https://github.com/peakle/security-rules

Ruleguard security rules
https://github.com/peakle/security-rules

bundle go go-ruleguard golang ruleguard syntax-analysis

Last synced: 9 months ago
JSON representation

Ruleguard security rules

• Host: GitHub
• URL: https://github.com/peakle/security-rules
• Owner: peakle
• License: mit
• Created: 2022-04-14T21:17:10.000Z (almost 4 years ago)
• Default Branch: master
• Last Pushed: 2022-04-19T19:35:04.000Z (almost 4 years ago)
• Last Synced: 2025-02-08T04:27:07.038Z (about 1 year ago)
• Topics: bundle, go, go-ruleguard, golang, ruleguard, syntax-analysis
• Language: Go
• Homepage:
• Size: 13.7 KB
• Stars: 0
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# security-rules

Ruleguard security rules

[![Tests](https://github.com/peakle/security-rules/workflows/Tests/badge.svg)](https://github.com/peakle/security-rules/blob/main/.github/workflows/ci.yml)

[![Go Report Card](https://goreportcard.com/badge/github.com/peakle/security-rules)](https://goreportcard.com/report/github.com/peakle/security-rules)

[![Go Reference](https://pkg.go.dev/badge/github.com/peakle/security-rules.svg)](https://pkg.go.dev/github.com/peakle/security-rules)

### What are we checking now?:

1. HTTP without SSL

2. old hash functions like: md5

3. TLS insecureSkipVerify option usage

4. Old TLS versions

5. Old cipher functions usage: like RC4

7. Swagger body validation function usage

### How to use:

Full installation example: https://github.com/peakle/dc-rules-example

1. Install rules:

      ```shell

      go get -v github.com/peakle/security-rules

      ```

2. Create rules.go file in your project like

   in [example](https://github.com/delivery-club/delivery-club-rules/tree/main/example/rules.go)

3. Add linter to your pipeline:

    1. Like another one check in golangci-lint (will work for golangci-lint >v1.27.0):

        ``` yaml

        linters:

          enable:

            - gocritic

        linters-settings:

          gocritic:

            enabled-checks:

              - ruleguard

            settings:

              ruleguard:

                rules: "YourDir/rules.go"

        ```

    2. Like file watcher in Goland IDE (will work for golangci-lint >v1.27.0):

         1. add golangci-lint as `File Watcher` in IDE (Preferences -> Tools -> File Watchers -> Add)

         2. set `Arguments` field where `.golangci.yml` file will be like example above:

        ```

        run $FileDir$ --config=$ProjectFileDir$/.golangci.yml

        ```

### How to update to new rules version:

1. update rules version in your go.mod file

2. download new rules version:

   ```shell

   go get github.com/peakle/security-rules@newVersion

   ```

3. if you using golangci-lint update cache:

   ```shell

   golangci-lint cache clean

   ```

### How to add new checks:

1. Ruleguard tour for newbees: https://go-ruleguard.github.io/by-example

2. Fork repo && open PR :D