Is your feature request related to a problem? Please describe.
Importing the net/http/pprof has an implicit effect of exposing a routing for debugging purposes if used in conjunction with http.ListenAndServe()
Describe the solution you'd like
Need a new rule to check for this import. A sample snippet of code that exhibits this problem:
import (
"net/http"
_ "net/http/pprof"
)
func main() {
go http.ListenAndServe("0.0.0.0:80", nil)
}
CWE-489: Active Debug Code might be appropriate.
Describe alternatives you've considered
n/a
Additional context
https://pkg.go.dev/net/http/pprof
Love this idea? Give it a 👍. We prioritize fulfilling features with the most 👍.
Is your feature request related to a problem? Please describe.
Importing the net/http/pprof has an implicit effect of exposing a routing for debugging purposes if used in conjunction with http.ListenAndServe()
Describe the solution you'd like
Need a new rule to check for this import. A sample snippet of code that exhibits this problem:
CWE-489: Active Debug Code might be appropriate.
Describe alternatives you've considered
n/a
Additional context
https://pkg.go.dev/net/http/pprof
Love this idea? Give it a 👍. We prioritize fulfilling features with the most 👍.