From 10c4ba25708e1fc9d2dce8fabe771fcc487bea58 Mon Sep 17 00:00:00 2001 From: Ludwig Nyberg <44864447+loodde@users.noreply.github.com> Date: Mon, 15 Sep 2025 11:50:59 +0200 Subject: [PATCH 1/2] fix: bump sage to v0.371.1 --- .sage/go.mod | 2 +- .sage/go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.sage/go.mod b/.sage/go.mod index 11693c8..89593e2 100644 --- a/.sage/go.mod +++ b/.sage/go.mod @@ -2,4 +2,4 @@ module sage go 1.23 -require go.einride.tech/sage v0.371.0 +require go.einride.tech/sage v0.371.1 diff --git a/.sage/go.sum b/.sage/go.sum index d55b5c2..21b1ac6 100644 --- a/.sage/go.sum +++ b/.sage/go.sum @@ -1,2 +1,2 @@ -go.einride.tech/sage v0.371.0 h1:uRoKhO2l6ZJd0x+jdqkL/FPy7N5NKZIb2SGkENwmyx8= -go.einride.tech/sage v0.371.0/go.mod h1:sy9YuK//XVwEZ2wD3f19xVSKEtN8CYtgtBZGpzC3p80= +go.einride.tech/sage v0.371.1 h1:9kdA48sddfrsTZoCuTi1JXJNzE9SFXB/miym/NQodtM= +go.einride.tech/sage v0.371.1/go.mod h1:sy9YuK//XVwEZ2wD3f19xVSKEtN8CYtgtBZGpzC3p80= From 1a47340774fceb7410dcb3d0978d5cfcc1a303b6 Mon Sep 17 00:00:00 2001 From: Ludwig Nyberg <44864447+loodde@users.noreply.github.com> Date: Mon, 15 Sep 2025 11:52:11 +0200 Subject: [PATCH 2/2] fix: exclude 2 sempgrep findings --- spantest/emulator.go | 2 ++ spantest/inmemory.go | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/spantest/emulator.go b/spantest/emulator.go index 661ee2d..ac5e822 100644 --- a/spantest/emulator.go +++ b/spantest/emulator.go @@ -200,6 +200,8 @@ func inspectPortAddress(t testing.TB, containerID, containerPort string) string func execCommand(t testing.TB, name string, args ...string) string { t.Helper() t.Log("exec:", name, strings.Join(args, " ")) + // No external args are passed to this exec.Command other than the static strings defined in this file. + // nosemgrep: go.lang.security.audit.dangerous-exec-command cmd := exec.Command(name, args...) var stdout, stderr bytes.Buffer cmd.Stdout, cmd.Stderr = &stdout, &stderr diff --git a/spantest/inmemory.go b/spantest/inmemory.go index 62360af..0465b79 100644 --- a/spantest/inmemory.go +++ b/spantest/inmemory.go @@ -3,7 +3,7 @@ package spantest import ( "context" "fmt" - "math/rand" + "math/rand" // nosemgrep: go.lang.security.audit.crypto.math_random.math-random-used "strconv" "testing"