>>> gosec: Building community/gosec 2.22.8-r3 (using abuild 3.16.0-r0) started Sat, 06 Dec 2025 16:09:30 +0000
>>> gosec: Validating /home/buildozer/aports/community/gosec/APKBUILD...
>>> gosec: Analyzing dependencies...
>>> gosec: Installing for build: build-base go
(1/2) Installing go (1.25.5-r0)
(2/2) Installing .makedepends-gosec (20251206.160931)
Executing busybox-1.37.0-r29.trigger
OK: 568 MiB in 107 packages
>>> gosec: Cleaning up srcdir
>>> gosec: Cleaning up pkgdir
>>> gosec: Cleaning up tmpdir
>>> gosec: Fetching https://distfiles.alpinelinux.org/distfiles/edge/gosec-2.22.8.tar.gz
Connecting to distfiles.alpinelinux.org (172.105.82.32:443)
saving to '/var/cache/distfiles/edge/gosec-2.22.8.tar.gz.part'
gosec-2.22.8.tar.gz. 100% |********************************|  168k  0:00:00 ETA
'/var/cache/distfiles/edge/gosec-2.22.8.tar.gz.part' saved
/var/cache/distfiles/edge/gosec-2.22.8.tar.gz: OK
>>> gosec: Fetching https://distfiles.alpinelinux.org/distfiles/edge/gosec-2.22.8.tar.gz
/var/cache/distfiles/edge/gosec-2.22.8.tar.gz: OK
>>> gosec: Unpacking /var/cache/distfiles/edge/gosec-2.22.8.tar.gz...
fatal: not a git repository (or any of the parent directories): .git
fatal: not a git repository (or any of the parent directories): .git
make build
fatal: not a git repository (or any of the parent directories): .git
fatal: not a git repository (or any of the parent directories): .git
make[1]: Entering directory '/home/buildozer/aports/community/gosec/src/gosec-2.22.8'
fatal: not a git repository (or any of the parent directories): .git
fatal: not a git repository (or any of the parent directories): .git
fatal: not a git repository (or any of the parent directories): .git
fatal: not a git repository (or any of the parent directories): .git
go build -ldflags " -X 'main.Version=' -X 'main.GitTag=' -X 'main.BuildDate=2025-12-06T16:09:33Z'" -o gosec ./cmd/gosec/
fatal: not a git repository (or any of the parent directories): .git
fatal: not a git repository (or any of the parent directories): .git
go: downloading google.golang.org/api v0.246.0
go: downloading github.com/ccojocar/zxcvbn-go v1.0.4
go: downloading github.com/google/generative-ai-go v0.20.1
go: downloading golang.org/x/tools v0.36.0
go: downloading gopkg.in/yaml.v3 v3.0.1
go: downloading github.com/gookit/color v1.5.4
go: downloading github.com/google/uuid v1.6.0
go: downloading github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e
go: downloading google.golang.org/protobuf v1.36.6
go: downloading cloud.google.com/go/ai v0.12.1
go: downloading google.golang.org/genproto/googleapis/rpc v0.0.0-20250728155136-f173205681a0
go: downloading google.golang.org/grpc v1.74.2
go: downloading github.com/googleapis/gax-go/v2 v2.15.0
go: downloading cloud.google.com/go v0.121.2
go: downloading golang.org/x/sync v0.16.0
go: downloading golang.org/x/mod v0.27.0
go: downloading cloud.google.com/go/longrunning v0.6.7
go: downloading google.golang.org/genproto/googleapis/api v0.0.0-20250603155806-513f23925822
go: downloading golang.org/x/sys v0.35.0
go: downloading golang.org/x/net v0.43.0
go: downloading golang.org/x/text v0.28.0
go: downloading golang.org/x/oauth2 v0.30.0
go: downloading cloud.google.com/go/auth v0.16.3
go: downloading cloud.google.com/go/compute/metadata v0.7.0
go: downloading cloud.google.com/go/auth/oauth2adapt v0.2.8
go: downloading github.com/google/s2a-go v0.1.9
go: downloading golang.org/x/time v0.12.0
go: downloading github.com/googleapis/enterprise-certificate-proxy v0.3.6
go: downloading go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0
go: downloading go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.61.0
go: downloading go.opentelemetry.io/otel/trace v1.36.0
go: downloading go.opentelemetry.io/otel v1.36.0
go: downloading go.opentelemetry.io/otel/metric v1.36.0
go: downloading github.com/felixge/httpsnoop v1.0.4
go: downloading golang.org/x/crypto v0.41.0
go: downloading github.com/go-logr/stdr v1.2.2
go: downloading github.com/go-logr/logr v1.4.3
go: downloading go.opentelemetry.io/auto/sdk v1.1.0
make[1]: Leaving directory '/home/buildozer/aports/community/gosec/src/gosec-2.22.8'
go: downloading github.com/onsi/ginkgo/v2 v2.23.4
go: downloading go.uber.org/automaxprocs v1.6.0
go: downloading github.com/go-task/slim-sprig/v3 v3.0.0
go: downloading github.com/google/pprof v0.0.0-20250607225305-033d6d78b36a
2025/12/06 16:10:09 maxprocs: Leaving GOMAXPROCS=48: CPU quota undefined
go: downloading github.com/onsi/gomega v1.38.0
go: downloading github.com/google/go-cmp v0.7.0

Running Suite: gosec Suite - /home/buildozer/aports/community/gosec/src/gosec-2.22.8
====================================================================================
Random Seed: 1765037409

Will run 180 of 180 specs
------------------------------
Rule when using a ruleset should be possible to register a rule for multiple ast.Node
github.com/securego/gosec/v2/rule_test.go:59
• [0.000 seconds]
------------------------------
Rule when using a ruleset should not register a rule when no ast.Nodes are specified
github.com/securego/gosec/v2/rule_test.go:71
• [0.000 seconds]
------------------------------
Rule when using a ruleset should be possible to retrieve a list of rules for a given node type
github.com/securego/gosec/v2/rule_test.go:76
• [0.002 seconds]
------------------------------
Rule when using a ruleset should register a suppressed rule
github.com/securego/gosec/v2/rule_test.go:87
• [0.000 seconds]
------------------------------
Import Tracker when tracking a file should parse the imports from file
github.com/securego/gosec/v2/import_tracker_test.go:13
• [0.157 seconds]
------------------------------
Import Tracker when tracking a file should parse the named imports from file
github.com/securego/gosec/v2/import_tracker_test.go:33
• [0.157 seconds]
------------------------------
Analyzer when processing a package should not report an error if the package contains no Go files
github.com/securego/gosec/v2/analyzer_test.go:47
• [0.001 seconds]
------------------------------
Analyzer when processing a package should report an error if the package fails to build
github.com/securego/gosec/v2/analyzer_test.go:56
• [0.001 seconds]
------------------------------
Analyzer when processing a package should be able to analyze multiple Go files
github.com/securego/gosec/v2/analyzer_test.go:72
• [0.184 seconds]
------------------------------
Analyzer when processing a package should be able to analyze multiple Go files concurrently
github.com/securego/gosec/v2/analyzer_test.go:94
• [0.197 seconds]
------------------------------
Analyzer when processing a package should be able to analyze multiple Go packages
github.com/securego/gosec/v2/analyzer_test.go:117
• [0.487 seconds]
------------------------------
Analyzer when processing a package should find errors when nosec is not in use
github.com/securego/gosec/v2/analyzer_test.go:141
• [0.327 seconds]
------------------------------
Analyzer when processing a package should find errors when nosec is not in use
github.com/securego/gosec/v2/analyzer_test.go:157
• [0.360 seconds]
------------------------------
Analyzer when processing a package should find errors when nosec is not in use
github.com/securego/gosec/v2/analyzer_test.go:173
• [0.311 seconds]
------------------------------
Analyzer when processing a package should report Go build errors and invalid files
github.com/securego/gosec/v2/analyzer_test.go:189
• [0.200 seconds]
------------------------------
Analyzer when processing a package should not report errors when a nosec line comment is present
github.com/securego/gosec/v2/analyzer_test.go:217
• [0.354 seconds]
------------------------------
Analyzer when processing a package should not report errors when a disable directive is present
github.com/securego/gosec/v2/analyzer_test.go:234
• [0.366 seconds]
------------------------------
Analyzer when processing a package should not report errors when a nosec line comment is present
github.com/securego/gosec/v2/analyzer_test.go:251
• [0.344 seconds]
------------------------------
Analyzer when processing a package should not report errors when a disable directive is present
github.com/securego/gosec/v2/analyzer_test.go:268
• [0.343 seconds]
------------------------------
Analyzer when processing a package should not report errors when a nosec line comment is present
github.com/securego/gosec/v2/analyzer_test.go:285
• [0.315 seconds]
------------------------------
Analyzer when processing a package should not report errors when a disable directive is present
github.com/securego/gosec/v2/analyzer_test.go:302
• [0.305 seconds]
------------------------------
Analyzer when processing a package should not report errors when a nosec block comment is present
github.com/securego/gosec/v2/analyzer_test.go:319
• [0.361 seconds]
------------------------------
Analyzer when processing a package should not report errors when a nosec block comment is present
github.com/securego/gosec/v2/analyzer_test.go:336
• [0.376 seconds]
------------------------------
Analyzer when processing a package should not report errors when a nosec block comment is present
github.com/securego/gosec/v2/analyzer_test.go:353
• [0.320 seconds]
------------------------------
Analyzer when processing a package should not report errors when an exclude comment is present for the correct rule
github.com/securego/gosec/v2/analyzer_test.go:370
• [0.359 seconds]
------------------------------
Analyzer when processing a package should not report errors when an exclude comment is present for the correct rule
github.com/securego/gosec/v2/analyzer_test.go:388
• [0.381 seconds]
------------------------------
Analyzer when processing a package should not report errors when an exclude comment is present for the correct rule
github.com/securego/gosec/v2/analyzer_test.go:406
• [0.345 seconds]
------------------------------
Analyzer when processing a package should not report errors when an exclude comment is present for the correct rule
github.com/securego/gosec/v2/analyzer_test.go:424
• [0.342 seconds]
------------------------------
Analyzer when processing a package should not report errors when an exclude comment is present for the correct rule
github.com/securego/gosec/v2/analyzer_test.go:442
• [0.327 seconds]
------------------------------
Analyzer when processing a package should not report errors when an exclude comment is present for the correct rule
github.com/securego/gosec/v2/analyzer_test.go:460
• [0.322 seconds]
------------------------------
Analyzer when processing a package should not report errors when a nosec  block and line comment are present
github.com/securego/gosec/v2/analyzer_test.go:478
• [0.263 seconds]
------------------------------
Analyzer when processing a package should not report errors when only a nosec  block is present
github.com/securego/gosec/v2/analyzer_test.go:493
• [0.305 seconds]
------------------------------
Analyzer when processing a package should not report errors when a single line nosec  is present on a multi-line issue
github.com/securego/gosec/v2/analyzer_test.go:508
• [0.671 seconds]
------------------------------
Analyzer when processing a package should not report errors when a disable directive block and line comment are present
github.com/securego/gosec/v2/analyzer_test.go:524
• [0.320 seconds]
------------------------------
Analyzer when processing a package should not report errors when only a disable directive block is present
github.com/securego/gosec/v2/analyzer_test.go:539
• [0.288 seconds]
------------------------------
Analyzer when processing a package should not report errors when a single line nosec  is present on a multi-line issue
github.com/securego/gosec/v2/analyzer_test.go:554
• [0.649 seconds]
------------------------------
Analyzer when processing a package should report errors when an exclude comment is present for a different rule
github.com/securego/gosec/v2/analyzer_test.go:570
• [0.379 seconds]
------------------------------
Analyzer when processing a package should report errors when an exclude comment is present for a different rule
github.com/securego/gosec/v2/analyzer_test.go:587
• [0.371 seconds]
------------------------------
Analyzer when processing a package should report errors when an exclude comment is present for a different rule
github.com/securego/gosec/v2/analyzer_test.go:604
• [0.340 seconds]
------------------------------
Analyzer when processing a package should report errors when an exclude comment is present for a different rule
github.com/securego/gosec/v2/analyzer_test.go:621
• [0.320 seconds]
------------------------------
Analyzer when processing a package should report errors when an exclude comment is present for a different rule
github.com/securego/gosec/v2/analyzer_test.go:638
• [0.292 seconds]
------------------------------
Analyzer when processing a package should report errors when an exclude comment is present for a different rule
github.com/securego/gosec/v2/analyzer_test.go:655
• [0.314 seconds]
------------------------------
Analyzer when processing a package should not report errors when an exclude comment is present for multiple rules, including the correct rule
github.com/securego/gosec/v2/analyzer_test.go:672
• [0.549 seconds]
------------------------------
Analyzer when processing a package should not report errors when an exclude comment is present for multiple rules, including the correct rule
github.com/securego/gosec/v2/analyzer_test.go:691
• [0.499 seconds]
------------------------------
Analyzer when processing a package should not report errors when an exclude comment is present for multiple rules, including the correct rule
github.com/securego/gosec/v2/analyzer_test.go:710
• [0.523 seconds]
------------------------------
Analyzer when processing a package should not report errors when an exclude comment is present for multiple rules, including the correct rule
github.com/securego/gosec/v2/analyzer_test.go:729
• [0.517 seconds]
------------------------------
Analyzer when processing a package should not report errors when an exclude comment is present for multiple rules, including the correct rule
github.com/securego/gosec/v2/analyzer_test.go:748
• [0.437 seconds]
------------------------------
Analyzer when processing a package should not report errors when an exclude comment is present for multiple rules, including the correct rule
github.com/securego/gosec/v2/analyzer_test.go:767
• [0.448 seconds]
------------------------------
Analyzer when processing a package should pass the build tags
github.com/securego/gosec/v2/analyzer_test.go:786
• [0.001 seconds]
------------------------------
Analyzer when processing a package should process an empty package with test file
github.com/securego/gosec/v2/analyzer_test.go:798
• [2.087 seconds]
------------------------------
Analyzer when processing a package should be possible to overwrite nosec comments, and report issues
github.com/securego/gosec/v2/analyzer_test.go:813
• [0.318 seconds]
------------------------------
Analyzer when processing a package should be possible to overwrite disable directive, and report issues
github.com/securego/gosec/v2/analyzer_test.go:836
• [0.313 seconds]
------------------------------
Analyzer when processing a package should be possible to overwrite nosec comments, and report issues
github.com/securego/gosec/v2/analyzer_test.go:859
• [0.323 seconds]
------------------------------
Analyzer when processing a package should be possible to overwrite disable directive comments, and report issues
github.com/securego/gosec/v2/analyzer_test.go:882
• [0.291 seconds]
------------------------------
Analyzer when processing a package should be possible to overwrite nosec comments, and report issues
github.com/securego/gosec/v2/analyzer_test.go:905
• [0.298 seconds]
------------------------------
Analyzer when processing a package should be possible to overwrite disable directive comments, and report issues
github.com/securego/gosec/v2/analyzer_test.go:928
• [0.306 seconds]
------------------------------
Analyzer when processing a package should be possible to overwrite nosec comments, and report issues but they should not be counted
github.com/securego/gosec/v2/analyzer_test.go:951
• [0.351 seconds]
------------------------------
Analyzer when processing a package should be possible to overwrite nosec comments, and report issues but they should not be counted
github.com/securego/gosec/v2/analyzer_test.go:977
• [0.333 seconds]
------------------------------
Analyzer when processing a package should be possible to overwrite nosec comments, and report issues but they should not be counted
github.com/securego/gosec/v2/analyzer_test.go:1003
• [0.299 seconds]
------------------------------
Analyzer when processing a package should not report errors when nosec tag is in front of a line
github.com/securego/gosec/v2/analyzer_test.go:1029
• [0.316 seconds]
------------------------------
Analyzer when processing a package should not report errors when disable directive is in front of a line
github.com/securego/gosec/v2/analyzer_test.go:1046
• [0.342 seconds]
------------------------------
Analyzer when processing a package should not report errors when nosec tag is in front of a line
github.com/securego/gosec/v2/analyzer_test.go:1063
• [0.336 seconds]
------------------------------
Analyzer when processing a package should not report errors when disable directive is in front of a line
github.com/securego/gosec/v2/analyzer_test.go:1080
• [0.319 seconds]
------------------------------
Analyzer when processing a package should not report errors when nosec tag is in front of a line
github.com/securego/gosec/v2/analyzer_test.go:1097
• [0.362 seconds]
------------------------------
Analyzer when processing a package should not report errors when disable directive is in front of a line
github.com/securego/gosec/v2/analyzer_test.go:1114
• [0.298 seconds]
------------------------------
Analyzer when processing a package should report errors when nosec tag is not in front of a line
github.com/securego/gosec/v2/analyzer_test.go:1131
• [0.357 seconds]
------------------------------
Analyzer when processing a package should report errors when nosec tag is not in front of a line
github.com/securego/gosec/v2/analyzer_test.go:1148
• [0.353 seconds]
------------------------------
Analyzer when processing a package should report errors when nosec tag is not in front of a line
github.com/securego/gosec/v2/analyzer_test.go:1165
• [0.351 seconds]
------------------------------
Analyzer when processing a package should not report errors when rules are in front of nosec tag even rules are wrong
github.com/securego/gosec/v2/analyzer_test.go:1182
• [0.367 seconds]
------------------------------
Analyzer when processing a package should not report errors when rules are in front of nosec tag even rules are wrong
github.com/securego/gosec/v2/analyzer_test.go:1199
• [0.363 seconds]
------------------------------
Analyzer when processing a package should not report errors when rules are in front of nosec tag even rules are wrong
github.com/securego/gosec/v2/analyzer_test.go:1216
• [0.345 seconds]
------------------------------
Analyzer when processing a package should report errors when there are nosec tags after a #nosec WrongRuleList annotation
github.com/securego/gosec/v2/analyzer_test.go:1233
• [0.365 seconds]
------------------------------
Analyzer when processing a package should report errors when there are disable directives after a //gosec:disable WrongRuleList
github.com/securego/gosec/v2/analyzer_test.go:1250
• [0.357 seconds]
------------------------------
Analyzer when processing a package should report errors when there are nosec tags after a #nosec WrongRuleList annotation
github.com/securego/gosec/v2/analyzer_test.go:1267
• [0.331 seconds]
------------------------------
Analyzer when processing a package should report errors when there are disable directives after a //gosec:disable WrongRuleList
github.com/securego/gosec/v2/analyzer_test.go:1284
• [0.336 seconds]
------------------------------
Analyzer when processing a package should report errors when there are nosec tags after a #nosec WrongRuleList annotation
github.com/securego/gosec/v2/analyzer_test.go:1301
• [0.300 seconds]
------------------------------
Analyzer when processing a package should report errors when there are disable directives after a //gosec:disable WrongRuleList
github.com/securego/gosec/v2/analyzer_test.go:1318
• [0.309 seconds]
------------------------------
Analyzer when processing a package should be possible to use an alternative nosec tag
github.com/securego/gosec/v2/analyzer_test.go:1335
• [0.379 seconds]
------------------------------
Analyzer when processing a package should be possible to use an alternative nosec tag
github.com/securego/gosec/v2/analyzer_test.go:1358
• [0.386 seconds]
------------------------------
Analyzer when processing a package should be possible to use an alternative nosec tag
github.com/securego/gosec/v2/analyzer_test.go:1381
• [0.311 seconds]
------------------------------
Analyzer when processing a package should ignore vulnerabilities when the default tag is found
github.com/securego/gosec/v2/analyzer_test.go:1404
• [0.324 seconds]
------------------------------
Analyzer when processing a package should ignore vulnerabilities when the default tag is found
github.com/securego/gosec/v2/analyzer_test.go:1427
• [0.317 seconds]
------------------------------
Analyzer when processing a package should ignore vulnerabilities when the default tag is found
github.com/securego/gosec/v2/analyzer_test.go:1450
• [0.307 seconds]
------------------------------
Analyzer when processing a package should be able to analyze Go test package
github.com/securego/gosec/v2/analyzer_test.go:1473
• [0.297 seconds]
------------------------------
Analyzer when processing a package should be able to scan generated files if NOT excluded when using the rules
github.com/securego/gosec/v2/analyzer_test.go:1498
• [0.061 seconds]
------------------------------
Analyzer when processing a package should be able to skip generated files if excluded when using the rules
github.com/securego/gosec/v2/analyzer_test.go:1519
• [0.048 seconds]
------------------------------
Analyzer when processing a package should be able to scan generated files if NOT excluded when using the analyzes
github.com/securego/gosec/v2/analyzer_test.go:1540
• [0.294 seconds]
------------------------------
Analyzer when processing a package should be able to skip generated files if excluded when using the analyzes
github.com/securego/gosec/v2/analyzer_test.go:1563
• [0.286 seconds]
------------------------------
Analyzer should be able to analyze Cgo files
github.com/securego/gosec/v2/analyzer_test.go:1587
• [0.909 seconds]
------------------------------
Analyzer when parsing errors from a package should return no error when the error list is empty
github.com/securego/gosec/v2/analyzer_test.go:1604
• [0.000 seconds]
------------------------------
Analyzer when parsing errors from a package should properly parse the errors
github.com/securego/gosec/v2/analyzer_test.go:1610
• [0.000 seconds]
------------------------------
Analyzer when parsing errors from a package should properly parse the errors without line and column
github.com/securego/gosec/v2/analyzer_test.go:1631
• [0.000 seconds]
------------------------------
Analyzer when parsing errors from a package should properly parse the errors without column
github.com/securego/gosec/v2/analyzer_test.go:1652
• [0.000 seconds]
------------------------------
Analyzer when parsing errors from a package should return error when line cannot be parsed
github.com/securego/gosec/v2/analyzer_test.go:1673
• [0.000 seconds]
------------------------------
Analyzer when parsing errors from a package should return error when column cannot be parsed
github.com/securego/gosec/v2/analyzer_test.go:1686
• [0.000 seconds]
------------------------------
Analyzer when parsing errors from a package should append  error to the same file
github.com/securego/gosec/v2/analyzer_test.go:1699
• [0.000 seconds]
------------------------------
Analyzer when parsing errors from a package should set the config
github.com/securego/gosec/v2/analyzer_test.go:1727
• [0.000 seconds]
------------------------------
Analyzer when parsing errors from a package should reset the analyzer
github.com/securego/gosec/v2/analyzer_test.go:1735
• [0.000 seconds]
------------------------------
Analyzer when appending errors should skip error for non-buildable packages
github.com/securego/gosec/v2/analyzer_test.go:1745
• [0.000 seconds]
------------------------------
Analyzer when appending errors should add a new error
github.com/securego/gosec/v2/analyzer_test.go:1754
• [0.000 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the violation is suppressed
github.com/securego/gosec/v2/analyzer_test.go:1779
• [0.348 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the violation is suppressed
github.com/securego/gosec/v2/analyzer_test.go:1799
• [0.371 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the violation is suppressed
github.com/securego/gosec/v2/analyzer_test.go:1819
• [0.346 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the violation is suppressed
github.com/securego/gosec/v2/analyzer_test.go:1839
• [0.333 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the violation is suppressed
github.com/securego/gosec/v2/analyzer_test.go:1859
• [0.308 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the violation is suppressed
github.com/securego/gosec/v2/analyzer_test.go:1879
• [0.325 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the violation is suppressed without certain rules
github.com/securego/gosec/v2/analyzer_test.go:1899
• [0.322 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the violation is suppressed without certain rules
github.com/securego/gosec/v2/analyzer_test.go:1919
• [0.350 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the violation is suppressed without certain rules
github.com/securego/gosec/v2/analyzer_test.go:1939
• [0.325 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the violation is suppressed without certain rules
github.com/securego/gosec/v2/analyzer_test.go:1959
• [0.312 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the violation is suppressed without certain rules
github.com/securego/gosec/v2/analyzer_test.go:1979
• [0.296 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the violation is suppressed without certain rules
github.com/securego/gosec/v2/analyzer_test.go:1999
• [0.313 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the rule is not included
github.com/securego/gosec/v2/analyzer_test.go:2019
• [0.317 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the rule is excluded
github.com/securego/gosec/v2/analyzer_test.go:2038
• [0.298 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the analyzer is not included
github.com/securego/gosec/v2/analyzer_test.go:2057
• [0.348 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the analyzer is excluded
github.com/securego/gosec/v2/analyzer_test.go:2076
• [0.343 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the analyzer is not included
github.com/securego/gosec/v2/analyzer_test.go:2095
• [0.294 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the analyzer is excluded
github.com/securego/gosec/v2/analyzer_test.go:2114
• [0.279 seconds]
------------------------------
Analyzer when tracking suppressions should track multiple suppressions if the violation is multiply suppressed
github.com/securego/gosec/v2/analyzer_test.go:2133
• [0.316 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the violation is suppressed on a struct filed
github.com/securego/gosec/v2/analyzer_test.go:2151
• [0.582 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the violation is suppressed on a struct filed
github.com/securego/gosec/v2/analyzer_test.go:2172
• [0.573 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the violation is suppressed on multi-lien issue
github.com/securego/gosec/v2/analyzer_test.go:2193
• [0.309 seconds]
------------------------------
Analyzer when tracking suppressions should not report an error if the violation is suppressed on multi-lien issue
github.com/securego/gosec/v2/analyzer_test.go:2224
• [0.312 seconds]
------------------------------
Helpers when listing package paths should return the root directory as package path
github.com/securego/gosec/v2/helpers_test.go:24
• [0.001 seconds]
------------------------------
Helpers when listing package paths should return the package path
github.com/securego/gosec/v2/helpers_test.go:29
• [0.001 seconds]
------------------------------
Helpers when listing package paths should exclude folder
github.com/securego/gosec/v2/helpers_test.go:34
• [0.001 seconds]
------------------------------
Helpers when listing package paths should exclude folder with subpath
github.com/securego/gosec/v2/helpers_test.go:46
• [0.001 seconds]
------------------------------
Helpers when listing package paths should be empty when folder does not exist
github.com/securego/gosec/v2/helpers_test.go:58
• [0.001 seconds]
------------------------------
Helpers when getting the root path should return the absolute path from relative path
github.com/securego/gosec/v2/helpers_test.go:67
• [0.000 seconds]
------------------------------
Helpers when getting the root path should return the absolute path from ellipsis path
github.com/securego/gosec/v2/helpers_test.go:75
• [0.000 seconds]
------------------------------
Helpers when excluding the dirs should create a proper regexp
github.com/securego/gosec/v2/helpers_test.go:86
• [0.000 seconds]
------------------------------
Helpers when excluding the dirs should create a proper regexp for dir with subdir
github.com/securego/gosec/v2/helpers_test.go:95
• [0.000 seconds]
------------------------------
Helpers when excluding the dirs should create no regexp when dir list is empty
github.com/securego/gosec/v2/helpers_test.go:106
• [0.000 seconds]
------------------------------
Helpers when getting call info should return the type and call name for selector expression
github.com/securego/gosec/v2/helpers_test.go:115
• [0.119 seconds]
------------------------------
Helpers when getting call info should return the type and call name for new selector expression
github.com/securego/gosec/v2/helpers_test.go:149
• [0.100 seconds]
------------------------------
Helpers when getting call info should return the type and call name for function selector expression
github.com/securego/gosec/v2/helpers_test.go:182
• [0.104 seconds]
------------------------------
Helpers when getting call info should return the type and call name for package function
github.com/securego/gosec/v2/helpers_test.go:219
• [0.143 seconds]
------------------------------
Helpers when getting call info should return the type and call name when built-in new function is overridden
github.com/securego/gosec/v2/helpers_test.go:249
• [0.107 seconds]
------------------------------
Helpers when getting binary expression operands should return all operands of a binary expression
github.com/securego/gosec/v2/helpers_test.go:282
• [0.151 seconds]
------------------------------
Helpers when getting binary expression operands should return all operands of complex binary expression
github.com/securego/gosec/v2/helpers_test.go:312
• [0.172 seconds]
------------------------------
Cli vflag test value must be empty as parameter value contains invalid character
github.com/securego/gosec/v2/flag_test.go:15
flag provided but not defined: -flag1
Usage of flag1:
  -falg1 value
    	
• [0.000 seconds]
------------------------------
Cli vflag test value must be empty as parameter value contains invalid character without equal sign
github.com/securego/gosec/v2/flag_test.go:25
invalid value " -incorrect" for flag -test2: flag value cannot start with -
Usage of test2:
  -test2 value
    	
• [0.000 seconds]
------------------------------
Cli vflag test value must not be empty as parameter value contains valid character
github.com/securego/gosec/v2/flag_test.go:35
• [0.000 seconds]
------------------------------
Resolve ast node to concrete value when attempting to resolve an ast node should successfully resolve basic literal
github.com/securego/gosec/v2/resolve_test.go:15
• [0.098 seconds]
------------------------------
Resolve ast node to concrete value when attempting to resolve an ast node should successfully resolve identifier
github.com/securego/gosec/v2/resolve_test.go:35
• [0.114 seconds]
------------------------------
Resolve ast node to concrete value when attempting to resolve an ast node should successfully resolve variable identifier
github.com/securego/gosec/v2/resolve_test.go:55
• [0.165 seconds]
------------------------------
Resolve ast node to concrete value when attempting to resolve an ast node should successfully not resolve variable identifier with no declaration
github.com/securego/gosec/v2/resolve_test.go:75
• [0.128 seconds]
------------------------------
Resolve ast node to concrete value when attempting to resolve an ast node should successfully resolve assign statement
github.com/securego/gosec/v2/resolve_test.go:96
• [0.111 seconds]
------------------------------
Resolve ast node to concrete value when attempting to resolve an ast node should successfully not resolve assign statement without rhs
github.com/securego/gosec/v2/resolve_test.go:117
• [0.092 seconds]
------------------------------
Resolve ast node to concrete value when attempting to resolve an ast node should successfully not resolve assign statement with unsolvable rhs
github.com/securego/gosec/v2/resolve_test.go:139
• [0.090 seconds]
------------------------------
Resolve ast node to concrete value when attempting to resolve an ast node should successfully resolve a binary statement
github.com/securego/gosec/v2/resolve_test.go:161
• [0.097 seconds]
------------------------------
Resolve ast node to concrete value when attempting to resolve an ast node should successfully resolve value spec
github.com/securego/gosec/v2/resolve_test.go:180
• [0.120 seconds]
------------------------------
Resolve ast node to concrete value when attempting to resolve an ast node should successfully not resolve value spec without values
github.com/securego/gosec/v2/resolve_test.go:200
• [0.096 seconds]
------------------------------
Resolve ast node to concrete value when attempting to resolve an ast node should successfully not resolve value spec with unsolvable value
github.com/securego/gosec/v2/resolve_test.go:222
• [0.087 seconds]
------------------------------
Resolve ast node to concrete value when attempting to resolve an ast node should successfully resolve composite literal
github.com/securego/gosec/v2/resolve_test.go:244
• [0.105 seconds]
------------------------------
Resolve ast node to concrete value when attempting to resolve an ast node should successfully not resolve composite literal without elst
github.com/securego/gosec/v2/resolve_test.go:263
• [0.096 seconds]
------------------------------
Resolve ast node to concrete value when attempting to resolve an ast node should successfully not resolve composite literal with unsolvable elst
github.com/securego/gosec/v2/resolve_test.go:283
• [0.088 seconds]
------------------------------
Resolve ast node to concrete value when attempting to resolve an ast node should successfully not resolve call expressions
github.com/securego/gosec/v2/resolve_test.go:303
• [0.100 seconds]
------------------------------
Resolve ast node to concrete value when attempting to resolve an ast node should successfully not resolve call expressions
github.com/securego/gosec/v2/resolve_test.go:322
• [0.158 seconds]
------------------------------
Configuration when loading from disk should be possible to load configuration from a file
github.com/securego/gosec/v2/config_test.go:20
• [0.000 seconds]
------------------------------
Configuration when loading from disk should return an error if configuration file is invalid
github.com/securego/gosec/v2/config_test.go:28
• [0.000 seconds]
------------------------------
Configuration when saving to disk should be possible to save an empty configuration to file
github.com/securego/gosec/v2/config_test.go:41
• [0.000 seconds]
------------------------------
Configuration when saving to disk should be possible to save configuration to file
github.com/securego/gosec/v2/config_test.go:50
• [0.000 seconds]
------------------------------
Configuration when configuring rules should be possible to get configuration for a rule
github.com/securego/gosec/v2/config_test.go:64
• [0.000 seconds]
------------------------------
Configuration when using global configuration options should have a default global section
github.com/securego/gosec/v2/config_test.go:78
• [0.000 seconds]
------------------------------
Configuration when using global configuration options should save global settings to correct section
github.com/securego/gosec/v2/config_test.go:85
• [0.000 seconds]
------------------------------
Configuration when using global configuration options should find global settings which are enabled
github.com/securego/gosec/v2/config_test.go:100
• [0.000 seconds]
------------------------------
Configuration when using global configuration options should parse the global settings of type string from file
github.com/securego/gosec/v2/config_test.go:107
• [0.000 seconds]
------------------------------
Configuration when using global configuration options should parse the global settings of other types from file
github.com/securego/gosec/v2/config_test.go:122
• [0.000 seconds]
------------------------------
Call List should not return any matches when empty
github.com/securego/gosec/v2/call_list_test.go:19
• [0.000 seconds]
------------------------------
Call List should be possible to add a single call
github.com/securego/gosec/v2/call_list_test.go:23
• [0.000 seconds]
------------------------------
Call List should be possible to add multiple calls at once
github.com/securego/gosec/v2/call_list_test.go:34
• [0.000 seconds]
------------------------------
Call List should be possible to add pointer call
github.com/securego/gosec/v2/call_list_test.go:48
• [0.001 seconds]
------------------------------
Call List should be possible to check pointer call
github.com/securego/gosec/v2/call_list_test.go:55
• [0.000 seconds]
------------------------------
Call List should not return a match if none are present
github.com/securego/gosec/v2/call_list_test.go:62
• [0.000 seconds]
------------------------------
Call List should match a call based on selector and ident
github.com/securego/gosec/v2/call_list_test.go:67
• [0.000 seconds]
------------------------------
Call List should match a package call expression
github.com/securego/gosec/v2/call_list_test.go:72
• [0.143 seconds]
------------------------------
Call List should match a package call expression
github.com/securego/gosec/v2/call_list_test.go:97
• [0.163 seconds]
------------------------------
Call List should match a package call expression
github.com/securego/gosec/v2/call_list_test.go:122
• [0.141 seconds]
------------------------------
Call List should match a call expression
github.com/securego/gosec/v2/call_list_test.go:147
• [0.186 seconds]
------------------------------

Ran 180 of 180 Specs in 41.209 seconds
SUCCESS! -- 180 Passed | 0 Failed | 0 Pending | 0 Skipped
PASS

Ginkgo ran 1 suite in 44.823249469s
Test Suite Passed
>>> gosec: Entering fakeroot...
>>> gosec*: Running postcheck for gosec
>>> gosec*: Preparing package gosec...
>>> gosec*: Stripping binaries
>>> gosec*: Scanning shared objects
>>> gosec*: Tracing dependencies...
	so:libc.musl-x86.so.1
>>> gosec*: Package size: 21.6 MB
>>> gosec*: Compressing data...
>>> gosec*: Create checksum...
>>> gosec*: Create gosec-2.22.8-r3.apk
>>> gosec: Build complete at Sat, 06 Dec 2025 16:10:55 +0000 elapsed time 0h 1m 25s
>>> gosec: Cleaning up srcdir
>>> gosec: Cleaning up pkgdir
>>> gosec: Uninstalling dependencies...
(1/2) Purging .makedepends-gosec (20251206.160931)
(2/2) Purging go (1.25.5-r0)
Executing busybox-1.37.0-r29.trigger
OK: 426 MiB in 105 packages
>>> gosec: Updating the community/x86 repository index...
>>> gosec: Signing the index...