go/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2025-07-15 01:04:43 +02:00
Code Issues Releases Activity
702 Commits 9 Branches 47 Tags
0680c75f9930e724cc7d121db9db2758142a40f2
Commit Graph

702 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
renovate[bot]
0680c75f99 chore(deps): update all dependencies (#716) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-11-01 20:56:57 +01:00
Ryan Leung
79c8b79263 use a better naming for the variable (#715) 
Signed-off-by: Ryan Leung <rleungx@gmail.com>
 2021-10-19 11:54:51 +02:00
Cosmin Cojocar
69213955da Fix the SBOM generation step in the release action (#712) v2.9.1 2021-10-15 10:57:09 +02:00
Cosmin Cojocar
5a3a27afae Phase out support for go version 1.15 because current ginko is not backward compatible (#710) 
We are going to support only the stable versions provided by the Go team.
 2021-10-15 10:46:13 +02:00
Cam
17105ab93e spelling fix (#708) v2.9.0 2021-10-14 09:54:32 +02:00
xq840622
1297bedbc7 Update README.md (#707) 
"io/ioutil" package name is "ioutil"
 2021-10-14 09:54:09 +02:00
Eng Zer Jun
7fd4aef9dc feat: add os.ReadFile to G304 (#706) 
In Go 1.16 or higher, the `io/ioutil` has been deprecated and the
`ioutil.ReadFile` function now calls `os.ReadFile`.

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
 2021-10-14 09:53:26 +02:00
nobishii
991dd94f3a Update local installation instruction (#703) 
Update local installation instruction for Go1.16+.
 2021-10-05 19:33:55 +02:00
Yuval Kashtan
1933cba5b5 Add os.Unsetenv to NoErrorCheck whitelist (#702) 
it always return nil err
 2021-10-05 19:30:34 +02:00
renovate[bot]
e73248cc12 chore(deps): update all dependencies (#701) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-10-05 19:29:19 +02:00
Matthieu MOREL
c59cd6bb95 Update renovate.json (#699) 2021-09-19 23:24:39 +02:00
Matthieu MOREL
bfb0f422fe chore(lint): enable errorlint and gci (#698) 2021-09-13 09:40:10 +02:00
renovate[bot]
cb89567f99 chore(deps): update module github.com/lib/pq to v1.10.3 (#695) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-09-13 09:39:36 +02:00
Cosmin Cojocar
1b2eecc8c4 Enable go 1.17 in the build and release workflows (#694) 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2021-09-02 14:59:49 +02:00
Nanik
efbefc6930 fix: create a separate type for flag that has validation (#692) 2021-09-02 14:44:20 +02:00
renovate[bot]
1978a52ff4 Update all dependencies (#690) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-08-23 08:04:46 +02:00
Marc Brugger
fd5472caaf remove tabs (#689) 2021-08-20 10:27:45 +02:00
Cosmin Cojocar
d3309fb4f5 Add a more generic message for rule g204 (#688) 2021-08-19 15:18:20 +02:00
Marc Brugger
b695b66e4d add key to Highlight component (#686) 2021-08-19 14:54:12 +02:00
Marc Brugger
aee782bfe8 add summary to html report (#687) 2021-08-19 14:53:39 +02:00
Cosmin Cojocar
f285d612b5 Fix formatting issues with gofumpt (#685) 
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
 2021-08-18 13:16:21 +02:00
Marc Brugger
ba23b5e49a Add possibility to list waived (nosec) marked issues but not count them as such 2021-08-18 13:00:38 +02:00
Nanik
5a131be2ec fix: add more rules for G204 (#677) 
* fix: add more rules for G204

* fix: add extra test and comment
 2021-08-16 11:31:51 +02:00
Rodrigo Broggi
9f30bb6602 Typo correction (#681) 
Correcting the command flag from 'tag' to 'tags'
 2021-08-16 11:29:35 +02:00
renovate[bot]
83355dc837 Update all dependencies (#683) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-08-16 11:28:27 +02:00
renovate[bot]
2d4133d7a1 Update module github.com/onsi/gomega to v1.15.0 (#679) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-08-09 17:29:21 +02:00
Phil Calçado
91447a45f5 Add SeatGeek to USERS.md (#678) 
We just added gosec to our standard Golang tooling and pipelines.
 2021-08-09 17:28:31 +02:00
Marc Brugger
c0c122cdc7 Add rule ID and CWE reference to the html report 2021-08-04 17:39:03 +02:00
Marc Brugger
62db81342e Allow excluding generated files 2021-08-04 17:33:20 +02:00
Marc Brugger
521e69ef66 Allows the exclude-dir option to exclude sub directories 2021-08-04 17:31:16 +02:00
Lars
d4dc2d2df5 Improve the G307 rule 
* Add G307 sample code.
The sample should reflect a defered close that leads to data loss.
Due to IDE auto-complete people tend at least log errors, but not
really care about handling.

* Add more G307 sample code. Propose a way to implement

* Remove unused code. Add example that should not return an error but does

* Remove test for synced closed file for now.
Will add this later

Co-authored-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2021-07-31 23:03:09 +02:00
Nanik
8b90c95c07 fix: BUILDFLAGS updated with correct versions information (#672) 2021-07-30 16:58:13 +02:00
renovate[bot]
5b3d23117c Update codecov/codecov-action action to v2 (#670) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-07-27 22:04:29 +02:00
Nanik
9535c9e3e1 fix: add variable assignment checking as part of MinVersion (#669) 
* fix: add variable assignment checking as part of MinVersion

* fix: add more code to allow assignment with const

* fix: rework the code and add more test cases for MinVersion

* fix: format linting issue using gofumpt
 2021-07-27 22:03:59 +02:00
renovate[bot]
b869720342 Update module golang.org/x/tools to v0.1.5 (#668) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-07-19 11:26:21 +02:00
Niklas
0ee8ad3d5b Use version ^v0 instead of latest for cyclonedx-gomod (#667) 
To avoid breaking the build when cyclonedx-gomod introduces breaking changes in a new major version. See https://github.com/CycloneDX/gh-gomod-generate-sbom/releases/tag/v0.3.0

Signed-off-by: nscuro <nscuro@protonmail.com>
 2021-07-19 11:25:04 +02:00
Nanik
2a4064d45d feat: adding new keyword for hardcoded credentials (#666) 2021-07-19 11:23:39 +02:00
renovate[bot]
a484c77736 Update all dependencies (#663) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-07-13 18:43:09 +02:00
Josh Kaufman
514f65f3c3 Add G204 rule for sys/execabs (#660) 
* Add G204 rule for sys/execabs

* syntax error in testutils/sources.go
 2021-07-01 17:43:25 +02:00
renovate[bot]
e936c84a90 Update all dependencies (#658) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-06-28 16:09:51 +02:00
renovate[bot]
8c43b96d54 Update golang.org/x/crypto commit hash to 5ff15b2 (#656) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-06-21 10:51:01 +02:00
Vinod Anandan
5032f998a0 Generate SBOM (#655) 
* Generate SBOM

* Update release.yml

* Update .github/workflows/release.yml

Co-authored-by: Matthieu MOREL <mmorel-35@users.noreply.github.com>

* Publish bom.json

* Ignore SBOMs generated during CI

Co-authored-by: Matthieu MOREL <mmorel-35@users.noreply.github.com>
 2021-06-21 10:50:44 +02:00
Matthieu MOREL
03e876754d Add security scan (#654) 
* Add security scan

* Update scan.yml
 2021-06-21 10:49:57 +02:00
Matthieu MOREL
01b12b43d4 Golangci : add linters (#653) 
* Update .golangci.yml

* Update .golangci.yml
 2021-06-18 13:47:05 +02:00
Cosmin Cojocar
3f800cc8ca Fix the unit tests (#652) 
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
v2.8.1 		2021-06-17 14:56:27 +02:00
Cosmin Cojocar
df10b65136 Fix gosimple lint warning (#651) 
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
 2021-06-17 14:39:47 +02:00
Matthieu MOREL
731d0d51ce Results must always be present in the SARIF report (#650) 
* Don't omit empty results

* Add tests
 2021-06-17 14:21:42 +02:00
エガオノキミヘ
3c230ac0f7 errors.go: add Hash.Write() to the white list. (#648) 2021-06-13 13:30:49 +02:00
Matthieu MOREL
e72b1e5f25 Use of vars instead of func 2021-06-13 13:30:16 +02:00
renovate[bot]
c81cff094e Update all dependencies (#646) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-06-13 13:29:17 +02:00