go/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2025-11-23 22:15:04 +02:00
Code Issues Releases Activity

Commit Graph

  • 4e9b0ac5bb chore(deps): update all dependencies renovate/all renovate[bot] 2025-11-20 17:04:38 +00:00
  • 8b6cdc2ec5 chore(deps): update module golang.org/x/crypto to v0.45.0 [security] renovate/go-golang.org-x-crypto-vulnerability renovate[bot] 2025-11-20 02:53:55 +00:00
  • 1b62009433 Bump golang.org/x/crypto from 0.43.0 to 0.45.0 dependabot/go_modules/golang.org/x/crypto-0.45.0 dependabot[bot] 2025-11-20 02:52:56 +00:00
  • a58917f611 fix: correct schema with temporary placeholder (#1418) master Sebastian Rühl 2025-11-11 10:24:32 +01:00
  • 8b0d0b8871 perf: skip SSA analysis if no analyzers are loaded (#1419) Ian 2025-11-10 04:28:13 -05:00
  • 8a5d01aca5 test: add sarif validation (#1417) Sebastian Rühl 2025-11-10 10:12:07 +01:00
  • a8fefd17f7 chore(deps): update all dependencies (#1421) renovate[bot] 2025-11-10 10:10:57 +01:00
  • c34cbbf565 Update go to version 1.25.4 and 1.24.10 in CI (#1415) Cosmin Cojocar 2025-11-06 16:09:17 +00:00
  • 10cf58a4a4 fix: build tag parsing. (#1413) Matthew Hartstonge 2025-11-05 22:46:27 +13:00
  • d2d734859c chore(deps): update all dependencies (#1411) renovate[bot] 2025-11-03 10:03:44 +01:00
  • afa853e9eb chore(deps): update all dependencies (#1409) renovate[bot] 2025-10-27 13:59:17 +01:00
  • 6b2e6e45a6 chore(deps): update all dependencies (#1408) renovate[bot] 2025-10-20 14:51:49 +02:00
  • 0adab9d9be Update gosec to version v2.22.10 in the github action (#1405) Cosmin Cojocar 2025-10-15 08:18:27 +00:00
  • 6be2b51fd7 Update go to version 1.25.3 and 1.24.9 in CI (#1404) v2.22.10 Cosmin Cojocar 2025-10-14 12:54:01 +00:00
  • fddb9427b8 chore(deps): update all dependencies (#1402) renovate[bot] 2025-10-13 09:54:49 +02:00
  • f6760311e8 Update go to version 1.25.2 and 2.24.8 in CI (#1401) Cosmin Cojocar 2025-10-08 10:55:04 +00:00
  • 35f7ec2ca2 chore(deps): update all dependencies (#1399) renovate[bot] 2025-10-06 10:06:01 +02:00
  • 01029f0a74 check nil slices, partially check bounds (#1396) kondratev 2025-10-03 13:41:33 +05:00
  • 34db3de0ee Remove unused target from the makefile Cosmin Cojocar 2025-10-02 10:25:44 +00:00
  • f5a3b7ab78 Use the ginkgo command install by the dependencies Cosmin Cojocar 2025-10-02 10:15:40 +00:00
  • 761fcbc36c Keep the go module at 1.24 version for compatibility reasons Cosmin Cojocar 2025-10-02 09:59:33 +00:00
  • 2238079261 Remove manual test deps Cosmin Cojocar 2025-10-02 09:43:23 +00:00
  • bb08aa3188 fix: text must be supplied when markdown is used Sebastian Rühl 2025-10-01 09:30:43 +02:00
  • 23597d2569 fix: improve error message of CheckAnalyzers Sebastian Rühl 2025-09-29 13:59:38 +02:00
  • 8d7e9d598b fix: log panic on SSA Sebastian Rühl 2025-09-29 13:52:49 +02:00
  • 0d8255e75e chore(deps): update all dependencies renovate[bot] 2025-09-29 02:13:39 +00:00
  • f9c52aac4b Update gosec to version v.22.9 in the github action Cosmin Cojocar 2025-09-22 09:17:16 +00:00
  • 15d5c61e86 Update cosign to v2.6.0 and go in the CI to latest version v2.22.9 Cosmin Cojocar 2025-09-22 08:32:38 +00:00
  • 7b8713e2c9 fix(autofix): unnecessary conversion Matteo Calabrò 2025-09-22 10:15:18 +02:00
  • 64ebfc0106 feat(autofix): update gemini sdk and add anthropic claude Matteo Calabrò 2025-09-21 16:52:10 +02:00
  • 506407e7df feat(G304): add os.Root remediation hint (Autofix) when Go >= 1.24 Eshani Parulekar 2025-09-16 02:12:05 +05:30
  • 3ead143f0a chore(deps): update all dependencies renovate[bot] 2025-09-15 01:30:34 +00:00
  • e81fba3c3a refactor(G304): remove unused trackJoin helper; no functional change Eshani Parulekar 2025-09-12 19:05:58 +05:30
  • ab078db7b0 style: gofmt rules/readfile.go Eshani Parulekar 2025-09-12 19:01:24 +05:30
  • e6218c83ec test(g304): add samples for var perm and var flag with cleaned path\n\n- Ensure G304 does not fire when only non-path args (flag/perm) are variables\n- Both samples use filepath.Clean on the path arg\n- Rules suite remains green (42 passed) Eshani Parulekar 2025-09-12 13:26:26 +05:30
  • 79f835d9c7 rules(G304): analyze only path arg; ignore flag/perm vars; track Clean and safe Join; fix nil-context panic\n\n- Limit G304 checks to first arg (path) for os.Open/OpenFile/ReadFile, avoiding false positives when flag/perm are variables\n- Track filepath.Clean so cleaned identifiers are treated as safe\n- Consider safe joins: filepath.Join(const|resolvedBase, Clean(var)|cleanedIdent)\n- Record Join(...) assigned to identifiers and allow if later cleaned\n- Fix panic by passing non-nil context in trackJoinAssignStmt\n- All rules tests: 42 passed Eshani Parulekar 2025-09-11 23:47:46 +05:30
  • 40ac53017b rules(G202): detect SQL concat in ValueSpec declarations; add test sample\n\n- Handle var query string = 'SELECT ...' + user style declarations\n- Reuse existing binary expr detection on ValueSpec.Values\n- Add postgres sample mirroring issue #1309 report\n- Rules tests: 42 passed Eshani Parulekar 2025-09-12 13:49:46 +05:30
  • 4be6b11bbc chore(deps): update all dependencies renovate[bot] 2025-09-08 06:57:39 +00:00
  • 5af1117217 chore(deps): update all dependencies renovate[bot] 2025-08-25 01:05:39 +00:00
  • 287b46c018 chore(deps): update all dependencies renovate[bot] 2025-08-18 02:46:34 +00:00
  • cee0aeae8a Update gosec version to v2.22.8 in the Github action Cosmin Cojocar 2025-08-14 12:47:54 +00:00
  • c9453023c4 Add support for go version 1.25.0 v2.22.8 Cosmin Cojocar 2025-08-14 12:05:23 +00:00
  • ef7adab98c Update go version in CI to 1.24.6 and 1.23.12 Cosmin Cojocar 2025-08-11 13:31:06 +00:00
  • e201bb86c2 chore(deps): update all dependencies renovate[bot] 2025-08-11 01:21:46 +00:00
  • ba592afef6 chore(deps): update all dependencies renovate[bot] 2025-07-28 00:36:32 +00:00
  • 2ef6017991 Update github action to release v2.22.7 Cosmin Cojocar 2025-07-21 15:24:41 +00:00
  • 32975f4bab Fix crash in hardcoded_nonce analyzer v2.22.7 Cosmin Cojocar 2025-07-21 15:11:17 +00:00
  • 7a92cb5212 Fix crash in hardcoded_nonce analyzer fix-crash-hardcoded-nonce Cosmin Cojocar 2025-07-21 15:11:17 +00:00
  • 6ea6b35e61 Update go action to use release v2.22.6 Cosmin Cojocar 2025-07-21 09:42:01 +00:00
  • bc3f2145b5 Update go version to 1.24.5 and 1.23.11 in the CI v2.22.6 Cosmin Cojocar 2025-07-21 09:30:51 +00:00
  • a7e1a59d8b Update go version to 1.24.5 and 1.23.11 in the CI update-go Cosmin Cojocar 2025-07-21 09:30:51 +00:00
  • 925741b7ef chore(deps): update module google.golang.org/api to v0.242.0 renovate[bot] 2025-07-21 00:36:00 +00:00
  • 59ae7e9e27 chore(deps): update all dependencies renovate[bot] 2025-07-14 02:15:26 +00:00
  • e7abd9e348 chore(deps): update all dependencies renovate[bot] 2025-07-07 01:01:55 +00:00
  • 35e7bc1a94 chore(deps): update all dependencies renovate[bot] 2025-06-30 02:08:39 +00:00
  • 2d1ed95a0b chore(deps): update all dependencies renovate[bot] 2025-06-23 05:33:23 +00:00
  • 4a8cb4609f Do not allow dashes in file names Oleksandr Redko 2025-06-16 14:43:27 +03:00
  • bcc8afbe30 Update gosec to version 2.22.5 in Github action Cosmin Cojocar 2025-06-16 10:56:37 +00:00
  • d2d3ae66bd Switch back go.mod to minimum 1.23.0 v2.22.5 Cosmin Cojocar 2025-06-16 09:39:19 +00:00
  • 1e7ed06b15 Update dependencies Cosmin Cojocar 2025-06-16 09:30:04 +00:00
  • 1bef91a07f Update go version 1.24.4 and 1.23.10 in CI Cosmin Cojocar 2025-06-16 09:15:20 +00:00
  • 621702f13a chore(deps): update all dependencies renovate[bot] 2025-06-09 03:27:46 +00:00
  • 017d1d655c G201/G202: add checks for injection into sql.Conn methods Ilia Mirkin 2025-06-02 23:03:04 -04:00
  • 67f63d4781 chore(deps): update module google.golang.org/api to v0.235.0 renovate[bot] 2025-06-02 01:29:06 +00:00
  • b4eabb1b18 chore(deps): update module google.golang.org/api to v0.234.0 renovate[bot] 2025-05-26 01:49:26 +00:00
  • 52a80ff4bd chore(deps): update module google.golang.org/api to v0.233.0 renovate[bot] 2025-05-19 03:12:39 +00:00
  • e2a95069d9 chore(deps): update module google.golang.org/api to v0.232.0 renovate[bot] 2025-05-12 03:15:58 +00:00
  • 6decf96c3d Update to go version 1.24.3 and 1.23.9 v2.22.4 Cosmin Cojocar 2025-05-08 09:03:41 +00:00
  • d522338364 update: updated the build command to include version metadata codeshaine 2025-05-08 11:47:46 +05:30
  • 270b5ce868 chore(deps): update all dependencies renovate[bot] 2025-05-06 01:53:02 +00:00
  • 60279264be Update the AI provider API key value when provided as an argument Cosmin Cojocar 2025-04-28 10:38:48 +00:00
  • 65d2d9f011 chore(deps): update module google.golang.org/api to v0.230.0 renovate[bot] 2025-04-28 02:54:17 +00:00
  • dc1c38b861 chore(deps): update module google.golang.org/api to v0.229.0 renovate[bot] 2025-04-21 03:36:13 +00:00
  • 55dbf5ad81 chore(deps): update all dependencies renovate[bot] 2025-04-14 01:43:45 +00:00
  • 2aaa9c41d6 Comment the reason why the file can be nil when an issue is created Cosmin Cojocar 2025-04-08 16:13:09 +00:00
  • 700e9a9d18 Handle nil file when creating a new issue Cosmin Cojocar 2025-04-08 09:41:22 +00:00
  • d514c42671 chore(deps): update all dependencies (#1333) renovate[bot] 2025-04-07 13:12:14 +02:00
  • 1d458c50e1 Update version in 'action.yml' to 2.22.3 (anticipating next version (#1332) Jenna Schwartz 2025-04-04 03:36:07 -05:00
  • 955a68d0d1 Update go version to 1.24.2 and 1.23.8 (#1331) v2.22.3 Cosmin Cojocar 2025-04-03 16:53:13 +02:00
  • 0fa87d47f7 Update go version to 1.24.2 and 1.23.8 update_go Cosmin Cojocar 2025-04-03 14:46:30 +00:00
  • 1336dc6820 remove G113. It only affects old/unsupported versions of Go (#1328) Brandon Annin 2025-04-03 09:44:20 -05:00
  • 5fd2a37044 chore(deps): update all dependencies (#1325) renovate[bot] 2025-03-31 15:57:38 +02:00
  • 39e4477788 Add SSOJet (#1320) Govind Malviya 2025-03-19 14:54:30 +05:30
  • 6141d100df chore(deps): update all dependencies (#1319) renovate[bot] 2025-03-19 09:17:29 +01:00
  • 9452efe4ad Update the integrity sha for babel dependency in html report (#1316) Cosmin Cojocar 2025-03-10 11:07:47 +01:00
  • 57ec63392c Add support for //gosec:disable directive (#1314) frozenbonito 2025-03-10 18:09:27 +09:00
  • e5fee17863 chore(deps): update all dependencies (#1315) renovate[bot] 2025-03-10 09:58:31 +01:00
  • 136f6c0040 Update to go version 1.24.1 and 1.23.7 (#1313) v2.22.2 Cosmin Cojocar 2025-03-05 11:40:35 +01:00
  • 047453a82f chore(deps): update all dependencies (#1310) renovate[bot] 2025-03-03 09:50:53 +01:00
  • 76ccee5b2f chore(deps): update all dependencies (#1308) renovate[bot] 2025-02-24 10:24:14 +01:00
  • a9eb1c96fa Update gosec version in the GitHub action to v2.22.1 (#1307) Cosmin Cojocar 2025-02-17 15:18:07 +01:00
  • 842e26a900 Update gosec version in the GitHub action to v2.22.1 update-action Cosmin Cojocar 2025-02-17 14:17:05 +00:00
  • 89c5da3ce0 chore(deps): update module google.golang.org/api to v0.221.0 (#1305) renovate[bot] 2025-02-17 09:49:10 +01:00
  • 43fee884f6 Update cosign to v2.4.2 (#1303) v2.22.1 Cosmin Cojocar 2025-02-13 10:19:46 +01:00
  • 0fbdbe32c4 Update cosign to v2.4.2 update-cosign Cosmin Cojocar 2025-02-13 09:19:01 +00:00
  • 77238291df Add support for go 1.24 and phased out support for go 1.22 (#1302) Cosmin Cojocar 2025-02-13 10:16:37 +01:00
  • f8f64eb15f Add support for go 1.24 and phased out support for go 1.22 go1_24 Cosmin Cojocar 2025-02-13 08:45:01 +00:00
  • 9552f0372d chore(deps): update all dependencies (#1300) renovate[bot] 2025-02-11 09:54:07 +01:00
  • f4d2576c36 Update to go version 1.23.6 and 1.22.12 (#1299) Cosmin Cojocar 2025-02-05 10:21:51 +01:00
  • 2258e3108d chore(deps): update module google.golang.org/api to v0.219.0 (#1296) renovate[bot] 2025-02-03 09:51:05 +01:00