gosec

go/gosec

mirror of https://github.com/securego/gosec.git synced 2025-05-19 22:13:19 +02:00

History

remove G113. It only affects old/unsupported versions of Go (#1328 )

* don't warn on G113 (big.Rat SetString) if on an unaffected version of Go

Newer versions of go (>=1.16.14, >=1.17.7, 1.18+) are not affected by this. Don't warn at all on those newer versions. See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23772

* alert on all known versions

Co-authored-by: ccoVeille <3875889+ccoVeille@users.noreply.github.com>

* remove G113 CVE-2022-23772 which only affects old/unsupport Go versions

* Retire rule

* gofmt

---------

Co-authored-by: ccoVeille <3875889+ccoVeille@users.noreply.github.com>

2025-04-03 16:44:20 +02:00

archive.go

Fix some linting warnings

2023-03-20 10:25:45 +01:00

bind.go

Fix some linting warnings

2023-03-20 10:25:45 +01:00

blocklist.go

Added more rules

2024-06-25 13:18:27 +02:00

decompression-bomb.go

Fix some linting warnings

2023-03-20 10:25:45 +01:00

directory-traversal.go

Fix some linting warnings

2023-03-20 10:25:45 +01:00

errors.go

Update what message for G104 (#1282 )

2025-01-06 15:41:33 +01:00

fileperms_test.go

fileperms: bitwise permission comparison (#883 )

2022-10-20 08:48:40 +02:00

fileperms.go

Fix typos in comments and fields

2024-11-30 10:37:42 +01:00

hardcoded_credentials.go

fix(hardcoded): remove duplicated Stripe API Key

2024-02-13 10:02:03 +01:00

http_serve.go

Fix some linting warnings

2023-03-20 10:25:45 +01:00

implicit_aliasing.go

Replace old golang.org links with new go.dev (#1271 )

2024-12-16 15:18:51 +01:00

integer_overflow.go

Fix some linting warnings

2023-03-20 10:25:45 +01:00

pprof.go

Fix some linting warnings

2023-03-20 10:25:45 +01:00

rand.go

Add support for math/rand/v2 added in Go 1.22

2024-03-07 16:33:18 +01:00

readfile.go

Add filepath.EvalSymlinks to clean functions in rule G304

2024-05-13 17:19:29 +02:00

rsa.go

Fix some linting warnings

2023-03-20 10:25:45 +01:00

rulelist.go

remove G113. It only affects old/unsupported versions of Go (#1328 )

2025-04-03 16:44:20 +02:00

rules_suite_test.go

Update to ginkgo v2 (#753 )

2022-01-03 18:11:35 +01:00

rules_test.go

remove G113. It only affects old/unsupported versions of Go (#1328 )

2025-04-03 16:44:20 +02:00

slowloris.go

Fix some linting warnings

2023-03-20 10:25:45 +01:00

sql.go

fix: correctly identify infixed concats as potential SQL injections (#987 )

2023-07-25 17:13:07 +02:00

ssh.go

Fix some linting warnings

2023-03-20 10:25:45 +01:00

ssrf.go

Fix some linting warnings

2023-03-20 10:25:45 +01:00

subproc.go

Fix typos in comments, vars and tests

2023-05-30 08:26:41 +02:00

tempfiles.go

Fix some linting warnings

2023-03-20 10:25:45 +01:00

templates.go

Add more types to templates rule

2024-05-28 10:39:33 +02:00

tls_config.go

Fix some linting warnings

2023-03-20 10:25:45 +01:00

tls.go

Extract the issue in its own package

2023-02-16 09:45:28 +01:00

unsafe.go

Update the list of unsafe functions detected by the unsafe rule (#1033 )

2023-10-10 09:47:36 +02:00

weakcrypto.go

Minor changes

2024-06-24 15:25:54 +02:00

weakcryptohash.go

Minor changes

2024-06-24 15:25:54 +02:00

weakdepricatedcryptohash.go

Added more rules

2024-06-25 13:18:27 +02:00