XR007

package

v0.28.2 Latest Latest Go to latest Published: Aug 25, 2022 License: MPL-2.0 Imports: 3 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/manicminer/tfproviderlint

Links

Open Source Insights

README ¶

XR007

The XR007 analyzer reports usage of the os/exec.Command() function. Providers that are using Go language based SDKs likely want to prevent any execution of other binaries for various reasons such as security and unexpected requirements (e.g. tool installation outside Terraform).

Flagged Code

var sneaky = exec.Command

sneaky("evilprogram")

exec.Command("evilprogram")

Passing Code

// Not present :)

Ignoring Reports

Singular reports can be ignored by adding the a //lintignore:XR007 Go code comment at the end of the offending line or on the line immediately proceding, e.g.

//lintignore:XR007
exec.Command("evilprogram")

Documentation ¶

Index ¶

Variables

Constants ¶

This section is empty.

Variables ¶

View Source

var Analyzer = analysisutils.AvoidSelectorExprAnalyzer(
	"XR007",
	osexeccommandcallexpr.Analyzer,
	osexeccommandselectorexpr.Analyzer,
	"os/exec",
	"Command",
)

Functions ¶

This section is empty.

Types ¶

This section is empty.

Source Files ¶

View all Source files

XR007.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL