e4d0e9f5be
Update all dependencies ( #553 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com >
2021-01-04 08:03:52 +01:00
9fe0b2e21a
Fix typo ( #547 )
2020-12-11 09:34:38 +01:00
d8fa95aad8
Update all dependencies ( #544 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com >
2020-12-01 09:29:25 +01:00
984c1d39a0
fix typo in ContainsPkgCallExpr comment ( #545 )
2020-12-01 09:28:38 +01:00
208b73eec4
Update all dependencies ( #538 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com >
2020-11-02 09:15:56 +01:00
0d4f1cb2cb
Support SARIF output ( #539 )
...
* SARIF support
* add sarif option to help text
2020-11-02 09:13:53 +01:00
a4746e18e3
Update all dependencies ( #533 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com >
2020-10-07 20:32:18 +02:00
6bd6e4ba2c
Use $(go env GOPATH) that works even when GOPATH is not set
2020-10-01 04:17:43 +10:00
aef335a98e
Fix typo in README.md
...
s/trucate/truncate for G101 configuration
2020-10-01 04:17:00 +10:00
0ce48a584f
Reproducible junit report ( #529 )
...
* Fix junit format ordering
Signed-off-by: L. Pivarc <lpivarc@redhat.com >
* Make ordering stable
Signed-off-by: L. Pivarc <lpivarc@redhat.com >
* Test ordering
Signed-off-by: L. Pivarc <lpivarc@redhat.com >
2020-09-29 19:17:38 +02:00
868556b846
Update README with the correct path to tlsconfig command
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com >
2020-09-03 10:54:08 +02:00
13519fda59
Update the tls configuration generate to handle also the NSS alternative names
...
Regenerate the configuration of TLS rule.
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com >
2020-09-03 10:54:08 +02:00
e351067255
Update all dependencies
2020-09-01 08:58:31 +02:00
166e4f5f45
Update README file with some more details required to run successfully a scan with the docker image
...
The current working directory needs to be specified in the docker run option in order for gosec
to download the dependencies defined in the go module file.
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com >
2020-09-01 08:57:52 +02:00
f5cc32a320
Update the Go version to 1.15 in the Makefile
...
This is only used when building locally the docker image.
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com >
2020-09-01 08:57:52 +02:00
ea0fa28b7f
Update the Github go action version to 1.6.0
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com >
2020-08-31 10:27:23 +02:00
feea8bb243
Fix the action tag
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com >
2020-08-31 10:27:23 +02:00
6688a97661
Fix the github action for Go 1.15
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com >
2020-08-31 10:27:23 +02:00
7234349e33
Add Go 1.15 to the supported version and phase out the Go 1.12
...
Also updated the release automation to release gosec with use Go 1.15
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com >
2020-08-31 10:27:23 +02:00
a3895d5c55
Fix typo in README file
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com >
2020-08-31 10:27:02 +02:00
17c955519e
Incorrect local installation instructions for v2
2020-08-21 11:23:36 +02:00
f13b8bc639
Add also filepath.Rel as a sanitization method for input argument in the G304 rule
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com >
2020-08-19 09:40:07 +02:00
047729a84f
Fix the rule G304 to handle the case when the input is cleaned as a variable assignment
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com >
2020-08-19 09:40:07 +02:00
b60ddc21ba
feat: adds support for path.Join and for tar archives in G305
2020-08-03 09:17:45 +02:00
673a139e55
Update all dependencies
2020-08-03 09:07:46 +02:00
110b62b05f
Add io.CopyBuffer function to rule G110
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-07-29 14:25:45 +02:00
6bcd89aa6b
Mark all lines of a multi-line finding
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-07-07 10:00:15 +02:00
4d4e5949c6
Add some comments
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-07-07 10:00:15 +02:00
d1467ac998
Extend the code snippet included in the issue and refactored how the code snippet is printed
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-07-07 10:00:15 +02:00
37d1af0af3
Expand the arguments to a list of strings when they are provided as a single string
...
The GitHub action provide the arguments as a single string to the docker container,
so we need to expand them in order for gosec to properly interpret them.
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-07-06 19:38:49 +02:00
59cbe0071f
Update all dependencies
2020-07-01 09:13:45 +02:00
ade81d3873
Rename file for consistency
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-06-29 13:52:47 +02:00
03f12f3f5d
Change naming rule from blacklist to blocklist
2020-06-29 13:45:44 +02:00
3784ffea4e
Fix panic when reading the version from debug info in Go 1.13
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-06-25 15:27:53 +02:00
55d368f2e5
Improve the TLS version checking
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-06-25 09:21:14 +02:00
ad1cb7e47e
Make sure some version information is set when no version was injected into the binary
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-06-25 09:20:55 +02:00
1d2c951f2c
Extend the rule G304 with os.OpenFile and add a test to cover it
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-06-17 13:14:08 +02:00
0c1a71b8a1
Add more tests samples to increase coverage
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-06-15 15:12:02 +02:00
fe07fcf276
Fix unit test when checking a mix of good and bad random functions
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-06-15 15:12:02 +02:00
6bbf8f9cbc
Extend the insecure random rule with more insecure random functions
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-06-15 15:12:02 +02:00
af699f6a62
Exclude .git directory from scan ( #485 )
2020-06-09 15:16:27 +02:00
6202b38a44
Update all dependencies ( #484 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com >
2020-06-02 09:31:29 +02:00
6a130d55b3
Update the link pointing to issues to CWE mapping to use the master version ( #483 )
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-05-28 14:40:15 +02:00
826db1cfec
Fix the build tags propagation
...
The build tags are now propagated into the build context when analysing a package.
2020-05-27 12:42:19 +02:00
7da9248ce6
Change the issue test to verify that a multi-line finding contains a line range
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-05-27 10:16:56 +02:00
7aedcc56ab
Remove print line from tests
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-05-27 10:16:56 +02:00
30e93bf865
Improve the SQL strings concat rules to handle multiple string concatenation
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-05-27 10:16:56 +02:00
68bce94323
Improve the SQL concatenation and string formatting rules to be applied only in the database/sql context
...
In addition makes pattern matching used by the rules cases insensitive.
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-05-27 10:16:56 +02:00
32be4a5cc6
Make sure all rules are mapped to CWE numbers
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch >
2020-05-26 08:59:14 +02:00
8630c43b66
Add null pointer check in G601
...
fixes : #475
2020-05-21 05:51:45 +02:00
