From 3038a30e3c9c92bb3e15e907a8528f4282ac8fde Mon Sep 17 00:00:00 2001
From: kaiili <35690781+kaiili@users.noreply.github.com>
Date: Tue, 21 Dec 2021 06:43:50 +0800
Subject: [PATCH] Add in the config file settings for exclude and include
 options

Co-authored-by: kaiili <kaii@openingsource.org>
---
 cmd/gosec/main.go | 19 ++++++++++++++++++-
 config.go         |  4 ++++
 2 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/cmd/gosec/main.go b/cmd/gosec/main.go
index 9c9fb52d66..330280de93 100644
--- a/cmd/gosec/main.go
+++ b/cmd/gosec/main.go
@@ -185,6 +185,14 @@ func loadConfig(configFile string) (gosec.Config, error) {
 	if *flagAlternativeNoSec != "" {
 		config.SetGlobal(gosec.NoSecAlternative, *flagAlternativeNoSec)
 	}
+	// set global option IncludeRules ,when flag set or global option IncludeRules  is nil
+	if v, _ := config.GetGlobal(gosec.IncludeRules); *flagRulesInclude != "" || v == "" {
+		config.SetGlobal(gosec.IncludeRules, *flagRulesInclude)
+	}
+	// set global option ExcludeRules ,when flag set or global option IncludeRules  is nil
+	if v, _ := config.GetGlobal(gosec.ExcludeRules); flagRulesExclude.String() != "" || v == "" {
+		config.SetGlobal(gosec.ExcludeRules, flagRulesExclude.String())
+	}
 	return config, nil
 }
 
@@ -348,7 +356,16 @@ func main() {
 	}
 
 	// Load enabled rule definitions
-	ruleList := loadRules(*flagRulesInclude, flagRulesExclude.String())
+	excludeRules, err := config.GetGlobal(gosec.ExcludeRules)
+	if err != nil {
+		logger.Fatal(err)
+	}
+	includeRules, err := config.GetGlobal(gosec.IncludeRules)
+	if err != nil {
+		logger.Fatal(err)
+	}
+	// get a bug
+	ruleList := loadRules(includeRules, excludeRules)
 	if len(ruleList.Rules) == 0 {
 		logger.Fatal("No rules are configured")
 	}
diff --git a/config.go b/config.go
index fe60b2f6d2..59f48bc5e4 100644
--- a/config.go
+++ b/config.go
@@ -26,6 +26,10 @@ const (
 	Audit GlobalOption = "audit"
 	// NoSecAlternative global option alternative for #nosec directive
 	NoSecAlternative GlobalOption = "#nosec"
+	// ExcludeRules global option for some rules  should not be load
+	ExcludeRules GlobalOption = "exclude"
+	// IncludeRules global option for  should be load
+	IncludeRules GlobalOption = "include"
 )
 
 // Config is used to provide configuration and customization to each of the rules.