions": null,
"autofix": "Consider using os.Root to scope file access under a fixed root (Go \u003e=1.24). Prefer root.Open/root.Stat over os.Open/os.Stat to prevent directory traversal."
},
{
"severity": "MEDIUM",
"confidence": "HIGH",
"cwe": {
"id": "276",
"url": "https://cwe.mitre.org/data/definitions/276.html"
},
"rule_id": "G306",
"details": "Expect WriteFile permissions to be 0600 or less",
"file": "D:\\project\\internal\\auth\\jwt.go",
"code": "218: \t}\n219: \tif err := os.WriteFile(publicPath, publicPEM, 0o644); err != nil {\n220: \t\treturn \"\", \"\", err\n",
"line": "219",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\service\\webhook.go",
"code": "246: \tvar respBuf bytes.Buffer\n247: \trespBuf.ReadFrom(resp.Body)\n248: \tsuccess := resp.StatusCode \u003e= 200 \u0026\u0026 resp.StatusCode \u003c 300\n",
"line": "247",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\service\\password_reset.go",
"code": "254: \ts.cache.Delete(ctx, codeKey)\n255: \ts.cache.Delete(ctx, cacheKey)\n256: \n",
"line": "255",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\service\\password_reset.go",
"code": "253: \t// 清理验证码\n254: \ts.cache.Delete(ctx, codeKey)\n255: \ts.cache.Delete(ctx, cacheKey)\n",
"line": "254",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "90: \t// 删除验证码(一次性使用)\n91: \ts.cache.Delete(ctx, cacheKey)\n92: \n",
"line": "91",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "69: \tcacheKey := \"captcha:\" + captchaID\n70: \ts.cache.Set(ctx, cacheKey, strings.ToLower(text), captchaTTL, captchaTTL)\n71: \n",
"line": "70",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\slo.go",
"code": "130: \t\tprometheus.DefaultRegisterer.Register(m.AnomalyDetectedTotal) //nolint:errcheck\n131: \t\tprometheus.DefaultRegisterer.Register(m.ErrorBudgetBurnRate) //nolint:errcheck\n132: \t\tglobalSLOMetrics = m\n",
"line": "131",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\slo.go",
"code": "129: \t\tprometheus.DefaultRegisterer.Register(m.AccountLockTotal) //nolint:errcheck\n130: \t\tprometheus.DefaultRegisterer.Register(m.AnomalyDetectedTotal) //nolint:errcheck\n131: \t\tprometheus.DefaultRegisterer.Register(m.ErrorBudgetBurnRate) //nolint:errcheck\n",
"line": "130",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\slo.go",
"code": "128: \t\tprometheus.DefaultRegisterer.Register(m.TokenRefreshTotal) //nolint:errcheck\n129: \t\tprometheus.DefaultRegisterer.Register(m.AccountLockTotal) //nolint:errcheck\n130: \t\tprometheus.DefaultRegisterer.Register(m.AnomalyDetectedTotal) //nolint:errcheck\n",
"line": "129",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\slo.go",
"code": "127: \t\tprometheus.DefaultRegisterer.Register(m.DBConnectionsMax) //nolint:errcheck\n128: \t\tprometheus.DefaultRegisterer.Register(m.TokenRefreshTotal) //nolint:errcheck\n129: \t\tprometheus.DefaultRegisterer.Register(m.AccountLockTotal) //nolint:errcheck\n",
"line": "128",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\slo.go",
"code": "126: \t\tprometheus.DefaultRegisterer.Register(m.DBConnectionsActive) //nolint:errcheck\n127: \t\tprometheus.DefaultRegisterer.Register(m.DBConnectionsMax) //nolint:errcheck\n128: \t\tprometheus.DefaultRegisterer.Register(m.TokenRefreshTotal) //nolint:errcheck\n",
"line": "127",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\slo.go",
"code": "125: \t\tprometheus.DefaultRegisterer.Register(m.CacheOperationsTotal) //nolint:errcheck\n126: \t\tprometheus.DefaultRegisterer.Register(m.DBConnectionsActive) //nolint:errcheck\n127: \t\tprometheus.DefaultRegisterer.Register(m.DBConnectionsMax) //nolint:errcheck\n",
"line": "126",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\slo.go",
"code": "124: \t\tprometheus.DefaultRegisterer.Register(m.CacheHitsTotal) //nolint:errcheck\n125: \t\tprometheus.DefaultRegisterer.Register(m.CacheOperationsTotal) //nolint:errcheck\n126: \t\tprometheus.DefaultRegisterer.Register(m.DBConnectionsActive) //nolint:errcheck\n",
"line": "125",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\slo.go",
"code": "123: \t\t// 注册到默认 registry 以便 /metrics 端点暴露\n124: \t\tprometheus.DefaultRegisterer.Register(m.CacheHitsTotal) //nolint:errcheck\n125: \t\tprometheus.DefaultRegisterer.Register(m.CacheOperationsTotal) //nolint:errcheck\n",
"line": "124",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\metrics.go",
"code": "136: \t\tprometheus.DefaultRegisterer.Register(m.systemMemoryUsage) //nolint:errcheck\n137: \t\tprometheus.DefaultRegisterer.Register(m.systemGoroutines) //nolint:errcheck\n138: \t\tglobalMetrics = m\n",
"line": "137",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\metrics.go",
"code": "135: \t\tprometheus.DefaultRegisterer.Register(m.activeUsers) //nolint:errcheck\n136: \t\tprometheus.DefaultRegisterer.Register(m.systemMemoryUsage) //nolint:errcheck\n137: \t\tprometheus.DefaultRegisterer.Register(m.systemGoroutines) //nolint:errcheck\n",
"line": "136",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\metrics.go",
"code": "134: \t\tprometheus.DefaultRegisterer.Register(m.userLogins) //nolint:errcheck\n135: \t\tprometheus.DefaultRegisterer.Register(m.activeUsers) //nolint:errcheck\n136: \t\tprometheus.DefaultRegisterer.Register(m.systemMemoryUsage) //nolint:errcheck\n",
"line": "135",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\metrics.go",
"code": "133: \t\tprometheus.DefaultRegisterer.Register(m.userRegistrations) //nolint:errcheck\n134: \t\tprometheus.DefaultRegisterer.Register(m.userLogins) //nolint:errcheck\n135: \t\tprometheus.DefaultRegisterer.Register(m.activeUsers) //nolint:errcheck\n",
"line": "134",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\metrics.go",
"code": "132: \t\tprometheus.DefaultRegisterer.Register(m.dbQueryDuration) //nolint:errcheck\n133: \t\tprometheus.DefaultRegisterer.Register(m.userRegistrations) //nolint:errcheck\n134: \t\tprometheus.DefaultRegisterer.Register(m.userLogins) //nolint:errcheck\n",
"line": "133",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\metrics.go",
"code": "131: \t\tprometheus.DefaultRegisterer.Register(m.dbQueriesTotal) //nolint:errcheck\n132: \t\tprometheus.DefaultRegisterer.Register(m.dbQueryDuration) //nolint:errcheck\n133: \t\tprometheus.DefaultRegisterer.Register(m.userRegistrations) //nolint:errcheck\n",
"line": "132",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\metrics.go",
"code": "130: \t\tprometheus.DefaultRegisterer.Register(m.httpRequestDuration) //nolint:errcheck\n131: \t\tprometheus.DefaultRegisterer.Register(m.dbQueriesTotal) //nolint:errcheck\n132: \t\tprometheus.DefaultRegisterer.Register(m.dbQueryDuration) //nolint:errcheck\n",
"line": "131",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\metrics.go",
"code": "129: \t\tprometheus.DefaultRegisterer.Register(m.httpRequestsTotal) //nolint:errcheck\n130: \t\tprometheus.DefaultRegisterer.Register(m.httpRequestDuration) //nolint:errcheck\n131: \t\tprometheus.DefaultRegisterer.Register(m.dbQueriesTotal) //nolint:errcheck\n",
"line": "130",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\metrics.go",
"code": "128: \t\t// 将私有 registry 的指标也注册到默认 registry\n129: \t\tprometheus.DefaultRegisterer.Register(m.httpRequestsTotal) //nolint:errcheck\n130: \t\tprometheus.DefaultRegisterer.Register(m.httpRequestDuration) //nolint:errcheck\n",
"line": "129",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\auth\\cas.go",
"code": "118: \t\t\t\tvar userID int64\n119: \t\t\t\tfmt.Sscanf(userIDStr, \"%d\", \u0026userID)\n120: \t\t\t\tresp.UserID = userID\n",
"line": "119",
"column": "5",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\api\\middleware\\response_wrapper.go",
"code": "118: \t\twrapper.ResponseWriter.WriteHeader(wrapper.statusCode)\n119: \t\twrapper.ResponseWriter.Write(wrappedBytes)\n120: \t}\n",
"line": "119",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\api\\middleware\\response_wrapper.go",
"code": "111: \t\t\twrapper.ResponseWriter.WriteHeader(wrapper.statusCode)\n112: \t\t\twrapper.ResponseWriter.Write(bodyBytes)\n113: \t\t\treturn\n",
"line": "112",
"column": "4",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\api\\middleware\\response_wrapper.go",
"code": "96: \t\t\t\twrapper.ResponseWriter.WriteHeader(wrapper.statusCode)\n97: \t\t\t\twrapper.ResponseWriter.Write(bodyBytes)\n98: \t\t\t\treturn\n",
"line": "97",
"column": "5",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\api\\middleware\\response_wrapper.go",
"code": "86: \t\t\twrapper.ResponseWriter.WriteHeader(wrapper.statusCode)\n87: \t\t\twrapper.ResponseWriter.Write(bodyBytes)\n88: \t\t\treturn\n",
"line": "87",
"column": "4",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\api\\middleware\\response_wrapper.go",
"code": "69: \t\t\twrapper.ResponseWriter.WriteHeader(wrapper.statusCode)\n70: \t\t\twrapper.ResponseWriter.Write(wrapper.body.Bytes())\n71: \t\t\treturn\n",
"line": "70",
"column": "4",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\api\\middleware\\response_wrapper.go",
"code": "61: \t\t\twrapper.ResponseWriter.WriteHeader(wrapper.statusCode)\n62: \t\t\twrapper.ResponseWriter.Write(wrapper.body.Bytes())\n63: \t\t\treturn\n",
"line": "62",
"column": "4",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\api\\handler\\sso_handler.go",
"code": "244: \n245: \th.ssoManager.RevokeToken(req.Token)\n246: \n",
"line": "245",
"column": "2",
"nosec": false,
"suppressions": null
}
],
"Stats": {
"files": 177,
"lines": 36807,
"nosec": 0,
"found": 90
},
"GosecVersion": "dev"
}
Reference in New Issue Copy Permalink