go exec command security linting messages using golangci

I'm adding a linter for gosec for golangci-lint and everything is covered except the following:

exec.Command(params[0], params[1:]…)

I know that I can disable this lint but I don't want to do it. Is there a way to fix the code to satisfy this lint?

the error is:

 G204: Subprocess launched with function call as argument or cmd arguments ```

440

asked Nov 14 '19 15:11

Instead of disabling the linter you could exclude the specific line with an annotation;

exec.Command(params[0], params[1:]...) //nolint:gosec

106

answered Sep 28 '22 01:09

If you want to disable only this check, you can

exec.Command(params[0], params[1:]...) // #nosec G204

answered Sep 28 '22 00:09

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!