Skip to content

Newly introduced G602 rule slows down the execution significantly #1010

New issue
New issue
Closed
#1017
Closed
Newly introduced G602 rule slows down the execution significantly#1010
#1017
@rabadin

Description

@rabadin
rabadin
opened on Sep 6, 2023

Just to illustrate the problem I'm testing this on a checkout of https://github.com/kubernetes/kubernetes.

Using gosec v2.17.0 to scan a package from the kubernetes repo takes 0m49.899s.
Using gosec v2.16.0 to scan the same package takes 0m1.764s.
Using gosec v2.17.0 to scan the same package excluding G602 takes 0m1.748s.

$ go install github.com/securego/gosec/v2/cmd/gosec@v2.17.0
$ time ~/go/bin/gosec ./staging/src/k8s.io/api/core/v1/
[...]
Summary:
  Gosec  : dev
  Files  : 14
  Lines  : 88306
  Nosec  : 0
  Issues : 12


real	0m49.899s
user	1m25.262s
sys	0m2.669s

$ go install github.com/securego/gosec/v2/cmd/gosec@v2.16.0
$ time ~/go/bin/gosec ./staging/src/k8s.io/api/core/v1/
[...]
Summary:
  Gosec  : dev
  Files  : 14
  Lines  : 88306
  Nosec  : 0
  Issues : 12


real	0m1.764s
user	0m3.564s
sys	0m0.674s

$ go install github.com/securego/gosec/v2/cmd/gosec@v2.17.0
$ time ~/go/bin/gosec -exclude=G602 ./staging/src/k8s.io/api/core/v1/
[...]
Summary:
  Gosec  : dev
  Files  : 14
  Lines  : 88306
  Nosec  : 0
  Issues : 12


real	0m1.748s
user	0m3.565s
sys	0m0.738s

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions