~samwhited/xmpp

db5d6b1d3d07369a73519ce7c6eef054cd0eaa09 — Sam Whited 3 years ago a51ed6f v0.7.0
all: bypass gosec error on specs that require sha1
2 files changed, 8 insertions(+), 1 deletions(-)

M color/color.go
M component/component.go
M color/color.go => color/color.go +2 -0
@@ 6,6 6,7 @@
package color

import (
	/* #nosec */
	"crypto/sha1"
	"encoding/binary"
	"hash"


@@ 27,6 28,7 @@ const (
// For more information see Sum.
func Hash(cvd uint8) hash.Hash {
	return digest{
		/* #nosec */
		Hash: sha1.New(),
		cvd:  cvd,
	}

M component/component.go => component/component.go +6 -1
@@ 10,6 10,7 @@ package component // import "mellium.im/xmpp/component"

import (
	"context"
	/* #nosec */
	"crypto/sha1"
	"encoding/xml"
	"errors"


@@ 104,10 105,14 @@ func Negotiator(addr jid.JID, secret []byte, recv bool) xmpp.Negotiator {
			return mask, nil, nil, errors.New("Expected server stream to contain stream ID")
		}

		// hash.Write never returns an error per the documentation.
		/* #nosec */
		h := sha1.New()

		// hash.Write never returns an error per the documentation.
		/* #nosec */
		_, _ = h.Write([]byte(id))

		// hash.Write never returns an error per the documentation.
		/* #nosec */
		_, _ = h.Write(secret)