Affected by GO-2024-3228 and 2 other vulnerabilities

GO-2024-3228: Coder vulnerable to post-auth URL redirection to untrusted site ('Open Redirect') in github.com/coder/coder

GO-2025-3921: Coder accepts an APIKey beyond the linked OIDC expiry if there is no refresh token in github.com/coder/coder

GO-2025-3938: Coder vulnerable to privilege escalation could lead to a cross workspace compromise in github.com/coder/coder

The highest tagged major version is v2.

gorules

package

v0.6.0 Latest Latest Go to latest Published: May 25, 2022 License: AGPL-3.0 Imports: 1 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/coder/coder

Links

Open Source Insights

Documentation ¶

Overview ¶

Package gorules defines custom lint rules for ruleguard.

golangci-lint runs these rules via go-critic, which includes support for ruleguard. All Go files in this directory define lint rules in the Ruleguard DSL; see:

- https://go-ruleguard.github.io/by-example/ - https://pkg.go.dev/github.com/quasilyte/go-ruleguard/dsl

You run one of the following commands to execute your go rules only:

golangci-lint run
golangci-lint run --disable-all --enable=gocritic

Note: don't forget to run `golangci-lint cache clean`!

Source Files ¶

View all Source files

rules.go

Directories ¶

Path	Synopsis
apitypings
auditgen
datadog-cireport

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL