build(deps): bump golang.org/x/vuln from 1.1.1 to 1.1.2 in /tools · FMotalleb/crontab-go@ce90ceb

Triggered via pull request June 10, 2024 14:18

opened #10

Status Success

Total duration 2m 31s

Artifacts –

codeql.yml

on: pull_request

Matrix: analyze

10 errors

analyze (go): core/task/command.go#L93

Error return value of `proc.Start` is not checked (errcheck)

analyze (go): config/validators.go#L56

cyclomatic complexity 18 of func `(*Task).Validate` is high (> 15) (gocyclo)

analyze (go): core/task/command.go#L82

G204: Subprocess launched with a potential tainted input or cmd arguments (gosec)

analyze (go): core/task/get.go#L79

response body must be closed (bodyclose)

analyze (go): core/task/post.go#L83

response body must be closed (bodyclose)

analyze (go): core/task/command.go#L97

S1030: should use res.String() instead of string(res.Bytes()) (gosimple)

analyze (go): core/task/command.go#L101

S1030: should use res.String() instead of string(res.Bytes()) (gosimple)

analyze (go): config/validators.go#L29

S1002: should omit comparison to bool constant, can be simplified to `c.Disabled` (gosimple)

analyze (go): config/validators.go#L128

S1002: should omit comparison to bool constant, can be simplified to `s.OnInit` (gosimple)

analyze (go): core/task/command.go#L105

naked return in func `Execute` with 46 lines of code (nakedret)