go/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2025-07-05 00:29:02 +02:00
Code Issues Releases Activity
1,164 Commits 9 Branches 47 Tags
update_action_gosec
Commit Graph

1164 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Cosmin Cojocar
2f109dfaeb Update gosec to version 2.22.5 in Github action 
Change-Id: Ide774b7157678f54e17bd7decad22d0712ff1b40
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-06-16 10:56:37 +00:00
Cosmin Cojocar
d2d3ae66bd Switch back go.mod to minimum 1.23.0 
Change-Id: Ic3f843d866a21a6595e1dc9c97416f2a22172299
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
v2.22.5 		2025-06-16 11:50:02 +02:00
Cosmin Cojocar
1e7ed06b15 Update dependencies 
Change-Id: Ifccf358fa941a51f6b9e817311dc4a49ee9afb6f
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-06-16 11:50:02 +02:00
Cosmin Cojocar
1bef91a07f Update go version 1.24.4 and 1.23.10 in CI 
Change-Id: I3d7d82da3385d231873a8901132a8a025beb01fc
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-06-16 11:21:59 +02:00
renovate[bot]
621702f13a chore(deps): update all dependencies 2025-06-10 10:39:08 +02:00
Ilia Mirkin
017d1d655c G201/G202: add checks for injection into sql.Conn methods 
We check sql.DB and sql.Tx, but sql.Conn appears to have been missed. It
carries the same issues as DB/Tx in terms of injection.
 2025-06-03 16:22:56 +02:00
renovate[bot]
67f63d4781 chore(deps): update module google.golang.org/api to v0.235.0 2025-06-02 10:04:14 +02:00
renovate[bot]
b4eabb1b18 chore(deps): update module google.golang.org/api to v0.234.0 2025-05-26 16:03:16 +03:00
renovate[bot]
52a80ff4bd chore(deps): update module google.golang.org/api to v0.233.0 2025-05-20 10:08:10 +02:00
renovate[bot]
e2a95069d9 chore(deps): update module google.golang.org/api to v0.232.0 2025-05-12 09:48:04 +02:00
Cosmin Cojocar
6decf96c3d Update to go version 1.24.3 and 1.23.9 
Change-Id: I51a700de77a580647088f6ac40a725bac5c4e233
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
v2.22.4 		2025-05-08 11:19:37 +02:00
codeshaine
d522338364 update: updated the build command to include version metadata 2025-05-08 11:00:06 +02:00
renovate[bot]
270b5ce868 chore(deps): update all dependencies 2025-05-06 09:44:05 +02:00
Cosmin Cojocar
60279264be Update the AI provider API key value when provided as an argument 
Change-Id: I9658ff0bc37941d6767144b7df49470452f8f591
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-04-28 12:45:12 +02:00
renovate[bot]
65d2d9f011 chore(deps): update module google.golang.org/api to v0.230.0 2025-04-28 12:27:29 +02:00
renovate[bot]
dc1c38b861 chore(deps): update module google.golang.org/api to v0.229.0 2025-04-22 10:17:22 +02:00
renovate[bot]
55dbf5ad81 chore(deps): update all dependencies 2025-04-14 10:44:53 +02:00
Cosmin Cojocar
2aaa9c41d6 Comment the reason why the file can be nil when an issue is created 
Change-Id: I85295a33f540255f4904e663144b959877d0c38a
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-04-08 18:19:28 +02:00
Cosmin Cojocar
700e9a9d18 Handle nil file when creating a new issue 
This can occur when there is a compilation issue into the code.

Change-Id: I8b028d454d417c33edc687dcffc68c92d18091d6
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-04-08 18:19:28 +02:00
renovate[bot]
d514c42671 chore(deps): update all dependencies (#1333) 
* chore(deps): update all dependencies

* Fix all lint warnings after upgrading golangci-lint action

Change-Id: I7b4162307ae0d6a1c9ec00b7127469c64ed93f64
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>

* Remove the backup file

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>

---------

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Cosmin Cojocar <ccojocar@google.com>
 2025-04-07 13:12:14 +02:00
Jenna Schwartz
1d458c50e1 Update version in 'action.yml' to 2.22.3 (anticipating next version (#1332) 2025-04-04 10:36:07 +02:00
Cosmin Cojocar
955a68d0d1 Update go version to 1.24.2 and 1.23.8 (#1331) v2.22.3 2025-04-03 16:53:13 +02:00
Brandon Annin
1336dc6820 remove G113. It only affects old/unsupported versions of Go (#1328) 
* don't warn on G113 (big.Rat SetString) if on an unaffected version of Go

Newer versions of go (>=1.16.14, >=1.17.7, 1.18+) are not affected by this. Don't warn at all on those newer versions. See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23772

* alert on all known versions

Co-authored-by: ccoVeille <3875889+ccoVeille@users.noreply.github.com>

* remove G113 CVE-2022-23772 which only affects old/unsupport Go versions

* Retire rule

* gofmt

---------

Co-authored-by: ccoVeille <3875889+ccoVeille@users.noreply.github.com>
 2025-04-03 16:44:20 +02:00
renovate[bot]
5fd2a37044 chore(deps): update all dependencies (#1325) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-03-31 15:57:38 +02:00
Govind Malviya
39e4477788 Add SSOJet (#1320) 2025-03-19 10:24:30 +01:00
renovate[bot]
6141d100df chore(deps): update all dependencies (#1319) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-03-19 09:17:29 +01:00
Cosmin Cojocar
9452efe4ad Update the integrity sha for babel dependency in html report (#1316) 
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-03-10 11:07:47 +01:00
frozenbonito
57ec63392c Add support for //gosec:disable directive (#1314) 2025-03-10 10:09:27 +01:00
renovate[bot]
e5fee17863 chore(deps): update all dependencies (#1315) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-03-10 09:58:31 +01:00
Cosmin Cojocar
136f6c0040 Update to go version 1.24.1 and 1.23.7 (#1313) 
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
v2.22.2 		2025-03-05 11:40:35 +01:00
renovate[bot]
047453a82f chore(deps): update all dependencies (#1310) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-03-03 09:50:53 +01:00
renovate[bot]
76ccee5b2f chore(deps): update all dependencies (#1308) 
* chore(deps): update all dependencies

* Remove the toolchain constraint

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>

---------

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Cosmin Cojocar <ccojocar@google.com>
 2025-02-24 10:24:14 +01:00
Cosmin Cojocar
a9eb1c96fa Update gosec version in the GitHub action to v2.22.1 (#1307) 2025-02-17 15:18:07 +01:00
renovate[bot]
89c5da3ce0 chore(deps): update module google.golang.org/api to v0.221.0 (#1305) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-02-17 09:49:10 +01:00
Cosmin Cojocar
43fee884f6 Update cosign to v2.4.2 (#1303) 
Change-Id: I5346ca655388a5c33463ccecc72657b539c83d76

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
v2.22.1 		2025-02-13 10:19:46 +01:00
Cosmin Cojocar
77238291df Add support for go 1.24 and phased out support for go 1.22 (#1302) 
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-02-13 10:16:37 +01:00
renovate[bot]
9552f0372d chore(deps): update all dependencies (#1300) 
* chore(deps): update all dependencies

* Remove the toolchain version

Change-Id: Ia459abe63b2b15167dd51a9a75b222178d7664b6
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>

---------

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Cosmin Cojocar <ccojocar@google.com>
 2025-02-11 09:54:07 +01:00
Cosmin Cojocar
f4d2576c36 Update to go version 1.23.6 and 1.22.12 (#1299) 
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-02-05 10:21:51 +01:00
renovate[bot]
2258e3108d chore(deps): update module google.golang.org/api to v0.219.0 (#1296) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-02-03 09:51:05 +01:00
renovate[bot]
fbb08336de chore(deps): update module google.golang.org/api to v0.218.0 (#1294) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-27 09:21:30 +01:00
Cosmin Cojocar
c66cb56f09 Add test to conver unit parssing for G115 rule (#1293) 
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-01-23 14:22:32 +01:00
Cosmin Cojocar
59291a08ae Update to go version 1.23.5 and 1.22.11 (#1291) 2025-01-20 09:31:43 +01:00
renovate[bot]
7466b7cad2 chore(deps): update all dependencies (#1290) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-20 09:16:55 +01:00
Cosmin Cojocar
32dcc8a1f5 Update gosec in github action to 2.22.0 (#1286) 
Change-Id: I9759d3c8ecfa34525f61e42f8d4ae412b92ead6d

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-01-14 15:57:57 +01:00
Oleksandr Redko
e0cca6fe95 Update what message for G104 (#1282) v2.22.0 2025-01-06 15:41:33 +01:00
renovate[bot]
534689b08f chore(deps): update module github.com/onsi/ginkgo/v2 to v2.22.2 (#1281) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-06 09:51:27 +01:00
renovate[bot]
eb95db1c76 chore(deps): update all dependencies (#1280) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-12-30 15:47:51 +01:00
renovate[bot]
6c6da403f0 chore(deps): update all dependencies (#1279) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-12-23 09:38:16 +01:00
Oleksandr Redko
b12f51f7d6 Simplify sortIssues implementation (#1277) 2024-12-20 10:05:09 +01:00
Oleksandr Redko
54c2185ae6 Enable testifylint and fix up lint issues (#1276) 2024-12-20 10:03:23 +01:00