From 0e4655d0aeed20df6d90ac77da7947072d4a20ec Mon Sep 17 00:00:00 2001
From: Emmanuel T Odeke <emmanuel@orijtech.com>
Date: Mon, 31 Oct 2022 13:20:41 -0700
Subject: [PATCH] rules/sdk/blocklist: permit depinject to import unsafe

The cosmos-sdk package "depinject" heavily uses unsafe and reflect
code for its core functionality and thus should be allowed to import
them. This change shaves off 106 flags from the cosmos-sdk security
flags counter: from 805 down to 699
---
 rules/sdk/blocklist.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/sdk/blocklist.go b/rules/sdk/blocklist.go
index b1dc209..229d11e 100644
--- a/rules/sdk/blocklist.go
+++ b/rules/sdk/blocklist.go
@@ -43,7 +43,7 @@ func (r *blocklistedImport) ID() string {
 // Please see https://github.com/cosmos/gosec/issues/44.
 func forbiddenFromBlockedImports(ctx *gosec.Context) bool {
 	switch pkg := ctx.Pkg.Name(); pkg {
-	case "codegen", "crypto", "secp256k1", "simapp", "simulation", "testutil":
+	case "codegen", "crypto", "depinject", "secp256k1", "simapp", "simulation", "testutil":
 		// These packages rely on imports of "unsafe", "crypto/rand", "math/rand"
 		// for their core functionality like randomization e.g. in simulation or get
 		// data for randomizing data.