go/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2025-07-05 00:29:02 +02:00
Code Issues Releases Activity
1,164 Commits 9 Branches 47 Tags
update_action_gosec
Commit Graph

1164 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Cosmin Cojocar
293d887525 Fix lint warnings 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-09-20 10:19:51 +02:00
Cosmin Cojocar
ac482cb87c Update ginkgo to latest version 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-09-20 10:19:51 +02:00
Cosmin Cojocar
e02e2f6d5b Redesign and reimplement the slice out of bounds check using SSA code representation 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-09-20 10:19:51 +02:00
Audun Bjørnerud Mo
e1278f9572 docs: add reMarkable to users list 2023-09-19 15:55:25 +02:00
renovate[bot]
f6a64969a3 chore(deps): update all dependencies 2023-09-18 08:40:10 +02:00
Cosmin Cojocar
aebe20cfba Drop support for go 1.19.x since go team doesn't ship anymore security fixes for it 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-09-11 11:26:07 +02:00
Cosmin Cojocar
7a98537c9a Update to latest go version 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-09-11 11:26:07 +02:00
renovate[bot]
b192f06cca chore(deps): update all dependencies (#1011) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-09-11 10:53:32 +02:00
Cosmin Cojocar
6c93653a29 Fix hardcoded_credentials rule to only match on more specific patterns (#1009) 
* Fix hardcoded_credentials rule to only match on more specific patterns

Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>

* Fix lint warnings

Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>

* Fix double escape in regexps

Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>

---------

Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-09-05 18:00:02 +02:00
renovate[bot]
325eb19a54 chore(deps): update all dependencies (#1008) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-09-04 09:12:42 +02:00
Cosmin Cojocar
beef1250a4 Exclude maps from slince bounce check rule (#1006) 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-08-23 17:17:14 +02:00
Alexander Yastrebov
21d13c9a9b Ignore struct pointers in G601 (#1003) 
Updates https://github.com/securego/gosec/issues/966

Signed-off-by: Alexander Yastrebov <yastrebov.alex@gmail.com>
 2023-08-18 17:05:17 +02:00
Kevin Pita
85005c43d9 Update gosec image version to 2.17.0 in the Github action (#1002) 2023-08-18 10:07:28 +02:00
Cosmin Cojocar
6a2c5e16a1 Update cosign to version v2.1.1 (#1000) 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-08-17 09:53:01 +02:00
Cosmin Cojocar
a89e9d5a7a Enable go 1.21.0 in the CI build (#998) 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
v2.17.0 		2023-08-14 09:59:18 +02:00
renovate[bot]
4b458c4f59 chore(deps): update all dependencies (#997) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-08-14 09:36:16 +02:00
Cosmin Cojocar
7d51bfe004 Update to go version 1.20.7 and 1.19.12 (#993) 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-08-07 10:05:55 +02:00
renovate[bot]
fc2f66bbbb chore(deps): update all dependencies (#992) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-08-07 09:54:19 +02:00
renovate[bot]
2cf2f96697 chore(deps): update module github.com/onsi/gomega to v1.27.10 (#991) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-07-31 10:23:04 +02:00
Audun
bf7feda2b9 fix: correctly identify infixed concats as potential SQL injections (#987) 2023-07-25 17:13:07 +02:00
renovate[bot]
2292ed5e91 chore(deps): update all dependencies (#989) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-07-24 10:01:22 +02:00
Cosmin Cojocar
fc570b6f1a Add a new flag terse to show only the results and summary (#986) 
The new flag '-terse' will only show the results and summary ignoring any logs occured during a scan.

Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-07-18 16:21:22 +02:00
Cosmin Cojocar
36f69332a4 Switch to a maintained fork of zxcvbn module (#984) 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-07-17 12:47:26 +02:00
Cosmin Cojocar
ed7b33420e Fix dependencies after bot update (#983) 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-07-17 10:25:11 +02:00
renovate[bot]
e76ad70182 chore(deps): update all dependencies (#982) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-07-17 10:13:40 +02:00
Cosmin Cojocar
3a6fd99e54 Update to Go version 1.19.11 and 1.20.6 (#981) 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-07-13 09:53:11 +02:00
Cosmin Cojocar
ea39309b36 Fix and tidy the dependencies (#977) 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-07-10 10:52:16 +02:00
renovate[bot]
ef8f560d84 chore(deps): update all dependencies (#976) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-07-10 10:37:30 +02:00
Cosmin Cojocar
17b7d31f41 Update README file with new rule (#975) 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-06-21 10:07:27 +02:00
Morgen Malinoski
a018cf0fbb Feature: G602 Slice Bound Checking (#973) 
* Added slice bounds testing for slice expressions.

* Added checking slice index.

* Added test for reassigning slice.

* Store capacities on reslicing.

* Scope change clears map. Func name used to track slices.

* Map CallExpr to check bounds when passing to functions.

* Fixed linter errors.

* Updated rulelist with CWE mapping.

* Added comment for NewSliceBoundCheck.

* Addressed nil cap runtime error.

* Replaced usage of nil in call arg map with dummy callexprs.

* Updated comments, wrapped error return, addressed other review concerns.
 2023-06-21 09:56:36 +02:00
renovate[bot]
82364a710c chore(deps): update all dependencies (#974) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-06-19 09:15:01 +02:00
Morgen Malinoski
abeab1092d Feature: G101 match variable values and names (#971) 
* G101 now checks LHS of ValueAssignments for patternValue.

* Added matching string literals in equality check.

* Added patternValue matching for ValueSpec.

* Ran gci to fix linter error.

* Added tests and updated regex to be more inclusive.

* Addressed short-circuit eval for isHighEntropy and non-standard ok variable.

* Resolved unhandled error and added more tests.

* Flattened code to make it more readable.

* Added better comments.

* Added new regex for Google API Key, GitHub PAT, and GoogleOAuth.

* Gofmt'ed the test cases.
 2023-06-15 10:18:03 +02:00
Cosmin Cojocar
b824c10eb4 Update build script to go version 1.20.5 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-06-07 08:53:25 +02:00
renovate[bot]
022584d770 chore(deps): update all dependencies 2023-06-05 09:29:32 +02:00
futuretea
bd58600acf Recognize struct field in G601 
Signed-off-by: futuretea <1913508671@qq.com>
 2023-06-02 17:17:10 +02:00
Cosmin Cojocar
1457921142 Remove the depguard from the list of enabled linters 
It seems that it flags some imports which are part of the project.

Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-06-02 16:14:14 +02:00
Oleksandr Redko
1f689968ec Fix typos in comments, vars and tests 2023-05-30 08:26:41 +02:00
renovate[bot]
e1484658ac chore(deps): update all dependencies 2023-05-30 08:25:13 +02:00
Cosmin Cojocar
9120883a15 Fix no-sec alternative tag (#962) 
The no-sec alternative tag prepends now automatically the # symbol

Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-05-25 11:54:26 +02:00
Cosmin Cojocar
87cc45e1cd Use image digest instead of tag when signing the released image with cosign (#960) 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-05-17 15:58:25 +02:00
Cosmin Cojocar
6df05bd7a3 Update gosec image version to 2.16.0 in the Github action (#959) 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-05-17 15:50:14 +02:00
Cosmin Cojocar
c5ea1b7bdd Update cosign to latest version in release Github action (#958) 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
v2.16.0 		2023-05-17 15:27:49 +02:00
renovate[bot]
8632a8c58a chore(deps): update all dependencies (#956) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-05-15 12:05:59 +02:00
Cosmin Cojocar
ae3c2f787c Update go version in build and release scripts (#957) 2023-05-15 12:05:44 +02:00
renovate[bot]
970cc2957f chore(deps): update all dependencies (#955) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-05-03 09:46:14 +02:00
Cosmin Cojocar
47bfd4eb6f Update Go version to 1.20.3 (#953) 2023-04-18 10:18:21 +02:00
renovate[bot]
440141a948 chore(deps): update all dependencies (#952) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-04-18 10:08:02 +02:00
Giovanni Rosa
7df7baa3f0 Fix for Dockerfile smell DL3059 (#951) 
Signed-off-by: Giovanni Rosa <g.rosa1@studenti.unimol.it>
 2023-04-14 13:46:24 +02:00
Olivier Mengué
2ee3213dc1 README: upgrade GitHub action in examples (#950) 
Upgrade actions/checkout from v2 to v3 in GitHub actions examples.
 2023-04-13 10:23:06 +02:00
Matthieu MOREL
68b520165d enable ginkgolinter linter (#948) 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2023-04-04 08:52:59 +02:00