go/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2025-09-16 09:06:19 +02:00
Code Issues Releases Activity
780 Commits 8 Branches 50 Tags
4e68fb5b154e78eb86ac3676700d226d5df8cb00
Commit Graph

780 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ludovic Fernandez
4e68fb5b15 fix: parsing of the Go version (#844) 
* fix: parsing of the Go version

* fix: convert pseudo directive to comment
 2022-08-08 09:28:41 +02:00
Ville Skyttä
0c8e63ed86 Detect use of net/http functions that have no support for setting timeouts (#842) 
https://blog.cloudflare.com/the-complete-guide-to-golang-net-http-timeouts/
https://blog.cloudflare.com/exposing-go-on-the-internet/

Closes https://github.com/securego/gosec/issues/833
 2022-08-02 17:16:44 +02:00
Ville Skyttä
6a26c231fc Refactor SQL rules for better extensibility (#841) 
Remove hardwired assumption and heuristics on index of arg taking a SQL
string, be explicit about it instead.
 2022-08-02 15:25:30 +02:00
renovate[bot]
1b0873a235 chore(deps): update module golang.org/x/tools to v0.1.12 (#840) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-08-02 08:08:23 +02:00
Cosmin Cojocar
845483e0b1 Fix lint warning 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2022-07-28 11:10:00 +02:00
Cosmin Cojocar
45bf9a6095 Check the suppressed issues when generating the exit code 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2022-07-28 11:10:00 +02:00
Dmitry Golushko
a5982fb6a6 Fix for G402. Check package path instead of package name (#838) 2022-07-28 08:51:30 +02:00
Ziqi Zhao
ea6d49d1b5 fix G204 bugs (#835) 
Signed-off-by: Ziqi Zhao <zhaoziqi9146@gmail.com>
 2022-07-26 11:08:43 +02:00
Cosmin Cojocar
21fcd2f904 Phase out support for Go 1.16 since is not supported anymore by Go team (#837) 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2022-07-26 11:08:30 +02:00
renovate[bot]
3cda47a9b8 chore(deps): update all dependencies (#836) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-07-26 10:57:36 +02:00
renovate[bot]
0212c83699 chore(deps): update dependency highlight.js to v11.6.0 (#830) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-07-18 16:20:54 +02:00
Tim Costa
9a25f4ed2d fix: filepaths with git anywhere in them being erroneously excluded (#828) 
Co-authored-by: Tim Costa <timcosta@amazon.com>
 2022-07-06 06:46:49 +02:00
云微
602ced7e71 Fix wrong location for G109 (#829) 
Before this commit, G109 will report on `strconv.Atoi`.
After this, it will report on the convertion like`int32(a)`.
 2022-07-06 06:37:11 +02:00
renovate[bot]
7dd9ddd583 chore(deps): update golang.org/x/crypto digest to 0559593 (#826) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-07-06 06:34:31 +02:00
云微
b0f3e78e07 fix ReadTimeout for G112 rule 2022-06-23 14:58:13 +02:00
Sascha Grunert
05f3ca80f9 Pin cosign-installer to v2 (#824) 
We now have tags available in the cosign-installer, which allows us to
pin the latest release via `v2`.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2022-06-23 14:50:50 +02:00
renovate[bot]
a9b0ef0a11 chore(deps): update all dependencies (#822) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
v2.12.0 		2022-06-13 19:48:12 +02:00
Vladimir Severov
9c19cb6501 Add check for usage of Rat.SetString in math/big with an overflow error (#819) 
* Add check for usage of Rat.SetString in math/big with an overflow error

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7
has an overflow that can lead to Uncontrolled Memory Consumption.

It is the CVE-2022-23772.

* Use ContainsPkgCallExpr instead of manual parsing
 2022-06-03 00:19:51 +02:00
Peter Dave Hello
fb587c1d10 Remove additional --update for apk in Dockerfile (#818) 
There is no need to use --update with --no-cache when using apk on
Alpine Linux, as using --no-cache will fetch the index every time and
leave no local cache, so the index will always be the latest without
temporary files remain in the image.
 2022-05-31 15:06:52 +02:00
Thomas Gorham
c3ede62822 Update x/tools to pick up fix for golang/go#51629 (#817) 2022-05-29 17:41:10 +02:00
renovate[bot]
0a929c7b6c chore(deps): update all dependencies (#816) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-05-29 17:36:29 +02:00
renovate[bot]
12be14859b chore(deps): update all dependencies (#812) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-05-09 12:02:57 +02:00
renovate[bot]
0dcc3362ae chore(deps): update all dependencies (#811) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-05-02 21:00:33 +02:00
云微
34d144b3fa Add new rule for Slowloris Attack 2022-04-30 12:38:50 +02:00
Cosmin Cojocar
a64cde55a4 Fix the dependencies after renovate upate (#806) 2022-04-11 20:21:09 +02:00
renovate[bot]
b69c3d48c8 chore(deps): update all dependencies (#805) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-04-11 20:12:37 +02:00
Cosmin Cojocar
89dfdc0c97 Update the description message of template rule (#803) 2022-04-05 07:41:36 +02:00
Gautam Mehta
0791d31471 Fix typo in ReadMe (#802) 2022-04-05 07:15:22 +02:00
Cosmin Cojocar
2ef1d9a037 Fix build after renovate update (#800) 2022-03-28 20:38:14 +02:00
robot-5
afc9903ba9 Fix use rule IDs to retrieve the rule config 2022-03-28 20:28:02 +02:00
renovate[bot]
82eaa12696 chore(deps): update all dependencies (#796) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-03-28 20:23:59 +02:00
Cosmin Cojocar
607d607b51 Enable Go 1.18 in the ci and release workflows 
* Enable Go 1.18 in the ci and release workflows

* Fix lint warning

* Add golangci as a make target
v2.11.0 		2022-03-21 16:53:22 +01:00
Cosmin Cojocar
b99b5f7838 Fix the lint action after upgrade (#790) 2022-03-14 14:19:29 +01:00
renovate[bot]
8af0af7611 chore(deps): update all dependencies (#789) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-03-14 14:10:28 +01:00
Per Arn
ea5d31f7f5 Add a recursive flag -r to skip specifying ./... path 
* added recursive flag to skip specifying ./... path

* refactored to remove code duplication
 2022-03-07 10:31:22 +01:00
Calin Capitanu
48bbf96b56 Adds directory traversal for Http.Dir("/") 2022-03-06 10:58:47 +01:00
Cosmin Cojocar
26f10e0a7a Extend the release action to sign the docker image and binary files with cosign (#781) 
* Extend the release action to sign the docker image and binary files with cosign

* Fix lint warnings

* Fix the ling warnings

* Fix the lint warnings
v2.10.0 		2022-02-22 21:33:42 +01:00
kruskal
7d539ed494 feat: add concurrency option to parallelize package loading (#778) 
* feat: add concurrency option to parallelize package loading

* refactor: move wg.add inside the for loop

* fix: gracefully stop the workers on error

* test: add test for concurrent scan
 2022-02-16 18:23:37 +01:00
Renovate Bot
43577cebb7 chore(deps): update all dependencies 2022-02-16 12:21:25 +01:00
Cosmin Cojocar
c0680bb6a3 Process the code snippet before adding it to the SARIF report 
Preprocess the code snippet from the issue in order to extract only the line(s)
of code where the issue is located.  In addition remove the line numbers and whitespaces
before writing the code snippet into the SARIF report.
 2022-02-09 16:19:40 +01:00
de-jcup
db8d98b571 Updated sponsor link in README.md 
- Because of rebranding (Daimler AG has become
  Mercedes-Benz Group AG) the github organization has
  been renamed as well.
- Updated sponsorship link in README.md to new github organization
 2022-02-07 10:34:42 +01:00
Renovate Bot
507f8472ca chore(deps): update golang.org/x/crypto commit hash to 30dcbda 2022-02-07 10:34:16 +01:00
Renovate Bot
853e1d5034 chore(deps): update all dependencies 2022-01-31 18:58:38 +01:00
Cosmin Cojocar
09a2941ad4 Use the CWE name as a name in the SARIF report 2022-01-27 15:51:51 +01:00
renovate[bot]
9399e7bed7 chore(deps): update all dependencies (#771) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-01-27 11:26:33 +10:00
Cosmin Cojocar
2fad8a4193 Resolve the TLS min version when is declarted in the same package but in a different file 2022-01-26 19:27:26 +01:00
Cosmin Cojocar
1fbcf10e18 Add a test for tls min version defined in a different file 2022-01-26 19:27:26 +01:00
renovate[bot]
b12c0f6e4e chore(deps): update all dependencies (#765) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-01-26 11:10:11 +01:00
kaiili
1d909e2687 Add db.Exec and db.Prepare to the sql rule (#763) 
* Add db.Exec and db.Prepare to the sql rule

* add test cases for G201,G202
v2.9.6 		2022-01-17 13:50:37 +01:00
renovate[bot]
742aa848f9 chore(deps): update golang.org/x/crypto commit hash to 5e0467b (#764) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-01-17 12:42:54 +01:00