github
/
portainer
mirror of https://github.com/portainer/portainer
1
0
Fork 0
Code Issues Releases Wiki Activity

fix(depguard): add a rule against golang.org/x/crypto BE-11978 (#1119)

pull/12512/merge
andres-portainer 2025-09-01 10:54:24 -03:00 committed by GitHub
parent 7cf6bb78d6
commit 36154e9d33
3 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.golangci.yaml
View File

@ -38,8 +38,8 @@ linters:
desc: use github.com/portainer/portainer/pkg/libcrypto desc: use github.com/portainer/portainer/pkg/libcrypto
- pkg: github.com/portainer/libhttp - pkg: github.com/portainer/libhttp
desc: use github.com/portainer/portainer/pkg/libhttp desc: use github.com/portainer/portainer/pkg/libhttp
- pkg: golang.org/x/crypto/pbkdf2 - pkg: golang.org/x/crypto
desc: use standard crypto/pbkdf2 instead - important for FIPS mode desc: golang.org/x/crypto is not allowed because of FIPS mode
forbidigo: forbidigo:
forbid: forbid:
- pattern: ^tls\.Config$ - pattern: ^tls\.Config$

5
api/crypto/aes.go
View File

@ -15,8 +15,9 @@ import (
"github.com/portainer/portainer/pkg/fips" "github.com/portainer/portainer/pkg/fips"
"golang.org/x/crypto/argon2" // Not allowed in FIPS mode
"golang.org/x/crypto/scrypt" "golang.org/x/crypto/argon2" //nolint:depguard
"golang.org/x/crypto/scrypt" //nolint:depguard
) )
const ( const (

3
api/crypto/hash.go
View File

@ -1,7 +1,8 @@
package crypto package crypto
import ( import (
"golang.org/x/crypto/bcrypt" // Not allowed in FIPS mode
"golang.org/x/crypto/bcrypt" //nolint:depguard
) )
// Service represents a service for encrypting/hashing data. // Service represents a service for encrypting/hashing data.