go/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2025-07-09 00:45:40 +02:00
Code Issues Releases Activity
1,143 Commits 9 Branches 47 Tags
update_go
Commit Graph

1143 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
kruskal
7d539ed494 feat: add concurrency option to parallelize package loading (#778) 
* feat: add concurrency option to parallelize package loading

* refactor: move wg.add inside the for loop

* fix: gracefully stop the workers on error

* test: add test for concurrent scan
 2022-02-16 18:23:37 +01:00
Renovate Bot
43577cebb7 chore(deps): update all dependencies 2022-02-16 12:21:25 +01:00
Cosmin Cojocar
c0680bb6a3 Process the code snippet before adding it to the SARIF report 
Preprocess the code snippet from the issue in order to extract only the line(s)
of code where the issue is located.  In addition remove the line numbers and whitespaces
before writing the code snippet into the SARIF report.
 2022-02-09 16:19:40 +01:00
de-jcup
db8d98b571 Updated sponsor link in README.md 
- Because of rebranding (Daimler AG has become
  Mercedes-Benz Group AG) the github organization has
  been renamed as well.
- Updated sponsorship link in README.md to new github organization
 2022-02-07 10:34:42 +01:00
Renovate Bot
507f8472ca chore(deps): update golang.org/x/crypto commit hash to 30dcbda 2022-02-07 10:34:16 +01:00
Renovate Bot
853e1d5034 chore(deps): update all dependencies 2022-01-31 18:58:38 +01:00
Cosmin Cojocar
09a2941ad4 Use the CWE name as a name in the SARIF report 2022-01-27 15:51:51 +01:00
renovate[bot]
9399e7bed7 chore(deps): update all dependencies (#771) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-01-27 11:26:33 +10:00
Cosmin Cojocar
2fad8a4193 Resolve the TLS min version when is declarted in the same package but in a different file 2022-01-26 19:27:26 +01:00
Cosmin Cojocar
1fbcf10e18 Add a test for tls min version defined in a different file 2022-01-26 19:27:26 +01:00
renovate[bot]
b12c0f6e4e chore(deps): update all dependencies (#765) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-01-26 11:10:11 +01:00
kaiili
1d909e2687 Add db.Exec and db.Prepare to the sql rule (#763) 
* Add db.Exec and db.Prepare to the sql rule

* add test cases for G201,G202
v2.9.6 		2022-01-17 13:50:37 +01:00
renovate[bot]
742aa848f9 chore(deps): update golang.org/x/crypto commit hash to 5e0467b (#764) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-01-17 12:42:54 +01:00
Cosmin Cojocar
7be6d4efb5 Add os.Create to the readfile rule (#761) 2022-01-12 19:33:17 +01:00
kaiili
75cc7dcd51 Fix false negative for SQL injection when using DB.QueryRow.Scan() (#759) 2022-01-12 16:33:39 +01:00
renovate[bot]
58058af0c8 chore(deps): update dependency highlight.js to v11.4.0 (#758) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-01-10 10:56:36 +01:00
kaiili
9d66b0d346 Fix false negatives for SQL injection in multi-line queries 2022-01-05 12:05:53 +01:00
Ville Skyttä
4c1afaa492 Find G303 with filepath.Join'd temp dirs (#754) 2022-01-04 14:48:02 +01:00
Ville Skyttä
19bda8d15f Find more tempdirs 
* Find G303 in string concatenations, with os.TempDir, and in path.Join args

* Find G303 with /usr/tmp, too

/usr/tmp is commonly found e.g. on Solaris.
 2022-01-03 21:58:25 +01:00
Ville Skyttä
827fca9a83 build(fmt): use [ instead of [[ (#751) 
When `/bin/sh` is not a shell having `[[`, `make fmt` fails:

```
FORMATTING
/bin/sh: 1: [[: not found
```
 2022-01-03 20:26:14 +01:00
Cosmin Cojocar
ad5d74d5a1 Update to ginkgo v2 (#753) 2022-01-03 18:11:35 +01:00
Yiwei Ding
72f1145f8a Fix #743 (#748) 
* Check if nosec tag is in front of a line

* Use \n instead of a whitespace in a test case
 2022-01-03 16:48:42 +01:00
Cosmin Cojocar
63a8e789a1 Handle nil when looking up a file by position into a package (#747) 2021-12-22 17:50:46 +01:00
kaiili
3038a30e3c Add in the config file settings for exclude and include options 
Co-authored-by: kaiili <kaii@openingsource.org>
 2021-12-20 23:43:50 +01:00
renovate[bot]
bf0dd2fdd3 chore(deps): update golang.org/x/crypto commit hash to e495a2d (#745) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-12-20 23:36:02 +01:00
Yiwei Ding
2d1c1a6df7 Track both #nosec and #nosec rulelist for one violation (#741) 2021-12-20 23:33:01 +01:00
Cosmin Cojocar
e0f354aa0d Add the sponsors section in the README file (#740) 2021-12-15 20:10:40 +01:00
Ville Skyttä
d23ab2d997 Remove space between // and #nosec in examples and internal use 
Comments intended for machines to read do not have the space by
convention.
 2021-12-15 19:31:14 +01:00
Yiwei Ding
35af340d07 Fix #736 (#738) v2.9.5 2021-12-13 17:45:47 +01:00
renovate[bot]
6c0b34426c chore(deps): update golang.org/x/crypto commit hash to 4570a08 (#737) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-12-13 17:44:29 +01:00
Yiwei Ding
b45f95f6ad Add support for suppressing the findings v2.9.4 2021-12-09 11:53:36 +01:00
renovate[bot]
040327f7d7 chore(deps): update all dependencies (#734) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-12-07 15:49:48 +01:00
Lars
6a41fb9e61 Fix https://github.com/securego/gosec/issues/714 (#733) v2.9.3 2021-11-24 16:34:42 +01:00
renovate[bot]
c95e9c21e7 chore(deps): update all dependencies (#731) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-11-22 14:04:48 +01:00
Cosmin Cojocar
e57efa8482 Fix a panic in suproc rule when the declaration of the variable is not available in the AST (#728) v2.9.2 2021-11-16 21:41:26 +01:00
Marc Brugger
ff17c30a97 Use go embed for templates (#725) 2021-11-15 16:17:22 +01:00
Matthew Jaffee
3eba7b8a3e add openssh to docker image (#719) 
I'm trying to scan a project which has dependencies which are private projects. When Go tries to fetch the dependencies it normally uses HTTPS, but that doesn't work if they're private (terminal prompts disabled, can't enter username/password). So you do this little trick with git configuration to get Go to fetch dependencies over ssh: `GIT_CONFIG_PARAMETERS=url.ssh://git@github.com/.insteadOf=https://github.com/`
unfortunately the docker image doesn't have ssh installed so this doesn't work :)
 2021-11-10 21:13:20 +01:00
Cosmin Cojocar
55c6ceaaa6 Fix crash when parsing the TLS min version value (#724) 2021-11-09 21:59:53 +01:00
Ville Skyttä
40fa36d1de G303: catch with os.WriteFile, add os.Create test case (#718) 
* Add G303 os.Create test case

* Catch G303 with os.WriteFile too
 2021-11-09 21:13:45 +01:00
renovate[bot]
873ac243ea chore(deps): update all dependencies (#722) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-11-09 21:05:07 +01:00
Ville Skyttä
f1f0056a90 Spelling fixes (#717) 2021-11-09 21:02:24 +01:00
renovate[bot]
0680c75f99 chore(deps): update all dependencies (#716) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-11-01 20:56:57 +01:00
Ryan Leung
79c8b79263 use a better naming for the variable (#715) 
Signed-off-by: Ryan Leung <rleungx@gmail.com>
 2021-10-19 11:54:51 +02:00
Cosmin Cojocar
69213955da Fix the SBOM generation step in the release action (#712) v2.9.1 2021-10-15 10:57:09 +02:00
Cosmin Cojocar
5a3a27afae Phase out support for go version 1.15 because current ginko is not backward compatible (#710) 
We are going to support only the stable versions provided by the Go team.
 2021-10-15 10:46:13 +02:00
Cam
17105ab93e spelling fix (#708) v2.9.0 2021-10-14 09:54:32 +02:00
xq840622
1297bedbc7 Update README.md (#707) 
"io/ioutil" package name is "ioutil"
 2021-10-14 09:54:09 +02:00
Eng Zer Jun
7fd4aef9dc feat: add os.ReadFile to G304 (#706) 
In Go 1.16 or higher, the `io/ioutil` has been deprecated and the
`ioutil.ReadFile` function now calls `os.ReadFile`.

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
 2021-10-14 09:53:26 +02:00
nobishii
991dd94f3a Update local installation instruction (#703) 
Update local installation instruction for Go1.16+.
 2021-10-05 19:33:55 +02:00
Yuval Kashtan
1933cba5b5 Add os.Unsetenv to NoErrorCheck whitelist (#702) 
it always return nil err
 2021-10-05 19:30:34 +02:00