[PLUTO-1431] Go/gosec running

zhamborova · zhamborova · commit 25b8134ea6c8 · 2025-06-05T12:11:31.000+02:00
diff --git a/cmd/analyze.go b/cmd/analyze.go
@@ -5,6 +5,7 @@ import (
 	"codacy/cli-v2/domain"
 	"codacy/cli-v2/plugins"
 	"codacy/cli-v2/tools"
+	gosecTool "codacy/cli-v2/tools/gosec"
 	"codacy/cli-v2/tools/lizard"
 	"encoding/json"
 	"fmt"
@@ -412,6 +413,16 @@ func runEnigmaAnalysis(workDirectory string, pathsToCheck []string, outputFile s
 	return tools.RunEnigma(workDirectory, enigma.InstallDir, enigma.Binaries["codacy-enigma-cli"], pathsToCheck, outputFile, outputFormat)
 }
 
+func runGosecAnalysis(workDirectory string, pathsToCheck []string, outputFile string, outputFormat string) error {
+	gosec := config.Config.Tools()["gosec"]
+	if gosec == nil {
+		log.Fatal("Gosec tool configuration not found")
+	}
+	gosecBinary := gosec.Binaries["gosec"]
+
+	return gosecTool.RunGosec(workDirectory, gosecBinary, pathsToCheck, outputFile, outputFormat)
+}
+
 var analyzeCmd = &cobra.Command{
 	Use:   "analyze",
 	Short: "Runs all configured linters.",
@@ -522,6 +533,8 @@ func runTool(workDirectory string, toolName string, args []string, outputFile st
 		return runLizardAnalysis(workDirectory, args, outputFile, outputFormat)
 	case "codacy-enigma-cli":
 		return runEnigmaAnalysis(workDirectory, args, outputFile, outputFormat)
+	case "gosec":
+		return runGosecAnalysis(workDirectory, args, outputFile, outputFormat)
 	default:
 		return fmt.Errorf("unsupported tool: %s", toolName)
 	}
diff --git a/plugins/runtimes/go/plugin.yaml b/plugins/runtimes/go/plugin.yaml
@@ -2,7 +2,7 @@ name: go
 # Go Programming Language Runtime
 # Provides the Go compiler and tools for building and running Go programs.
 description: Go is an open source programming language that makes it easy to build simple, reliable, and efficient software.
-default_version: 1.22.3
+default_version: 1.24.1
 download:
   url_template: "https://go.dev/dl/go{{.Version}}.{{.OS}}-{{.Arch}}.tar.gz"
   file_name_template: "go{{.Version}}.{{.OS}}-{{.Arch}}.tar.gz"
diff --git a/plugins/tools/gosec/plugin.yaml b/plugins/tools/gosec/plugin.yaml
@@ -2,7 +2,7 @@ name: gosec
 # Gosec - Golang Security Checker
 # Inspects source code for security problems by scanning the Go AST.
 description: Gosec inspects Go source code for security problems by scanning the Go AST.
-default_version: 2.15.0
+default_version: 2.22.4
 runtime: go
 runtime_binaries:
   package_manager: go
