diff --git a/get_vuln.go b/get_vuln.go index cacc4f6..364ebb8 100644 --- a/get_vuln.go +++ b/get_vuln.go @@ -4,6 +4,8 @@ import ( "context" "github.com/google/go-github/v57/github" "log" + // don't need cryptographically secure random here + // nosemgrep: go.lang.security.audit.crypto.math_random.math-random-used "math/rand/v2" "os" "path/filepath" diff --git a/main.go b/main.go index 801cf5a..f10d789 100644 --- a/main.go +++ b/main.go @@ -12,7 +12,9 @@ import ( "github.com/joho/godotenv" "golang.org/x/oauth2" "log" - "math/rand" + // don't need cryptographically secure random here + // nosemgrep: go.lang.security.audit.crypto.math_random.math-random-used + "math/rand/v2" "os" "strconv" "strings" @@ -43,7 +45,7 @@ func main() { _, pythonPackage, pythonVersion := getPythonVuln(githubPersonalAccessToken) - bugId := strconv.Itoa(rand.Intn(3000)) + bugId := strconv.Itoa(rand.IntN(3000)) if commitMsg == "" { commitMsg = generateCommit("Generate a short, complete commit message for a Git commit fixing a specific bug with bug ID" + bugId) @@ -79,7 +81,14 @@ func main() { return } } - + // ensure cleanup of repo folder + defer func() { + dirRemovalErr := os.RemoveAll("./terragoat") + if dirRemovalErr != nil { + log.Fatal(err) + } + fmt.Printf("Successfully removed directory.\n") + }() // Create and checkout new branch w, err := repo.Worktree() if err != nil { @@ -102,6 +111,10 @@ func main() { exampleFile := "./terragoat/example2.tf" fmt.Printf("Creating file: %s\n", exampleFile) content, err := os.ReadFile("new_resource.tf") + if err != nil { + fmt.Printf("Error opening file: %s\n", err) + return + } err = os.WriteFile(exampleFile, content, 0644) if err != nil { fmt.Printf("Error creating file: %s\n", err) @@ -173,12 +186,6 @@ func main() { fmt.Printf("Successfully created PR #%d\n", pr.GetNumber()) fmt.Printf("PR URL: %s\n", pr.GetHTMLURL()) - - dirRemovalErr := os.RemoveAll("./terragoat") - if dirRemovalErr != nil { - log.Fatal(err) - } - fmt.Printf("Successfully removed directory.\n") } func GetCode(branchPrefix string, repoURL string, githubPersonalAccessToken string) (string, *git.Repository, *http.BasicAuth, error) {