long-agent/user-system
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
abcbc4e58dbbb64f2c586bd3ac2303cdfd9ed30e
user-system/gosec-report.json
long-agent a3e090e821 test: add service layer unit tests for webhook/metadata/error/config 
- webhook_service_test.go: isPrivateIP, isSafeURL, computeHMAC
- request_metadata_test.go: context functions
- classified_error_test.go: error types
- config_defaults_test.go: password reset/SMS defaults
- email_config_test.go: email code defaults
- auth_runtime_test.go: isUserNotFoundError

Service coverage: 11.2% -> 14.7%
2026-04-09 15:30:26 +08:00

1454 lines
51 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{
"Golang errors": {},
"Issues": [
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion uint64 -\u003e uint8",
"file": "D:\\project\\internal\\auth\\password.go",
"code": "105: \t\tcase \"p\":\n106: \t\t\tparallelism = uint8(val)\n107: \t\t}\n",
"line": "106",
"column": "23",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion uint64 -\u003e uint32",
"file": "D:\\project\\internal\\auth\\password.go",
"code": "103: \t\tcase \"t\":\n104: \t\t\titerations = uint32(val)\n105: \t\tcase \"p\":\n",
"line": "104",
"column": "23",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion uint64 -\u003e uint32",
"file": "D:\\project\\internal\\auth\\password.go",
"code": "101: \t\tcase \"m\":\n102: \t\t\tmemory = uint32(val)\n103: \t\tcase \"t\":\n",
"line": "102",
"column": "19",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion uint64 -\u003e int64",
"file": "D:\\project\\internal\\pkg\\antigravity\\request_transformer.go",
"code": "29: \t\t\t\th := sha256.Sum256([]byte(text))\n30: \t\t\t\tn := int64(binary.BigEndian.Uint64(h[:8])) \u0026 0x7FFFFFFFFFFFFFFF\n31: \t\t\t\treturn \"-\" + strconv.FormatInt(n, 10)\n",
"line": "30",
"column": "15",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion uint64 -\u003e int",
"file": "D:\\project\\internal\\pkg\\antigravity\\response_transformer.go",
"code": "364: \t\t\tseed ^= seed \u003c\u003c 17\n365: \t\t\tid[i] = chars[int(seed)%len(chars)]\n366: \t\t}\n",
"line": "365",
"column": "21",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion rune -\u003e byte",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "197: \t\ty := 8 + rng.Intn(12)\n198: \t\tdrawChar(img, x, y, byte(ch), charColor)\n199: \t}\n",
"line": "198",
"column": "27",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "206: \t\t\tB: uint8(rng.Intn(255)),\n207: \t\t\tA: uint8(100 + rng.Intn(100)),\n208: \t\t}\n",
"line": "207",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "205: \t\t\tG: uint8(rng.Intn(255)),\n206: \t\t\tB: uint8(rng.Intn(255)),\n207: \t\t\tA: uint8(100 + rng.Intn(100)),\n",
"line": "206",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "204: \t\t\tR: uint8(rng.Intn(255)),\n205: \t\t\tG: uint8(rng.Intn(255)),\n206: \t\t\tB: uint8(rng.Intn(255)),\n",
"line": "205",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "203: \t\tdotColor := color.RGBA{\n204: \t\t\tR: uint8(rng.Intn(255)),\n205: \t\t\tG: uint8(rng.Intn(255)),\n",
"line": "204",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "192: \t\t\tG: uint8(rng.Intn(150)),\n193: \t\t\tB: uint8(rng.Intn(150)),\n194: \t\t\tA: 255,\n",
"line": "193",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "191: \t\t\tR: uint8(rng.Intn(150)),\n192: \t\t\tG: uint8(rng.Intn(150)),\n193: \t\t\tB: uint8(rng.Intn(150)),\n",
"line": "192",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "190: \t\tcharColor := color.RGBA{\n191: \t\t\tR: uint8(rng.Intn(150)),\n192: \t\t\tG: uint8(rng.Intn(150)),\n",
"line": "191",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "177: \t\t\tG: uint8(rng.Intn(200)),\n178: \t\t\tB: uint8(rng.Intn(200)),\n179: \t\t\tA: 255,\n",
"line": "178",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "176: \t\t\tR: uint8(rng.Intn(200)),\n177: \t\t\tG: uint8(rng.Intn(200)),\n178: \t\t\tB: uint8(rng.Intn(200)),\n",
"line": "177",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "175: \t\tlineColor := color.RGBA{\n176: \t\t\tR: uint8(rng.Intn(200)),\n177: \t\t\tG: uint8(rng.Intn(200)),\n",
"line": "176",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "167: \t\tG: uint8(220 + rng.Intn(35)),\n168: \t\tB: uint8(220 + rng.Intn(35)),\n169: \t\tA: 255,\n",
"line": "168",
"column": "11",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "166: \t\tR: uint8(220 + rng.Intn(35)),\n167: \t\tG: uint8(220 + rng.Intn(35)),\n168: \t\tB: uint8(220 + rng.Intn(35)),\n",
"line": "167",
"column": "11",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint8",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "165: \tbgColor := color.RGBA{\n166: \t\tR: uint8(220 + rng.Intn(35)),\n167: \t\tG: uint8(220 + rng.Intn(35)),\n",
"line": "166",
"column": "11",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint32",
"file": "D:\\project\\internal\\auth\\password.go",
"code": "126: \t\tparallelism,\n127: \t\tuint32(len(storedHash)),\n128: \t)\n",
"line": "127",
"column": "9",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint",
"file": "D:\\project\\internal\\service\\webhook.go",
"code": "267: \t\t} else {\n268: \t\t\tbackoff = time.Duration(1\u003c\u003cuint(task.attempt)) * time.Second\n269: \t\t}\n",
"line": "268",
"column": "35",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint",
"file": "D:\\project\\internal\\pkg\\geminicli\\drive_client.go",
"code": "98: \t\t\t\tdefer func() { _ = resp.Body.Close() }()\n99: \t\t\t\tbackoff := time.Duration(1\u003c\u003cuint(attempt)) * time.Second\n100: \t\t\t\tjitter := time.Duration(rng.Intn(1000)) * time.Millisecond\n",
"line": "99",
"column": "37",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e uint",
"file": "D:\\project\\internal\\pkg\\geminicli\\drive_client.go",
"code": "76: \t\t\tif attempt \u003c maxRetries-1 {\n77: \t\t\t\tbackoff := time.Duration(1\u003c\u003cuint(attempt)) * time.Second\n78: \t\t\t\tjitter := time.Duration(rng.Intn(1000)) * time.Millisecond\n",
"line": "77",
"column": "37",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "190",
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
"rule_id": "G115",
"details": "integer overflow conversion int -\u003e int32",
"file": "D:\\project\\internal\\pkg\\errors\\errors.go",
"code": "78: \t\tStatus: Status{\n79: \t\t\tCode: int32(code),\n80: \t\t\tMessage: message,\n",
"line": "79",
"column": "18",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "338",
"url": "https://cwe.mitre.org/data/definitions/338.html"
},
"rule_id": "G404",
"details": "Use of weak random number generator (math/rand or math/rand/v2 instead of crypto/rand)",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "163: \t// 随机背景色(浅色)\n164: \trng := rand.New(rand.NewSource(time.Now().UnixNano()))\n165: \tbgColor := color.RGBA{\n",
"line": "164",
"column": "9",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "338",
"url": "https://cwe.mitre.org/data/definitions/338.html"
},
"rule_id": "G404",
"details": "Use of weak random number generator (math/rand or math/rand/v2 instead of crypto/rand)",
"file": "D:\\project\\internal\\pkg\\geminicli\\drive_client.go",
"code": "66: \tmaxRetries := 3\n67: \trng := rand.New(rand.NewSource(time.Now().UnixNano()))\n68: \tfor attempt := 0; attempt \u003c maxRetries; attempt++ {\n",
"line": "67",
"column": "9",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "338",
"url": "https://cwe.mitre.org/data/definitions/338.html"
},
"rule_id": "G404",
"details": "Use of weak random number generator (math/rand or math/rand/v2 instead of crypto/rand)",
"file": "D:\\project\\internal\\pkg\\antigravity\\request_transformer.go",
"code": "18: var (\n19: \tsessionRand = rand.New(rand.NewSource(time.Now().UnixNano()))\n20: \tsessionRandMutex sync.Mutex\n",
"line": "19",
"column": "21",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials: Google Cloud Platform OAuth",
"file": "D:\\project\\internal\\pkg\\geminicli\\constants.go",
"code": "40: \t// restrict which scopes are allowed for this client.\n41: \tGeminiCLIOAuthClientID = \"681255809395-oo8ft2oprdrnp9e3aqf6av3hmdib135j.apps.googleusercontent.com\"\n42: \tGeminiCLIOAuthClientSecret = \"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\"\n",
"line": "41",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials: Google Cloud Platform OAuth",
"file": "D:\\project\\internal\\pkg\\antigravity\\oauth.go",
"code": "25: \t// Antigravity OAuth 客户端凭证\n26: \tClientID = \"1071006060591-tmhssin2h21lcre235vtolojh4g403ep.apps.googleusercontent.com\"\n27: \n",
"line": "26",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\service\\webhook.go",
"code": "98: func defaultWebhookServiceConfig() WebhookServiceConfig {\n99: \treturn WebhookServiceConfig{\n100: \t\tEnabled: true,\n101: \t\tSecretHeader: \"X-Webhook-Signature\",\n102: \t\tTimeoutSec: 10,\n103: \t\tMaxRetries: 3,\n104: \t\tRetryBackoff: \"exponential\",\n105: \t\tWorkerCount: 4,\n106: \t\tQueueSize: 1000,\n107: \t}\n108: }\n",
"line": "99-107",
"column": "9",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\service\\auth.go",
"code": "22: \tuserInfoCachePrefix = \"auth_user_info:\"\n23: \ttokenBlacklistPrefix = \"auth_token_blacklist:\"\n24: \tdefaultUserCacheTTL = 15 * time.Minute\n",
"line": "23",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\pkg\\openai\\oauth.go",
"code": "24: \tAuthorizeURL = \"https://auth.openai.com/oauth/authorize\"\n25: \tTokenURL = \"https://auth.openai.com/oauth/token\"\n26: \n",
"line": "25",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\pkg\\oauth\\oauth.go",
"code": "22: \tAuthorizeURL = \"https://claude.ai/oauth/authorize\"\n23: \tTokenURL = \"https://platform.claude.com/v1/oauth/token\"\n24: \tRedirectURI = \"https://platform.claude.com/oauth/code/callback\"\n",
"line": "23",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\pkg\\geminicli\\constants.go",
"code": "44: \t// GeminiCLIOAuthClientSecretEnv is the environment variable name for the built-in client secret.\n45: \tGeminiCLIOAuthClientSecretEnv = \"GEMINI_CLI_OAUTH_CLIENT_SECRET\"\n46: \n",
"line": "45",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\pkg\\geminicli\\constants.go",
"code": "41: \tGeminiCLIOAuthClientID = \"681255809395-oo8ft2oprdrnp9e3aqf6av3hmdib135j.apps.googleusercontent.com\"\n42: \tGeminiCLIOAuthClientSecret = \"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\"\n43: \n",
"line": "42",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\pkg\\geminicli\\constants.go",
"code": "10: \tAuthorizeURL = \"https://accounts.google.com/o/oauth2/v2/auth\"\n11: \tTokenURL = \"https://oauth2.googleapis.com/token\"\n12: \n",
"line": "11",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\pkg\\ctxkey\\ctxkey.go",
"code": "41: \t// 用于 ClaudeCodeOnly 验证绕过(绕过 system prompt 检查,但仍需验证 User-Agent\n42: \tIsMaxTokensOneHaikuRequest Key = \"ctx_is_max_tokens_one_haiku\"\n43: \n",
"line": "42",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\pkg\\antigravity\\oauth.go",
"code": "55: // defaultClientSecret 可通过环境变量 ANTIGRAVITY_OAUTH_CLIENT_SECRET 配置\n56: var defaultClientSecret = \"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\"\n57: \n",
"line": "56",
"column": "5",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\pkg\\antigravity\\oauth.go",
"code": "28: \t// AntigravityOAuthClientSecretEnv 是 Antigravity OAuth client_secret 的环境变量名。\n29: \tAntigravityOAuthClientSecretEnv = \"ANTIGRAVITY_OAUTH_CLIENT_SECRET\"\n30: \n",
"line": "29",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\pkg\\antigravity\\oauth.go",
"code": "21: \tAuthorizeURL = \"https://accounts.google.com/o/oauth2/v2/auth\"\n22: \tTokenURL = \"https://oauth2.googleapis.com/token\"\n23: \tUserInfoURL = \"https://www.googleapis.com/oauth2/v2/userinfo\"\n",
"line": "22",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\providers\\weibo.go",
"code": "90: func (w *WeiboProvider) ExchangeCode(ctx context.Context, code string) (*WeiboTokenResponse, error) {\n91: \ttokenURL := \"https://api.weibo.com/oauth2/access_token\"\n92: \n",
"line": "91",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\providers\\twitter.go",
"code": "201: func (t *TwitterProvider) RefreshToken(ctx context.Context, refreshToken string) (*TwitterTokenResponse, error) {\n202: \ttokenURL := \"https://api.twitter.com/2/oauth2/token\"\n203: \n",
"line": "202",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\providers\\twitter.go",
"code": "128: func (t *TwitterProvider) ExchangeCode(ctx context.Context, code, codeVerifier string) (*TwitterTokenResponse, error) {\n129: \ttokenURL := \"https://api.twitter.com/2/oauth2/token\"\n130: \n",
"line": "129",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\providers\\google.go",
"code": "146: func (g *GoogleProvider) RefreshToken(ctx context.Context, refreshToken string) (*GoogleTokenResponse, error) {\n147: \ttokenURL := \"https://oauth2.googleapis.com/token\"\n148: \n",
"line": "147",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\providers\\google.go",
"code": "86: func (g *GoogleProvider) ExchangeCode(ctx context.Context, code string) (*GoogleTokenResponse, error) {\n87: \ttokenURL := \"https://oauth2.googleapis.com/token\"\n88: \n",
"line": "87",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\providers\\github.go",
"code": "59: func (g *GitHubProvider) ExchangeCode(ctx context.Context, code string) (*GitHubTokenResponse, error) {\n60: \ttokenURL := \"https://github.com/login/oauth/access_token\"\n61: \n",
"line": "60",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\providers\\douyin.go",
"code": "70: func (d *DouyinProvider) ExchangeCode(ctx context.Context, code string) (*DouyinTokenResponse, error) {\n71: \ttokenURL := \"https://open.douyin.com/oauth/access_token/\"\n72: \n",
"line": "71",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\oauth_config.go",
"code": "199: \t\t},\n200: \t\tTwitter: TwitterOAuthConfig{\n201: \t\t\tEnabled: getEnvBool(\"TWITTER_OAUTH_ENABLED\", false),\n202: \t\t\tClientID: getEnv(\"TWITTER_CLIENT_ID\", \"\"),\n203: \t\t\tClientSecret: getEnv(\"TWITTER_CLIENT_SECRET\", \"\"),\n204: \t\t\tAuthURL: \"https://twitter.com/i/oauth2/authorize\",\n205: \t\t\tTokenURL: \"https://api.twitter.com/2/oauth2/token\",\n206: \t\t\tUserInfoURL: \"https://api.twitter.com/2/users/me\",\n207: \t\t},\n208: \t}\n",
"line": "200-207",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\oauth_config.go",
"code": "190: \t\t},\n191: \t\tWeibo: WeiboOAuthConfig{\n192: \t\t\tEnabled: getEnvBool(\"WEIBO_OAUTH_ENABLED\", false),\n193: \t\t\tAppKey: getEnv(\"WEIBO_APP_KEY\", \"\"),\n194: \t\t\tAppSecret: getEnv(\"WEIBO_APP_SECRET\", \"\"),\n195: \t\t\tRedirectURI: getEnv(\"WEIBO_REDIRECT_URI\", \"\"),\n196: \t\t\tAuthURL: \"https://api.weibo.com/oauth2/authorize\",\n197: \t\t\tTokenURL: \"https://api.weibo.com/oauth2/access_token\",\n198: \t\t\tUserInfoURL: \"https://api.weibo.com/2/users/show.json\",\n199: \t\t},\n200: \t\tTwitter: TwitterOAuthConfig{\n",
"line": "191-199",
"column": "10",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\oauth_config.go",
"code": "179: \t\t},\n180: \t\tQQ: QQOAuthConfig{\n181: \t\t\tEnabled: getEnvBool(\"QQ_OAUTH_ENABLED\", false),\n182: \t\t\tAppID: getEnv(\"QQ_APP_ID\", \"\"),\n183: \t\t\tAppKey: getEnv(\"QQ_APP_KEY\", \"\"),\n184: \t\t\tAppSecret: getEnv(\"QQ_APP_SECRET\", \"\"),\n185: \t\t\tRedirectURI: getEnv(\"QQ_REDIRECT_URI\", \"\"),\n186: \t\t\tAuthURL: \"https://graph.qq.com/oauth2.0/authorize\",\n187: \t\t\tTokenURL: \"https://graph.qq.com/oauth2.0/token\",\n188: \t\t\tOpenIDURL: \"https://graph.qq.com/oauth2.0/me\",\n189: \t\t\tUserInfoURL: \"https://graph.qq.com/user/get_user_info\",\n190: \t\t},\n191: \t\tWeibo: WeiboOAuthConfig{\n",
"line": "180-190",
"column": "7",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\oauth_config.go",
"code": "171: \t\t},\n172: \t\tFacebook: FacebookOAuthConfig{\n173: \t\t\tEnabled: getEnvBool(\"FACEBOOK_OAUTH_ENABLED\", false),\n174: \t\t\tAppID: getEnv(\"FACEBOOK_APP_ID\", \"\"),\n175: \t\t\tAppSecret: getEnv(\"FACEBOOK_APP_SECRET\", \"\"),\n176: \t\t\tAuthURL: \"https://www.facebook.com/v18.0/dialog/oauth\",\n177: \t\t\tTokenURL: \"https://graph.facebook.com/v18.0/oauth/access_token\",\n178: \t\t\tUserInfoURL: \"https://graph.facebook.com/v18.0/me?fields=id,name,email,picture\",\n179: \t\t},\n180: \t\tQQ: QQOAuthConfig{\n",
"line": "172-179",
"column": "13",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\oauth_config.go",
"code": "162: \t\t},\n163: \t\tGoogle: GoogleOAuthConfig{\n164: \t\t\tEnabled: getEnvBool(\"GOOGLE_OAUTH_ENABLED\", false),\n165: \t\t\tClientID: getEnv(\"GOOGLE_CLIENT_ID\", \"\"),\n166: \t\t\tClientSecret: getEnv(\"GOOGLE_CLIENT_SECRET\", \"\"),\n167: \t\t\tAuthURL: \"https://accounts.google.com/o/oauth2/v2/auth\",\n168: \t\t\tTokenURL: \"https://oauth2.googleapis.com/token\",\n169: \t\t\tUserInfoURL: \"https://www.googleapis.com/oauth2/v2/userinfo\",\n170: \t\t\tJWTAuthURL: \"https://oauth2.googleapis.com/tokeninfo\",\n171: \t\t},\n172: \t\tFacebook: FacebookOAuthConfig{\n",
"line": "163-171",
"column": "11",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "LOW",
"cwe": {
"id": "798",
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
"rule_id": "G101",
"details": "Potential hardcoded credentials",
"file": "D:\\project\\internal\\auth\\oauth_config.go",
"code": "154: \t\t},\n155: \t\tWeChat: WeChatOAuthConfig{\n156: \t\t\tEnabled: getEnvBool(\"WECHAT_OAUTH_ENABLED\", false),\n157: \t\t\tAppID: getEnv(\"WECHAT_APP_ID\", \"\"),\n158: \t\t\tAppSecret: getEnv(\"WECHAT_APP_SECRET\", \"\"),\n159: \t\t\tAuthURL: \"https://open.weixin.qq.com/connect/qrconnect\",\n160: \t\t\tTokenURL: \"https://api.weixin.qq.com/sns/oauth2/access_token\",\n161: \t\t\tUserInfoURL: \"https://api.weixin.qq.com/sns/userinfo\",\n162: \t\t},\n163: \t\tGoogle: GoogleOAuthConfig{\n",
"line": "155-162",
"column": "11",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "400",
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
"rule_id": "G118",
"details": "Goroutine uses context.Background/TODO while request-scoped context is available",
"file": "D:\\project\\internal\\service\\user_service.go",
"code": "84: \n85: \t\tgo func() {\n86: \t\t\t// 使用带超时的独立 context不能使用请求 ctx该 goroutine 在请求完成后仍可能运行)\n",
"line": "85",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "400",
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
"rule_id": "G118",
"details": "Goroutine uses context.Background/TODO while request-scoped context is available",
"file": "D:\\project\\internal\\service\\password_reset.go",
"code": "293: \tif s.passwordHistoryRepo != nil {\n294: \t\tgo func() {\n295: \t\t\t// 使用带超时的独立 context防止 DB 写入无限等待\n",
"line": "294",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "400",
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
"rule_id": "G118",
"details": "Goroutine uses context.Background/TODO while request-scoped context is available",
"file": "D:\\project\\internal\\service\\auth_email.go",
"code": "92: \t\t// 使用独立上下文避免请求结束后被取消\n93: \t\tgo func() {\n94: \t\t\tbgCtx, cancel := context.WithTimeout(context.Background(), 30*time.Second)\n",
"line": "93",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "HIGH",
"confidence": "MEDIUM",
"cwe": {
"id": "400",
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
"rule_id": "G118",
"details": "Goroutine uses context.Background/TODO while request-scoped context is available",
"file": "D:\\project\\internal\\service\\auth.go",
"code": "481: \n482: \tgo func() {\n483: \t\t// 使用带超时的独立 context防止日志写入无限等待\n",
"line": "482",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "MEDIUM",
"confidence": "HIGH",
"cwe": {
"id": "22",
"url": "https://cwe.mitre.org/data/definitions/22.html"
},
"rule_id": "G304",
"details": "Potential file inclusion via variable",
"file": "D:\\project\\internal\\auth\\oauth_config.go",
"code": "129: \t\t// 从文件加载配置\n130: \t\tdata, readErr := os.ReadFile(configPath)\n131: \t\tif readErr != nil {\n",
"line": "130",
"column": "20",
"nosec": false,
"suppressions": null,
"autofix": "Consider using os.Root to scope file access under a fixed root (Go \u003e=1.24). Prefer root.Open/root.Stat over os.Open/os.Stat to prevent directory traversal."
},
{
"severity": "MEDIUM",
"confidence": "HIGH",
"cwe": {
"id": "22",
"url": "https://cwe.mitre.org/data/definitions/22.html"
},
"rule_id": "G304",
"details": "Potential file inclusion via variable",
"file": "D:\\project\\internal\\auth\\jwt.go",
"code": "234: \t}\n235: \tdata, err := os.ReadFile(path)\n236: \tif err != nil {\n",
"line": "235",
"column": "15",
"nosec": false,
"suppressions": null,
"autofix": "Consider using os.Root to scope file access under a fixed root (Go \u003e=1.24). Prefer root.Open/root.Stat over os.Open/os.Stat to prevent directory traversal."
},
{
"severity": "MEDIUM",
"confidence": "HIGH",
"cwe": {
"id": "276",
"url": "https://cwe.mitre.org/data/definitions/276.html"
},
"rule_id": "G306",
"details": "Expect WriteFile permissions to be 0600 or less",
"file": "D:\\project\\internal\\auth\\jwt.go",
"code": "218: \t}\n219: \tif err := os.WriteFile(publicPath, publicPEM, 0o644); err != nil {\n220: \t\treturn \"\", \"\", err\n",
"line": "219",
"column": "12",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\service\\webhook.go",
"code": "246: \tvar respBuf bytes.Buffer\n247: \trespBuf.ReadFrom(resp.Body)\n248: \tsuccess := resp.StatusCode \u003e= 200 \u0026\u0026 resp.StatusCode \u003c 300\n",
"line": "247",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\service\\password_reset.go",
"code": "254: \ts.cache.Delete(ctx, codeKey)\n255: \ts.cache.Delete(ctx, cacheKey)\n256: \n",
"line": "255",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\service\\password_reset.go",
"code": "253: \t// 清理验证码\n254: \ts.cache.Delete(ctx, codeKey)\n255: \ts.cache.Delete(ctx, cacheKey)\n",
"line": "254",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "90: \t// 删除验证码(一次性使用)\n91: \ts.cache.Delete(ctx, cacheKey)\n92: \n",
"line": "91",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\service\\captcha.go",
"code": "69: \tcacheKey := \"captcha:\" + captchaID\n70: \ts.cache.Set(ctx, cacheKey, strings.ToLower(text), captchaTTL, captchaTTL)\n71: \n",
"line": "70",
"column": "2",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\slo.go",
"code": "130: \t\tprometheus.DefaultRegisterer.Register(m.AnomalyDetectedTotal) //nolint:errcheck\n131: \t\tprometheus.DefaultRegisterer.Register(m.ErrorBudgetBurnRate) //nolint:errcheck\n132: \t\tglobalSLOMetrics = m\n",
"line": "131",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\slo.go",
"code": "129: \t\tprometheus.DefaultRegisterer.Register(m.AccountLockTotal) //nolint:errcheck\n130: \t\tprometheus.DefaultRegisterer.Register(m.AnomalyDetectedTotal) //nolint:errcheck\n131: \t\tprometheus.DefaultRegisterer.Register(m.ErrorBudgetBurnRate) //nolint:errcheck\n",
"line": "130",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\slo.go",
"code": "128: \t\tprometheus.DefaultRegisterer.Register(m.TokenRefreshTotal) //nolint:errcheck\n129: \t\tprometheus.DefaultRegisterer.Register(m.AccountLockTotal) //nolint:errcheck\n130: \t\tprometheus.DefaultRegisterer.Register(m.AnomalyDetectedTotal) //nolint:errcheck\n",
"line": "129",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\slo.go",
"code": "127: \t\tprometheus.DefaultRegisterer.Register(m.DBConnectionsMax) //nolint:errcheck\n128: \t\tprometheus.DefaultRegisterer.Register(m.TokenRefreshTotal) //nolint:errcheck\n129: \t\tprometheus.DefaultRegisterer.Register(m.AccountLockTotal) //nolint:errcheck\n",
"line": "128",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\slo.go",
"code": "126: \t\tprometheus.DefaultRegisterer.Register(m.DBConnectionsActive) //nolint:errcheck\n127: \t\tprometheus.DefaultRegisterer.Register(m.DBConnectionsMax) //nolint:errcheck\n128: \t\tprometheus.DefaultRegisterer.Register(m.TokenRefreshTotal) //nolint:errcheck\n",
"line": "127",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\slo.go",
"code": "125: \t\tprometheus.DefaultRegisterer.Register(m.CacheOperationsTotal) //nolint:errcheck\n126: \t\tprometheus.DefaultRegisterer.Register(m.DBConnectionsActive) //nolint:errcheck\n127: \t\tprometheus.DefaultRegisterer.Register(m.DBConnectionsMax) //nolint:errcheck\n",
"line": "126",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\slo.go",
"code": "124: \t\tprometheus.DefaultRegisterer.Register(m.CacheHitsTotal) //nolint:errcheck\n125: \t\tprometheus.DefaultRegisterer.Register(m.CacheOperationsTotal) //nolint:errcheck\n126: \t\tprometheus.DefaultRegisterer.Register(m.DBConnectionsActive) //nolint:errcheck\n",
"line": "125",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\slo.go",
"code": "123: \t\t// 注册到默认 registry 以便 /metrics 端点暴露\n124: \t\tprometheus.DefaultRegisterer.Register(m.CacheHitsTotal) //nolint:errcheck\n125: \t\tprometheus.DefaultRegisterer.Register(m.CacheOperationsTotal) //nolint:errcheck\n",
"line": "124",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\metrics.go",
"code": "136: \t\tprometheus.DefaultRegisterer.Register(m.systemMemoryUsage) //nolint:errcheck\n137: \t\tprometheus.DefaultRegisterer.Register(m.systemGoroutines) //nolint:errcheck\n138: \t\tglobalMetrics = m\n",
"line": "137",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\metrics.go",
"code": "135: \t\tprometheus.DefaultRegisterer.Register(m.activeUsers) //nolint:errcheck\n136: \t\tprometheus.DefaultRegisterer.Register(m.systemMemoryUsage) //nolint:errcheck\n137: \t\tprometheus.DefaultRegisterer.Register(m.systemGoroutines) //nolint:errcheck\n",
"line": "136",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\metrics.go",
"code": "134: \t\tprometheus.DefaultRegisterer.Register(m.userLogins) //nolint:errcheck\n135: \t\tprometheus.DefaultRegisterer.Register(m.activeUsers) //nolint:errcheck\n136: \t\tprometheus.DefaultRegisterer.Register(m.systemMemoryUsage) //nolint:errcheck\n",
"line": "135",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\metrics.go",
"code": "133: \t\tprometheus.DefaultRegisterer.Register(m.userRegistrations) //nolint:errcheck\n134: \t\tprometheus.DefaultRegisterer.Register(m.userLogins) //nolint:errcheck\n135: \t\tprometheus.DefaultRegisterer.Register(m.activeUsers) //nolint:errcheck\n",
"line": "134",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\metrics.go",
"code": "132: \t\tprometheus.DefaultRegisterer.Register(m.dbQueryDuration) //nolint:errcheck\n133: \t\tprometheus.DefaultRegisterer.Register(m.userRegistrations) //nolint:errcheck\n134: \t\tprometheus.DefaultRegisterer.Register(m.userLogins) //nolint:errcheck\n",
"line": "133",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\metrics.go",
"code": "131: \t\tprometheus.DefaultRegisterer.Register(m.dbQueriesTotal) //nolint:errcheck\n132: \t\tprometheus.DefaultRegisterer.Register(m.dbQueryDuration) //nolint:errcheck\n133: \t\tprometheus.DefaultRegisterer.Register(m.userRegistrations) //nolint:errcheck\n",
"line": "132",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\metrics.go",
"code": "130: \t\tprometheus.DefaultRegisterer.Register(m.httpRequestDuration) //nolint:errcheck\n131: \t\tprometheus.DefaultRegisterer.Register(m.dbQueriesTotal) //nolint:errcheck\n132: \t\tprometheus.DefaultRegisterer.Register(m.dbQueryDuration) //nolint:errcheck\n",
"line": "131",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\metrics.go",
"code": "129: \t\tprometheus.DefaultRegisterer.Register(m.httpRequestsTotal) //nolint:errcheck\n130: \t\tprometheus.DefaultRegisterer.Register(m.httpRequestDuration) //nolint:errcheck\n131: \t\tprometheus.DefaultRegisterer.Register(m.dbQueriesTotal) //nolint:errcheck\n",
"line": "130",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\monitoring\\metrics.go",
"code": "128: \t\t// 将私有 registry 的指标也注册到默认 registry\n129: \t\tprometheus.DefaultRegisterer.Register(m.httpRequestsTotal) //nolint:errcheck\n130: \t\tprometheus.DefaultRegisterer.Register(m.httpRequestDuration) //nolint:errcheck\n",
"line": "129",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\auth\\cas.go",
"code": "118: \t\t\t\tvar userID int64\n119: \t\t\t\tfmt.Sscanf(userIDStr, \"%d\", \u0026userID)\n120: \t\t\t\tresp.UserID = userID\n",
"line": "119",
"column": "5",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\api\\middleware\\response_wrapper.go",
"code": "118: \t\twrapper.ResponseWriter.WriteHeader(wrapper.statusCode)\n119: \t\twrapper.ResponseWriter.Write(wrappedBytes)\n120: \t}\n",
"line": "119",
"column": "3",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\api\\middleware\\response_wrapper.go",
"code": "111: \t\t\twrapper.ResponseWriter.WriteHeader(wrapper.statusCode)\n112: \t\t\twrapper.ResponseWriter.Write(bodyBytes)\n113: \t\t\treturn\n",
"line": "112",
"column": "4",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\api\\middleware\\response_wrapper.go",
"code": "96: \t\t\t\twrapper.ResponseWriter.WriteHeader(wrapper.statusCode)\n97: \t\t\t\twrapper.ResponseWriter.Write(bodyBytes)\n98: \t\t\t\treturn\n",
"line": "97",
"column": "5",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\api\\middleware\\response_wrapper.go",
"code": "86: \t\t\twrapper.ResponseWriter.WriteHeader(wrapper.statusCode)\n87: \t\t\twrapper.ResponseWriter.Write(bodyBytes)\n88: \t\t\treturn\n",
"line": "87",
"column": "4",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\api\\middleware\\response_wrapper.go",
"code": "69: \t\t\twrapper.ResponseWriter.WriteHeader(wrapper.statusCode)\n70: \t\t\twrapper.ResponseWriter.Write(wrapper.body.Bytes())\n71: \t\t\treturn\n",
"line": "70",
"column": "4",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\api\\middleware\\response_wrapper.go",
"code": "61: \t\t\twrapper.ResponseWriter.WriteHeader(wrapper.statusCode)\n62: \t\t\twrapper.ResponseWriter.Write(wrapper.body.Bytes())\n63: \t\t\treturn\n",
"line": "62",
"column": "4",
"nosec": false,
"suppressions": null
},
{
"severity": "LOW",
"confidence": "HIGH",
"cwe": {
"id": "703",
"url": "https://cwe.mitre.org/data/definitions/703.html"
},
"rule_id": "G104",
"details": "Errors unhandled",
"file": "D:\\project\\internal\\api\\handler\\sso_handler.go",
"code": "244: \n245: \th.ssoManager.RevokeToken(req.Token)\n246: \n",
"line": "245",
"column": "2",
"nosec": false,
"suppressions": null
}
],
"Stats": {
"files": 177,
"lines": 36807,
"nosec": 0,
"found": 90
},
"GosecVersion": "dev"
}
Reference in New Issue View Git Blame Copy Permalink