Skip to content

Fix: gosec issues, ran go fmt and added checkout action in forgbot scan PR#1528

Open
bhanurp wants to merge 1 commit intojfrog:masterfrom
bhanurp:fix-security-issues
Open

Fix: gosec issues, ran go fmt and added checkout action in forgbot scan PR#1528
bhanurp wants to merge 1 commit intojfrog:masterfrom
bhanurp:fix-security-issues

Conversation

@bhanurp
Copy link
Contributor

@bhanurp bhanurp commented Mar 16, 2026
edited
Loading

  • All tests passed. If this feature is not already covered by the tests, I added new tests.
  • All static analysis checks passed.
  • This pull request is on the master branch.
  • I used gofmt for formatting the code before submitting the pull request.

Description

  • Fixed go sec failures
  • Ran go fmt across the repository
  • Added actions/checkout action in frogbot scan pullrequest

@bhanurp bhanurp added the improvement Automatically generated release notes label Mar 16, 2026
@bhanurp bhanurp requested review from a team, agrasth, fluxxBot, itsmeleela, naveenku-jfrog and reshmifrog and removed request for a team March 16, 2026 08:40
agrasth
agrasth approved these changes Mar 16, 2026
View reviewed changes
common/tests/utils.go
specPath := filepath.Join(destPath, filepath.Base(path))
log.Info("Creating spec file at:", specPath)
// #nosec G703 G306 -- specPath is constructed from destPath within the test temp dir
err = os.WriteFile(specPath, content, 0700)
Copy link
Contributor

@agrasth agrasth Mar 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

File permissions of 0700 make the file executable. For a spec file (which is JSON/YAML), this is unnecessary and violates least-privilege. Should be 0644 or 0600.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@agrasth agrasth agrasth approved these changes

@itsmeleela itsmeleela Awaiting requested review from itsmeleela itsmeleela was automatically assigned from jfrog/ecomatrix

@fluxxBot fluxxBot Awaiting requested review from fluxxBot fluxxBot was automatically assigned from jfrog/ecomatrix

@reshmifrog reshmifrog Awaiting requested review from reshmifrog reshmifrog was automatically assigned from jfrog/ecomatrix

@naveenku-jfrog naveenku-jfrog Awaiting requested review from naveenku-jfrog naveenku-jfrog was automatically assigned from jfrog/ecomatrix

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

improvement Automatically generated release notes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bhanurp @agrasth