add bearer (1st sast tool)

.gitignore

@@ -1,2 +1,3 @@
 build/
 data/
+bin/

README.md

@@ -144,3 +144,19 @@ bash scripts/run.sh
 ```
 ./build/release/add_user -username test -password 1234
 ```
+
+# SAST анализ
+
+## Настройка окружения
+
+```bash
+bash scripts/config_sast.sh
+```
+
+## Запуск анализа
+
+```bash
+bash scripts/run_sast.sh
+```
+
+Результаты анализа в sast_results

sast_results/bearer.txt

@@ -0,0 +1,70 @@
+
+
+Security Report
+
+=====================================
+
+Rules: 
+https://docs.bearer.com/reference/rules [v0.48.4]
+
+Language  Default Rules  Custom Rules  Files  
+Go        72             0             8      
+
+
+HIGH: Unsanitized user input in file path [CWE-73]
+https://docs.bearer.com/reference/rules/go_gosec_filesystem_filereadtaint
+To ignore this finding, run: bearer ignore add 690cb9207bb6cb72edd1002fae0a0fa3_0
+
+File: internal/config/config.go:41
+
+ 41 	data, err := os.ReadFile(path)
+
+LOW: Leakage of information in logger message [CWE-532]
+https://docs.bearer.com/reference/rules/go_lang_logger_leak
+To ignore this finding, run: bearer ignore add 219087ffdfad090e6436320f68eae990_0
+
+File: cmd/add_user/main.go:33
+
+ 33 		log.Fatalf("Ошибка инициализации БД: %v\n", err)
+
+LOW: Leakage of information in logger message [CWE-532]
+https://docs.bearer.com/reference/rules/go_lang_logger_leak
+To ignore this finding, run: bearer ignore add 219087ffdfad090e6436320f68eae990_1
+
+File: cmd/add_user/main.go:41
+
+ 41 		log.Fatalf("Не удалось создать пользователя %s: %v\n", *username, err)
+
+LOW: Leakage of information in logger message [CWE-532]
+https://docs.bearer.com/reference/rules/go_lang_logger_leak
+To ignore this finding, run: bearer ignore add 533ab12ca2b781f58bc69e81cb601ad6_0
+
+File: cmd/authapp/main.go:33
+
+ 33 		log.Fatalf("Ошибка загрузки конфигурации: %v\n", err)
+
+LOW: Leakage of information in logger message [CWE-532]
+https://docs.bearer.com/reference/rules/go_lang_logger_leak
+To ignore this finding, run: bearer ignore add 533ab12ca2b781f58bc69e81cb601ad6_1
+
+File: cmd/authapp/main.go:43
+
+ 43 		log.Fatalf("Ошибка инициализации БД: %v\n", err)
+
+LOW: Leakage of information in logger message [CWE-532]
+https://docs.bearer.com/reference/rules/go_lang_logger_leak
+To ignore this finding, run: bearer ignore add 448b1db1ab73e2474723c4d659611644_0
+
+File: cmd/init_users/main.go:18
+
+ 18 		log.Fatalf("Ошибка инициализации БД: %v\n", err)
+=====================================
+
+72 checks, 6 findings
+
+CRITICAL: 0
+HIGH: 1 (CWE-73)
+MEDIUM: 0
+LOW: 5 (CWE-532)
+WARNING: 0
+

scripts/config_sast.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+# --------------------------------------
+# Настройка SAST анализаторов
+# --------------------------------------
+
+echo "Установка curl"
+
+sudo apt update
+sudo apt install -y curl
+
+echo "Создание директории для результатов анализа"
+mkdir -p sast_results
+
+echo "Установка bearer"
+
+curl -sfL https://raw.githubusercontent.com/Bearer/bearer/main/contrib/install.sh | sh

scripts/run_sast.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+# --------------------------------------
+# Запуск SAST анализа
+# --------------------------------------
+
+echo "Запуск bearer"
+./bin/bearer scan --output sast_results/bearer.txt .
+
+echo "Анализ завершён, результаты в sast_results"