go/gosec
go/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2025-05-31 22:49:39 +02:00
Code Issues Releases Activity
1,153 Commits 6 Branches 46 Tags
Commit Graph

1153 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
codeshaine
d522338364 update: updated the build command to include version metadata 2025-05-08 11:00:06 +02:00
renovate[bot]
270b5ce868 chore(deps): update all dependencies 2025-05-06 09:44:05 +02:00
Cosmin Cojocar
60279264be Update the AI provider API key value when provided as an argument 
Change-Id: I9658ff0bc37941d6767144b7df49470452f8f591
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-04-28 12:45:12 +02:00
renovate[bot]
65d2d9f011 chore(deps): update module google.golang.org/api to v0.230.0 2025-04-28 12:27:29 +02:00
renovate[bot]
dc1c38b861 chore(deps): update module google.golang.org/api to v0.229.0 2025-04-22 10:17:22 +02:00
renovate[bot]
55dbf5ad81 chore(deps): update all dependencies 2025-04-14 10:44:53 +02:00
Cosmin Cojocar
2aaa9c41d6 Comment the reason why the file can be nil when an issue is created 
Change-Id: I85295a33f540255f4904e663144b959877d0c38a
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-04-08 18:19:28 +02:00
Cosmin Cojocar
700e9a9d18 Handle nil file when creating a new issue 
This can occur when there is a compilation issue into the code.

Change-Id: I8b028d454d417c33edc687dcffc68c92d18091d6
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-04-08 18:19:28 +02:00
renovate[bot]
d514c42671
chore(deps): update all dependencies (#1333) 
* chore(deps): update all dependencies

* Fix all lint warnings after upgrading golangci-lint action

Change-Id: I7b4162307ae0d6a1c9ec00b7127469c64ed93f64
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>

* Remove the backup file

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>

---------

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Cosmin Cojocar <ccojocar@google.com>
 2025-04-07 13:12:14 +02:00
Jenna Schwartz
1d458c50e1
Update version in 'action.yml' to 2.22.3 (anticipating next version (#1332) 2025-04-04 10:36:07 +02:00
Cosmin Cojocar
955a68d0d1
Update go version to 1.24.2 and 1.23.8 (#1331) v2.22.3 2025-04-03 16:53:13 +02:00
Brandon Annin
1336dc6820
remove G113. It only affects old/unsupported versions of Go (#1328) 
* don't warn on G113 (big.Rat SetString) if on an unaffected version of Go

Newer versions of go (>=1.16.14, >=1.17.7, 1.18+) are not affected by this. Don't warn at all on those newer versions. See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23772

* alert on all known versions

Co-authored-by: ccoVeille <3875889+ccoVeille@users.noreply.github.com>

* remove G113 CVE-2022-23772 which only affects old/unsupport Go versions

* Retire rule

* gofmt

---------

Co-authored-by: ccoVeille <3875889+ccoVeille@users.noreply.github.com>
 2025-04-03 16:44:20 +02:00
renovate[bot]
5fd2a37044
chore(deps): update all dependencies (#1325) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-03-31 15:57:38 +02:00
Govind Malviya
39e4477788
Add SSOJet (#1320) 2025-03-19 10:24:30 +01:00
renovate[bot]
6141d100df
chore(deps): update all dependencies (#1319) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-03-19 09:17:29 +01:00
Cosmin Cojocar
9452efe4ad
Update the integrity sha for babel dependency in html report (#1316) 
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-03-10 11:07:47 +01:00
frozenbonito
57ec63392c
Add support for //gosec:disable directive (#1314) 2025-03-10 10:09:27 +01:00
renovate[bot]
e5fee17863
chore(deps): update all dependencies (#1315) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-03-10 09:58:31 +01:00
Cosmin Cojocar
136f6c0040
Update to go version 1.24.1 and 1.23.7 (#1313) 
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
v2.22.2 		2025-03-05 11:40:35 +01:00
renovate[bot]
047453a82f
chore(deps): update all dependencies (#1310) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-03-03 09:50:53 +01:00
renovate[bot]
76ccee5b2f
chore(deps): update all dependencies (#1308) 
* chore(deps): update all dependencies

* Remove the toolchain constraint

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>

---------

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Cosmin Cojocar <ccojocar@google.com>
 2025-02-24 10:24:14 +01:00
Cosmin Cojocar
a9eb1c96fa
Update gosec version in the GitHub action to v2.22.1 (#1307) 2025-02-17 15:18:07 +01:00
renovate[bot]
89c5da3ce0
chore(deps): update module google.golang.org/api to v0.221.0 (#1305) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-02-17 09:49:10 +01:00
Cosmin Cojocar
43fee884f6
Update cosign to v2.4.2 (#1303) 
Change-Id: I5346ca655388a5c33463ccecc72657b539c83d76

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
v2.22.1 		2025-02-13 10:19:46 +01:00
Cosmin Cojocar
77238291df
Add support for go 1.24 and phased out support for go 1.22 (#1302) 
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-02-13 10:16:37 +01:00
renovate[bot]
9552f0372d
chore(deps): update all dependencies (#1300) 
* chore(deps): update all dependencies

* Remove the toolchain version

Change-Id: Ia459abe63b2b15167dd51a9a75b222178d7664b6
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>

---------

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Cosmin Cojocar <ccojocar@google.com>
 2025-02-11 09:54:07 +01:00
Cosmin Cojocar
f4d2576c36
Update to go version 1.23.6 and 1.22.12 (#1299) 
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-02-05 10:21:51 +01:00
renovate[bot]
2258e3108d
chore(deps): update module google.golang.org/api to v0.219.0 (#1296) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-02-03 09:51:05 +01:00
renovate[bot]
fbb08336de
chore(deps): update module google.golang.org/api to v0.218.0 (#1294) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-27 09:21:30 +01:00
Cosmin Cojocar
c66cb56f09
Add test to conver unit parssing for G115 rule (#1293) 
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-01-23 14:22:32 +01:00
Cosmin Cojocar
59291a08ae
Update to go version 1.23.5 and 1.22.11 (#1291) 2025-01-20 09:31:43 +01:00
renovate[bot]
7466b7cad2
chore(deps): update all dependencies (#1290) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-20 09:16:55 +01:00
Cosmin Cojocar
32dcc8a1f5
Update gosec in github action to 2.22.0 (#1286) 
Change-Id: I9759d3c8ecfa34525f61e42f8d4ae412b92ead6d

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-01-14 15:57:57 +01:00
Oleksandr Redko
e0cca6fe95
Update what message for G104 (#1282) v2.22.0 2025-01-06 15:41:33 +01:00
renovate[bot]
534689b08f
chore(deps): update module github.com/onsi/ginkgo/v2 to v2.22.2 (#1281) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-06 09:51:27 +01:00
renovate[bot]
eb95db1c76
chore(deps): update all dependencies (#1280) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-12-30 15:47:51 +01:00
renovate[bot]
6c6da403f0
chore(deps): update all dependencies (#1279) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-12-23 09:38:16 +01:00
Oleksandr Redko
b12f51f7d6
Simplify sortIssues implementation (#1277) 2024-12-20 10:05:09 +01:00
Oleksandr Redko
54c2185ae6
Enable testifylint and fix up lint issues (#1276) 2024-12-20 10:03:23 +01:00
Oleksandr Redko
36c81ed69b
Refactor AppendError to check for build.NoGoError (#1273) 2024-12-19 11:55:12 +01:00
renovate[bot]
9a2d74ffe0
chore(deps): update module golang.org/x/net to v0.33.0 [security] (#1275) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-12-19 10:52:50 +01:00
Nikolay Dubina
4c5ad914f3
Update README.md (#1274) 2024-12-19 10:27:17 +01:00
dannyc-grafana
e21b4d42cf
Rule documentation updates (#1272) 2024-12-17 09:40:45 +01:00
Oleksandr Redko
92de0ee7a2
Replace old golang.org links with new go.dev (#1271) 2024-12-16 15:18:51 +01:00
Oleksandr Redko
4fda076e5d
Refactor AppendError to use strings.Contains (#1270) 2024-12-16 15:18:11 +01:00
Oleksandr Redko
b01f49e366
Simplify Analyzer.ignore by reducing nesting (#1269) 2024-12-16 15:17:42 +01:00
Oleksandr Redko
b62cc3316d
Improve capitalization in AI API flags descriptions (#1267) 2024-12-16 10:42:23 +01:00
Oleksandr Redko
bc77d16301
Remove unused golint dependency (#1266) 2024-12-16 10:41:16 +01:00
Oleksandr Redko
ef1a35faf9
Simplify tests by using GinkgoT().TempDir() (#1265) 2024-12-16 10:40:43 +01:00
dannyc-grafana
09b914371e
Documentation on adding new rules and analyzers (#1262) 
* Create CONTRIBUTING.md

Add some docs for developers who want to extend gosec

* Address comments from ccojocar

* Update CONTRIBUTING.md

Co-authored-by: Oleksandr Redko <oleksandr.red+github@gmail.com>

* Update CONTRIBUTING.md

Co-authored-by: Oleksandr Redko <oleksandr.red+github@gmail.com>

* Update README.md

Co-authored-by: Oleksandr Redko <oleksandr.red+github@gmail.com>

* Update CONTRIBUTING.md

Co-authored-by: Oleksandr Redko <oleksandr.red+github@gmail.com>

* Update CONTRIBUTING.md

Co-authored-by: Oleksandr Redko <oleksandr.red+github@gmail.com>

* Linting/formatting pass

* Update CONTRIBUTING.md

* Update README.md

Fix phrasing to be clearer

---------

Co-authored-by: Oleksandr Redko <oleksandr.red+github@gmail.com>
 2024-12-16 10:38:51 +01:00