- Update to version 2.22.11:
* feature: add rule for trojan source (#1431)
* feat(ai): add OpenAI and custom API provider support (#1424)
* chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 (#1437)
* chore(deps): update module google.golang.org/genai to v1.37.0 (#1435)
* refactor: simplify report functions in main.go (#1434)
* Update go to 1.25.5 and 1.24.11 in CI (#1433)
* chore(deps): update all dependencies (#1425)
* feat(ai): add support for latest Claude models and update provider flags (#1423)
* Bump golang.org/x/crypto from 0.43.0 to 0.45.0 (#1427)
* chore(deps): update module golang.org/x/crypto to v0.45.0 [security] (#1428)
* fix: correct schema with temporary placeholder (#1418)
* perf: skip SSA analysis if no analyzers are loaded (#1419)
* test: add sarif validation (#1417)
* chore(deps): update all dependencies (#1421)
* Update go to version 1.25.4 and 1.24.10 in CI (#1415)
* fix: build tag parsing. (#1413)
* chore(deps): update all dependencies (#1411)
* chore(deps): update all dependencies (#1409)
* chore(deps): update all dependencies (#1408)
* Update gosec to version v2.22.10 in the github action (#1405) (forwarded request 1322206 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1322256
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=29
* feature: add rule for trojan source (#1431)
* feat(ai): add OpenAI and custom API provider support (#1424)
* chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 (#1437)
* chore(deps): update module google.golang.org/genai to v1.37.0 (#1435)
* refactor: simplify report functions in main.go (#1434)
* Update go to 1.25.5 and 1.24.11 in CI (#1433)
* chore(deps): update all dependencies (#1425)
* feat(ai): add support for latest Claude models and update provider flags (#1423)
* Bump golang.org/x/crypto from 0.43.0 to 0.45.0 (#1427)
* chore(deps): update module golang.org/x/crypto to v0.45.0 [security] (#1428)
* fix: correct schema with temporary placeholder (#1418)
* perf: skip SSA analysis if no analyzers are loaded (#1419)
* test: add sarif validation (#1417)
* chore(deps): update all dependencies (#1421)
* Update go to version 1.25.4 and 1.24.10 in CI (#1415)
* fix: build tag parsing. (#1413)
* chore(deps): update all dependencies (#1411)
* chore(deps): update all dependencies (#1409)
* chore(deps): update all dependencies (#1408)
* Update gosec to version v2.22.10 in the github action (#1405)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=60
- Update to version 2.22.10:
* Update go to version 1.25.3 and 1.24.9 in CI (#1404)
* chore(deps): update all dependencies (#1402)
* Update go to version 1.25.2 and 2.24.8 in CI (#1401)
* chore(deps): update all dependencies (#1399)
* check nil slices, partially check bounds (#1396)
* Remove unused target from the makefile
* Use the ginkgo command install by the dependencies
* Keep the go module at 1.24 version for compatibility reasons
* Remove manual test deps
* fix: text must be supplied when markdown is used
* fix: improve error message of CheckAnalyzers
* fix: log panic on SSA
* chore(deps): update all dependencies
* Update gosec to version v.22.9 in the github action (forwarded request 1311466 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1311478
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=28
* Update go to version 1.25.3 and 1.24.9 in CI (#1404)
* chore(deps): update all dependencies (#1402)
* Update go to version 1.25.2 and 2.24.8 in CI (#1401)
* chore(deps): update all dependencies (#1399)
* check nil slices, partially check bounds (#1396)
* Remove unused target from the makefile
* Use the ginkgo command install by the dependencies
* Keep the go module at 1.24 version for compatibility reasons
* Remove manual test deps
* fix: text must be supplied when markdown is used
* fix: improve error message of CheckAnalyzers
* fix: log panic on SSA
* chore(deps): update all dependencies
* Update gosec to version v.22.9 in the github action
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=58
- Update to version 2.22.9:
* Update cosign to v2.6.0 and go in the CI to latest version
* fix(autofix): unnecessary conversion
* feat(autofix): update gemini sdk and add anthropic claude
* feat(G304): add os.Root remediation hint (Autofix) when Go >= 1.24
* chore(deps): update all dependencies
* refactor(G304): remove unused trackJoin helper; no functional change
* style: gofmt rules/readfile.go
* test(g304): add samples for var perm and var flag with cleaned path\n\n- Ensure G304 does not fire when only non-path args (flag/perm) are variables\n- Both samples use filepath.Clean on the path arg\n- Rules suite remains green (42 passed)
* rules(G304): analyze only path arg; ignore flag/perm vars; track Clean and safe Join; fix nil-context panic\n\n- Limit G304 checks to first arg (path) for os.Open/OpenFile/ReadFile, avoiding false positives when flag/perm are variables\n- Track filepath.Clean so cleaned identifiers are treated as safe\n- Consider safe joins: filepath.Join(const|resolvedBase, Clean(var)|cleanedIdent)\n- Record Join(...) assigned to identifiers and allow if later cleaned\n- Fix panic by passing non-nil context in trackJoinAssignStmt\n- All rules tests: 42 passed
* rules(G202): detect SQL concat in ValueSpec declarations; add test sample\n\n- Handle var query string = 'SELECT ...' + user style declarations\n- Reuse existing binary expr detection on ValueSpec.Values\n- Add postgres sample mirroring issue #1309 report\n- Rules tests: 42 passed
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* Update gosec version to v2.22.8 in the Github action (forwarded request 1306529 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1306580
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=27
* Update cosign to v2.6.0 and go in the CI to latest version
* fix(autofix): unnecessary conversion
* feat(autofix): update gemini sdk and add anthropic claude
* feat(G304): add os.Root remediation hint (Autofix) when Go >= 1.24
* chore(deps): update all dependencies
* refactor(G304): remove unused trackJoin helper; no functional change
* style: gofmt rules/readfile.go
* test(g304): add samples for var perm and var flag with cleaned path\n\n- Ensure G304 does not fire when only non-path args (flag/perm) are variables\n- Both samples use filepath.Clean on the path arg\n- Rules suite remains green (42 passed)
* rules(G304): analyze only path arg; ignore flag/perm vars; track Clean and safe Join; fix nil-context panic\n\n- Limit G304 checks to first arg (path) for os.Open/OpenFile/ReadFile, avoiding false positives when flag/perm are variables\n- Track filepath.Clean so cleaned identifiers are treated as safe\n- Consider safe joins: filepath.Join(const|resolvedBase, Clean(var)|cleanedIdent)\n- Record Join(...) assigned to identifiers and allow if later cleaned\n- Fix panic by passing non-nil context in trackJoinAssignStmt\n- All rules tests: 42 passed
* rules(G202): detect SQL concat in ValueSpec declarations; add test sample\n\n- Handle var query string = 'SELECT ...' + user style declarations\n- Reuse existing binary expr detection on ValueSpec.Values\n- Add postgres sample mirroring issue #1309 report\n- Rules tests: 42 passed
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* Update gosec version to v2.22.8 in the Github action
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=56
- Update to version 2.22.7:
* Fix crash in hardcoded_nonce analyzer
* Update go action to use release v2.22.6
* Update go version to 1.24.5 and 1.23.11 in the CI
* chore(deps): update module google.golang.org/api to v0.242.0
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* Do not allow dashes in file names
* Update gosec to version 2.22.5 in Github action (forwarded request 1296248 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1296369
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=25
* Fix crash in hardcoded_nonce analyzer
* Update go action to use release v2.22.6
* Update go version to 1.24.5 and 1.23.11 in the CI
* chore(deps): update module google.golang.org/api to v0.242.0
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* Do not allow dashes in file names
* Update gosec to version 2.22.5 in Github action
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=52
- Update to version 2.22.5:
* Switch back go.mod to minimum 1.23.0
* Update dependencies
* Update go version 1.24.4 and 1.23.10 in CI
* chore(deps): update all dependencies
* G201/G202: add checks for injection into sql.Conn methods
* chore(deps): update module google.golang.org/api to v0.235.0
* chore(deps): update module google.golang.org/api to v0.234.0
* chore(deps): update module google.golang.org/api to v0.233.0
* chore(deps): update module google.golang.org/api to v0.232.0
- Switch vendor from gz to xz for consistency
- Switch from version to revision in _service (forwarded request 1286136 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1286138
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=24
* Switch back go.mod to minimum 1.23.0
* Update dependencies
* Update go version 1.24.4 and 1.23.10 in CI
* chore(deps): update all dependencies
* G201/G202: add checks for injection into sql.Conn methods
* chore(deps): update module google.golang.org/api to v0.235.0
* chore(deps): update module google.golang.org/api to v0.234.0
* chore(deps): update module google.golang.org/api to v0.233.0
* chore(deps): update module google.golang.org/api to v0.232.0
- Switch vendor from gz to xz for consistency
- Switch from version to revision in _service
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=50
- Update to version 2.22.4:
* Update to go version 1.24.3 and 1.23.9
* update: updated the build command to include version metadata
* chore(deps): update all dependencies
* Update the AI provider API key value when provided as an argument
* chore(deps): update module google.golang.org/api to v0.230.0
* chore(deps): update module google.golang.org/api to v0.229.0
* chore(deps): update all dependencies
* Comment the reason why the file can be nil when an issue is created
* Handle nil file when creating a new issue
* chore(deps): update all dependencies (#1333) (forwarded request 1275586 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1275596
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=23
* Update to go version 1.24.3 and 1.23.9
* update: updated the build command to include version metadata
* chore(deps): update all dependencies
* Update the AI provider API key value when provided as an argument
* chore(deps): update module google.golang.org/api to v0.230.0
* chore(deps): update module google.golang.org/api to v0.229.0
* chore(deps): update all dependencies
* Comment the reason why the file can be nil when an issue is created
* Handle nil file when creating a new issue
* chore(deps): update all dependencies (#1333)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=48
- Update to version 2.22.3:
* Update version in 'action.yml' to 2.22.3 (anticipating next version (#1332)
* Update go version to 1.24.2 and 1.23.8 (#1331)
* remove G113. It only affects old/unsupported versions of Go (#1328)
* chore(deps): update all dependencies (#1325)
* Add SSOJet (#1320)
* chore(deps): update all dependencies (#1319)
* Update the integrity sha for babel dependency in html report (#1316)
* Add support for `//gosec:disable` directive (#1314)
* chore(deps): update all dependencies (#1315) (forwarded request 1267596 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1267714
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=22
* Update version in 'action.yml' to 2.22.3 (anticipating next version (#1332)
* Update go version to 1.24.2 and 1.23.8 (#1331)
* remove G113. It only affects old/unsupported versions of Go (#1328)
* chore(deps): update all dependencies (#1325)
* Add SSOJet (#1320)
* chore(deps): update all dependencies (#1319)
* Update the integrity sha for babel dependency in html report (#1316)
* Add support for `//gosec:disable` directive (#1314)
* chore(deps): update all dependencies (#1315)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=46
- Update to version 2.22.1:
* Update cosign to v2.4.2 (#1303)
* Add support for go 1.24 and phased out support for go 1.22 (#1302)
* chore(deps): update all dependencies (#1300)
* Update to go version 1.23.6 and 1.22.12 (#1299)
* chore(deps): update module google.golang.org/api to v0.219.0 (#1296)
* chore(deps): update module google.golang.org/api to v0.218.0 (#1294)
* Add test to conver unit parssing for G115 rule (#1293)
* Update to go version 1.23.5 and 1.22.11 (#1291)
* chore(deps): update all dependencies (#1290)
* Update gosec in github action to 2.22.0 (#1286) (forwarded request 1245688 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1245719
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=20
* Update cosign to v2.4.2 (#1303)
* Add support for go 1.24 and phased out support for go 1.22 (#1302)
* chore(deps): update all dependencies (#1300)
* Update to go version 1.23.6 and 1.22.12 (#1299)
* chore(deps): update module google.golang.org/api to v0.219.0 (#1296)
* chore(deps): update module google.golang.org/api to v0.218.0 (#1294)
* Add test to conver unit parssing for G115 rule (#1293)
* Update to go version 1.23.5 and 1.22.11 (#1291)
* chore(deps): update all dependencies (#1290)
* Update gosec in github action to 2.22.0 (#1286)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=41
- Update to version 2.22.0:
* Update what message for G104 (#1282)
* chore(deps): update module github.com/onsi/ginkgo/v2 to v2.22.2 (#1281)
* chore(deps): update all dependencies (#1280)
* chore(deps): update all dependencies (#1279)
* Simplify sortIssues implementation (#1277)
* Enable testifylint and fix up lint issues (#1276)
* Refactor AppendError to check for build.NoGoError (#1273)
* chore(deps): update module golang.org/x/net to v0.33.0 [security] (#1275)
* Update README.md (#1274)
* Rule documentation updates (#1272)
* Replace old golang.org links with new go.dev (#1271)
* Refactor AppendError to use strings.Contains (#1270)
* Simplify Analyzer.ignore by reducing nesting (#1269)
* Improve capitalization in AI API flags descriptions (#1267)
* Remove unused golint dependency (#1266)
* Simplify tests by using GinkgoT().TempDir() (#1265)
* Documentation on adding new rules and analyzers (#1262)
* chore(deps): update all dependencies (#1268)
* Update to go 1.22.10 and 1.23.4 versions (#1264)
* chore(deps): update module golang.org/x/crypto to v0.31.0 [security] (#1263)
* chore(deps): update all dependencies (#1261)
* chore(deps): update module github.com/onsi/gomega to v1.36.0 (#1259)
* fix: revive.redefines-builtin-id lint warnings (#1257)
* Fix typos in comments and fields
* Remove the decryption funtions/methods from G407 check
* Upate go to version 1.23.3 and 1.22.9
* Fix G115 false positive when going from parsed uint to larger int
* chore(deps): update all dependencies
* chore(deps): update all dependencies (forwarded request 1236191 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1236236
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=19
* Update what message for G104 (#1282)
* chore(deps): update module github.com/onsi/ginkgo/v2 to v2.22.2 (#1281)
* chore(deps): update all dependencies (#1280)
* chore(deps): update all dependencies (#1279)
* Simplify sortIssues implementation (#1277)
* Enable testifylint and fix up lint issues (#1276)
* Refactor AppendError to check for build.NoGoError (#1273)
* chore(deps): update module golang.org/x/net to v0.33.0 [security] (#1275)
* Update README.md (#1274)
* Rule documentation updates (#1272)
* Replace old golang.org links with new go.dev (#1271)
* Refactor AppendError to use strings.Contains (#1270)
* Simplify Analyzer.ignore by reducing nesting (#1269)
* Improve capitalization in AI API flags descriptions (#1267)
* Remove unused golint dependency (#1266)
* Simplify tests by using GinkgoT().TempDir() (#1265)
* Documentation on adding new rules and analyzers (#1262)
* chore(deps): update all dependencies (#1268)
* Update to go 1.22.10 and 1.23.4 versions (#1264)
* chore(deps): update module golang.org/x/crypto to v0.31.0 [security] (#1263)
* chore(deps): update all dependencies (#1261)
* chore(deps): update module github.com/onsi/gomega to v1.36.0 (#1259)
* fix: revive.redefines-builtin-id lint warnings (#1257)
* Fix typos in comments and fields
* Remove the decryption funtions/methods from G407 check
* Upate go to version 1.23.3 and 1.22.9
* Fix G115 false positive when going from parsed uint to larger int
* chore(deps): update all dependencies
* chore(deps): update all dependencies
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=39
- Update to version 2.21.2:
* Update the github action to v2.21.2 (#1218)
* Update the SARIF schema URL (#1217)
* Update go version to 1.23.1 and 1.22.7 (#1216)
* chore(deps): update all dependencies (#1215)
* Update gosec version to v2.21.1 in github action (#1213)
* Rollback the SARIF version to 2.1 since github doesn't support 2.2 (#1210)
* Update gosec in github action to v2.21.0 (#1208)
* Update cosign version to v2.4.0 in release github workflow (#1207)
* Improvement the int conversion overflow logic to handle bound checks (#1194)
* fix: G602 support for nested conditionals with bounds check (#1201)
* Update go.mod to sue go 1.22.0 toolchain
* chore(deps): update all dependencies
* Make variable name more clear
* Make variable names more explicity and reduce duplications
* Fix formatting
* Refactor to reduce some fuctions and variable names
* Pass the value argument directly since is an interface
* Added suggested changes
* Added another test case in order to increase code coverage
* Removed function parameter which is always the same
* Formatting problems(CI was not passing)
* Updated analyzer to use new way of initialization
* Migrated the rule to the analyzers folder
* Refractored code a little bit
* Added new rule G407(hardcoded IV/nonce)
* Fix conversion overflow false positive when using ParseUint
* Add a build step to measure the scan perfomance
* Fix conversion overflow false positives when they are checked or pre-determined
* Update go.mod
* chore(deps): update all dependencies
* Fix false positive in conversion overflow check from uint8/int8 type
* Disable staticcheck SA1019 rule
* Update the golangci linters
* Add more test to cover more use cases for G115 rule
* Allow excluding analyzers globally (#1180)
* Update to Go 1.23.0 (#1183)
* chore(deps): update all dependencies (#1182)
* Read the AI API key also from an environment variable (#1181)
* Add support to generate auto fixes using LLM (AI) (#1177)
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* chore(deps): update dependency babel-standalone to v7.24.10
* Resolve underlying type to detect overflows in type aliases
* chore(deps): update dependency babel-standalone to v7.24.8
* Fix multifile ignores
* Add -enable-audit cli flag
* Update to go 1.22.5 and 1.21.12
* chore(deps): update all dependencies
* Added more rules
* Fixed coverage workflow
* Fixed CI workflow
* Minor changes
* Split the G401 rule into two separate ones
* Updated G401 corresponding CWE
* chore(deps): update docker/build-push-action action to v6
* Update to go versions to 1.21.11 and 1.22.4
* chore(deps): update all dependencies
* Fix nosec when applied to a block
* Add more types to templates rule
* Map the G115 rule to an CWE ID
* chore(deps): update all dependencies
* Update README with G115 rule description
* Remove deprecated megacheck linter from golangci
* Format imports
* Update .gitignore
* Add a new rule to detect integer overflow on integer types conversion
* feat: add env var to override the Go version detection
* Use the proper logic when disabling the go module version
* Update the README with some details related to Go version used by the rules
* Add an environment varialbe which disables the parsing of Go version from module file
* chore(deps): update module github.com/onsi/ginkgo/v2 to v2.17.3 (forwarded request 1199812 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1199817
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=16
* Update the github action to v2.21.2 (#1218)
* Update the SARIF schema URL (#1217)
* Update go version to 1.23.1 and 1.22.7 (#1216)
* chore(deps): update all dependencies (#1215)
* Update gosec version to v2.21.1 in github action (#1213)
* Rollback the SARIF version to 2.1 since github doesn't support 2.2 (#1210)
* Update gosec in github action to v2.21.0 (#1208)
* Update cosign version to v2.4.0 in release github workflow (#1207)
* Improvement the int conversion overflow logic to handle bound checks (#1194)
* fix: G602 support for nested conditionals with bounds check (#1201)
* Update go.mod to sue go 1.22.0 toolchain
* chore(deps): update all dependencies
* Make variable name more clear
* Make variable names more explicity and reduce duplications
* Fix formatting
* Refactor to reduce some fuctions and variable names
* Pass the value argument directly since is an interface
* Added suggested changes
* Added another test case in order to increase code coverage
* Removed function parameter which is always the same
* Formatting problems(CI was not passing)
* Updated analyzer to use new way of initialization
* Migrated the rule to the analyzers folder
* Refractored code a little bit
* Added new rule G407(hardcoded IV/nonce)
* Fix conversion overflow false positive when using ParseUint
* Add a build step to measure the scan perfomance
* Fix conversion overflow false positives when they are checked or pre-determined
* Update go.mod
* chore(deps): update all dependencies
* Fix false positive in conversion overflow check from uint8/int8 type
* Disable staticcheck SA1019 rule
* Update the golangci linters
* Add more test to cover more use cases for G115 rule
* Allow excluding analyzers globally (#1180)
* Update to Go 1.23.0 (#1183)
* chore(deps): update all dependencies (#1182)
* Read the AI API key also from an environment variable (#1181)
* Add support to generate auto fixes using LLM (AI) (#1177)
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* chore(deps): update dependency babel-standalone to v7.24.10
* Resolve underlying type to detect overflows in type aliases
* chore(deps): update dependency babel-standalone to v7.24.8
* Fix multifile ignores
* Add -enable-audit cli flag
* Update to go 1.22.5 and 1.21.12
* chore(deps): update all dependencies
* Added more rules
* Fixed coverage workflow
* Fixed CI workflow
* Minor changes
* Split the G401 rule into two separate ones
* Updated G401 corresponding CWE
* chore(deps): update docker/build-push-action action to v6
* Update to go versions to 1.21.11 and 1.22.4
* chore(deps): update all dependencies
* Fix nosec when applied to a block
* Add more types to templates rule
* Map the G115 rule to an CWE ID
* chore(deps): update all dependencies
* Update README with G115 rule description
* Remove deprecated megacheck linter from golangci
* Format imports
* Update .gitignore
* Add a new rule to detect integer overflow on integer types conversion
* feat: add env var to override the Go version detection
* Use the proper logic when disabling the go module version
* Update the README with some details related to Go version used by the rules
* Add an environment varialbe which disables the parsing of Go version from module file
* chore(deps): update module github.com/onsi/ginkgo/v2 to v2.17.3
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=33
- Update to version 2.20.0:
* Update docker image in action to v2.20.0
* Catch os.ModePerm permissions in os.WriteFile
* Add a unit test to detect the false negative in rule G306 for os.ModePerm permissions
* Add filepath.EvalSymlinks to clean functions in rule G304
* chore(deps): update all dependencies
* Update Go to version 2.22.3 in CI and release
* chore(deps): update module golang.org/x/text to v0.15.0
* chore(deps): update all dependencies
* chore(deps): update module github.com/onsi/gomega to v1.33.0
* Update to go 1.22.2
* chore(deps): update all dependencies
* chore(deps): update module github.com/onsi/ginkgo/v2 to v2.17.1
* chore(deps): update all dependencies
* fix(helpers/goversion): get from go.mod
* chore: fix function name
* chore(deps): update all dependencies
* Format the imports using the gci tool
* Fixup: delete unused variable
* Fix test: update test to comply with the spec of generated sources
* Refactor: use standard function to check if a file is generated
* Fix lint warnings
* Add support for math/rand/v2 added in Go 1.22
* Skip the G601 tests for Go version 1.22
* Update go version to 1.22.1 and 1.21.8
* Ignore 'implicit memory aliasing' rule for Go 1.22+
* chore(deps): update all dependencies
* chore(deps): update module golang.org/x/tools to v0.18.0
* fix(hardcoded): remove duplicated `Stripe API Key` (forwarded request 1174421 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1174686
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=15
- Update to version 2.20.0:
* Update docker image in action to v2.20.0
* Catch os.ModePerm permissions in os.WriteFile
* Add a unit test to detect the false negative in rule G306 for os.ModePerm permissions
* Add filepath.EvalSymlinks to clean functions in rule G304
* chore(deps): update all dependencies
* Update Go to version 2.22.3 in CI and release
* chore(deps): update module golang.org/x/text to v0.15.0
* chore(deps): update all dependencies
* chore(deps): update module github.com/onsi/gomega to v1.33.0
* Update to go 1.22.2
* chore(deps): update all dependencies
* chore(deps): update module github.com/onsi/ginkgo/v2 to v2.17.1
* chore(deps): update all dependencies
* fix(helpers/goversion): get from go.mod
* chore: fix function name
* chore(deps): update all dependencies
* Format the imports using the gci tool
* Fixup: delete unused variable
* Fix test: update test to comply with the spec of generated sources
* Refactor: use standard function to check if a file is generated
* Fix lint warnings
* Add support for math/rand/v2 added in Go 1.22
* Skip the G601 tests for Go version 1.22
* Update go version to 1.22.1 and 1.21.8
* Ignore 'implicit memory aliasing' rule for Go 1.22+
* chore(deps): update all dependencies
* chore(deps): update module golang.org/x/tools to v0.18.0
* fix(hardcoded): remove duplicated `Stripe API Key`
OBS-URL: https://build.opensuse.org/request/show/1174421
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=31
- Update to version 2.19.0:
* Update gosec version to v2.19.0 in the Github action
* Update CI to go version 1.22
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* chore(deps): update dependency babel-standalone to v7.23.7
* chore(deps): update module golang.org/x/crypto to v0.17.0 [security]
* chore(deps): update all dependencies
* chore(deps): update actions/setup-go action to v5
* Fix lint warnings by properly formatting the files
* chore: Refactor Sample Code to Separate Files
* Update go version to 1.21.5 and 1.20.12 (#1084)
* chore(deps): update all dependencies (#1080)
* Ignore the issues from generated files when using the analysis framework (#1079)
* Update README with upload-sarif v2 (#1078)
* chore(deps): update dependency babel-standalone to v7.23.4 (forwarded request 1146309 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1146391
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=14
- Update to version 2.19.0:
* Update gosec version to v2.19.0 in the Github action
* Update CI to go version 1.22
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* chore(deps): update all dependencies
* chore(deps): update dependency babel-standalone to v7.23.7
* chore(deps): update module golang.org/x/crypto to v0.17.0 [security]
* chore(deps): update all dependencies
* chore(deps): update actions/setup-go action to v5
* Fix lint warnings by properly formatting the files
* chore: Refactor Sample Code to Separate Files
* Update go version to 1.21.5 and 1.20.12 (#1084)
* chore(deps): update all dependencies (#1080)
* Ignore the issues from generated files when using the analysis framework (#1079)
* Update README with upload-sarif v2 (#1078)
* chore(deps): update dependency babel-standalone to v7.23.4
OBS-URL: https://build.opensuse.org/request/show/1146309
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=29
- update to 2.18.2:
* Disable dot-imports in revive linter
* Run the gosec with data race detector active during
tests
* Fix data race in the analyzer
* Fix test that checks the overriden nosec directive
* Clean global state in flgs tests
* Format the file
* Update README with details which describe the current
of #nosec
* Ensure the ignores are parsed before analysing the
package
- Update to version 2.18.2:
* Added ppc64le support
* chore(deps): update all dependencies
* Ensure ignores are handled properly for multi-line issues
* Update Go to version 1.21.4 and 1.20.11
* chore(deps): update module golang.org/x/text to v0.14.0
* chore(deps): update all dependencies
* Remove the hardcoded GOOS value when building the Linux binary to enable support for container image for ARM
* Avoid allocations with `(*regexp.Regexp).MatchString`
* Fix some typos
* Update local installation instructions by removing the details for Go 1.16
OBS-URL: https://build.opensuse.org/request/show/1128786
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=13
* Disable dot-imports in revive linter
* Run the gosec with data race detector active during
tests
* Fix data race in the analyzer
* Fix test that checks the overriden nosec directive
* Clean global state in flgs tests
* Format the file
* Update README with details which describe the current
of #nosec
* Ensure the ignores are parsed before analysing the
package
- Update to version 2.18.2:
* Added ppc64le support
* chore(deps): update all dependencies
* Ensure ignores are handled properly for multi-line issues
* Update Go to version 1.21.4 and 1.20.11
* chore(deps): update module golang.org/x/text to v0.14.0
* chore(deps): update all dependencies
* Remove the hardcoded GOOS value when building the Linux binary to enable support for container image for ARM
* Avoid allocations with `(*regexp.Regexp).MatchString`
* Fix some typos
* Update local installation instructions by removing the details for Go 1.16
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=27
- Update to version 2.18.1:
* chore(deps): update all dependencies
* Update gosec to version 2.18.1 in the action
* Update cosign version to v2.2.0
* Refactor how ignored issues are tracked
* Restrict the maximum depth when tracking the slice bounds
* Handle empty ssa results
* Handle gracefully any panic that occurs when building the SSA representation of a package
* Fix typo
* Handle new function when getting the call info in case is overriden
* Bump golang.org/x/net from 0.16.0 to 0.17.0 (#1037)
* Update to Go 1.21.3 and 1.20.10 (#1035)
* Update the list of unsafe functions detected by the unsafe rule (#1033) (forwarded request 1118368 from jfkw)
OBS-URL: https://build.opensuse.org/request/show/1118372
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=12
- Update to version 2.18.1:
* chore(deps): update all dependencies
* Update gosec to version 2.18.1 in the action
* Update cosign version to v2.2.0
* Refactor how ignored issues are tracked
* Restrict the maximum depth when tracking the slice bounds
* Handle empty ssa results
* Handle gracefully any panic that occurs when building the SSA representation of a package
* Fix typo
* Handle new function when getting the call info in case is overriden
* Bump golang.org/x/net from 0.16.0 to 0.17.0 (#1037)
* Update to Go 1.21.3 and 1.20.10 (#1035)
* Update the list of unsafe functions detected by the unsafe rule (#1033)
OBS-URL: https://build.opensuse.org/request/show/1118368
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=25
- Update to version 2.18.0:
* Update the action to use gosec version v2.18.0 (#1029)
* Use a step ID in github release action to get the digest of the image (#1028)
* Update to go version 1.21.2 and 1.20.9 (#1027)
* chore(deps): update all dependencies (#1026)
* Enable gochecknoinits; fix lint issues; use consts for some vars (#1022)
* Fix typos in struct fields, comments, and docs (#1023)
* chore(deps): update all dependencies
* Fix lint warning
* Add a new rule which detects when a file is created with os.Create but the configured permissions are less than 0666
* Fix lint warnings
* Update ginkgo to latest version
* Redesign and reimplement the slice out of bounds check using SSA code representation
* docs: add reMarkable to users list
* chore(deps): update all dependencies
* Drop support for go 1.19.x since go team doesn't ship anymore security fixes for it
* Update to latest go version
* chore(deps): update all dependencies (#1011)
* Fix hardcoded_credentials rule to only match on more specific patterns (#1009)
* chore(deps): update all dependencies (#1008)
* Exclude maps from slince bounce check rule (#1006)
* Ignore struct pointers in G601 (#1003)
* Update gosec image version to 2.17.0 in the Github action (#1002)
- Packaging improvements:
* Use BuildRequires: golang(API) >= 1.20 instead of go >= 1.20.
The go metapackage points to a single go version that
increments at a date TBD after each go1.x major release. The
expression golang(API) is available immediately upon each go1.x
major release and is stable for expressing the minimum version
or a temporarily pinned version.
* Summary and Description clarify the purpose of this CLI tool
* Use Group: Development/Languages/Go instead of Other
* Drop BuildRequires: golang-packaging. The recommended Go
toolchain dependency is BuildRequires: golang(API) >= 1.x or
optionally the metapackage BuildRequires: go
* Drop Requires: golang-packaging. The original macros for file
movements into GOPATH are obsolete with Go modules. Macro
go_nostrip is no longer needed with current binutils and Go.
* Remove %%{go_nostrip} macro which is no longer recommended (forwarded request 1116472 from jfkw)
OBS-URL: https://build.opensuse.org/request/show/1116475
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=11
- Update to version 2.18.0:
* Update the action to use gosec version v2.18.0 (#1029)
* Use a step ID in github release action to get the digest of the image (#1028)
* Update to go version 1.21.2 and 1.20.9 (#1027)
* chore(deps): update all dependencies (#1026)
* Enable gochecknoinits; fix lint issues; use consts for some vars (#1022)
* Fix typos in struct fields, comments, and docs (#1023)
* chore(deps): update all dependencies
* Fix lint warning
* Add a new rule which detects when a file is created with os.Create but the configured permissions are less than 0666
* Fix lint warnings
* Update ginkgo to latest version
* Redesign and reimplement the slice out of bounds check using SSA code representation
* docs: add reMarkable to users list
* chore(deps): update all dependencies
* Drop support for go 1.19.x since go team doesn't ship anymore security fixes for it
* Update to latest go version
* chore(deps): update all dependencies (#1011)
* Fix hardcoded_credentials rule to only match on more specific patterns (#1009)
* chore(deps): update all dependencies (#1008)
* Exclude maps from slince bounce check rule (#1006)
* Ignore struct pointers in G601 (#1003)
* Update gosec image version to 2.17.0 in the Github action (#1002)
- Packaging improvements:
* Use BuildRequires: golang(API) >= 1.20 instead of go >= 1.20.
The go metapackage points to a single go version that
increments at a date TBD after each go1.x major release. The
expression golang(API) is available immediately upon each go1.x
major release and is stable for expressing the minimum version
or a temporarily pinned version.
* Summary and Description clarify the purpose of this CLI tool
* Use Group: Development/Languages/Go instead of Other
* Drop BuildRequires: golang-packaging. The recommended Go
toolchain dependency is BuildRequires: golang(API) >= 1.x or
optionally the metapackage BuildRequires: go
* Drop Requires: golang-packaging. The original macros for file
movements into GOPATH are obsolete with Go modules. Macro
go_nostrip is no longer needed with current binutils and Go.
* Remove %%{go_nostrip} macro which is no longer recommended
OBS-URL: https://build.opensuse.org/request/show/1116472
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=23
- Update to version 2.18.0:
* Update the action to use gosec version v2.18.0 (#1029)
* Use a step ID in github release action to get the digest of the image (#1028)
* Update to go version 1.21.2 and 1.20.9 (#1027)
* chore(deps): update all dependencies (#1026)
* Enable gochecknoinits; fix lint issues; use consts for some vars (#1022)
* Fix typos in struct fields, comments, and docs (#1023)
* chore(deps): update all dependencies
* Fix lint warning
* Add a new rule which detects when a file is created with os.Create but the configured permissions are less than 0666
* Fix lint warnings
* Update ginkgo to latest version
* Redesign and reimplement the slice out of bounds check using SSA code representation
* docs: add reMarkable to users list
* chore(deps): update all dependencies
* Drop support for go 1.19.x since go team doesn't ship anymore security fixes for it
* Update to latest go version
* chore(deps): update all dependencies (#1011)
* Fix hardcoded_credentials rule to only match on more specific patterns (#1009)
* chore(deps): update all dependencies (#1008)
* Exclude maps from slince bounce check rule (#1006)
* Ignore struct pointers in G601 (#1003)
* Update gosec image version to 2.17.0 in the Github action (#1002)
OBS-URL: https://build.opensuse.org/request/show/1116406
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=22
- Update to version 2.17.0:
* Update cosign to version v2.1.1 (#1000)
* Enable go 1.21.0 in the CI build (#998)
* chore(deps): update all dependencies (#997)
* Update to go version 1.20.7 and 1.19.12 (#993)
* chore(deps): update all dependencies (#992)
* chore(deps): update module github.com/onsi/gomega to v1.27.10 (#991)
* fix: correctly identify infixed concats as potential SQL injections (#987)
* chore(deps): update all dependencies (#989)
* Add a new flag terse to show only the results and summary (#986)
* Switch to a maintained fork of zxcvbn module (#984)
- Require go 1.20 (forwarded request 1104395 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1104424
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=10
- Update to version 2.17.0:
* Update cosign to version v2.1.1 (#1000)
* Enable go 1.21.0 in the CI build (#998)
* chore(deps): update all dependencies (#997)
* Update to go version 1.20.7 and 1.19.12 (#993)
* chore(deps): update all dependencies (#992)
* chore(deps): update module github.com/onsi/gomega to v1.27.10 (#991)
* fix: correctly identify infixed concats as potential SQL injections (#987)
* chore(deps): update all dependencies (#989)
* Add a new flag terse to show only the results and summary (#986)
* Switch to a maintained fork of zxcvbn module (#984)
- Require go 1.20
OBS-URL: https://build.opensuse.org/request/show/1104395
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=20
- Update to version 2.16.0
* Update cosign to latest version in release Github action
* chore(deps): update all dependencies
* Update go version in build and release scripts
* chore(deps): update all dependencies
* Update Go version to 1.20.3
* chore(deps): update all dependencies
* Fix for Dockerfile smell DL3059
* README: upgrade GitHub action in examples
* enable ginkgolinter linter
* chore(deps): update all dependencies
* correct gci linter
* remove deprecated linters
* increase timeout to 5m
* chore(deps): update all dependencies
* Use the latest version
* Fix some linting warnings
* Fix lint warning
* Bump the go versions and golanci
* chore(deps): update all dependencies
* Check nil pointer when variable is declared in a different file
* fix dead link to issue.go in README.md
* Remove rule G307 which checks when an error is not handled when a file or socket connection is closed
* Fix rule index reference into sarif report
* Bump golang.org/x/net from 0.6.0 to 0.7.0
* Format file
* Use the gosec issue in the go analysers
* Fix file formatting
* Update Go version in CI builds
* Fix method name in the comment
* Extract the issue in its own package
* Add support for Go analysis framework and SSA code representation
* chore(deps): update all dependencies
* Remove the version form ci github action
* Pin github action to latest release version 2.15.0
* Revert the image tag in github action until a working solution is found
* Fix version interpolation in github action image
* Add gosec version as an input parameter to GitHub action
* Update release build script (forwarded request 1088575 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1088705
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=9
- Update to version 2.16.0
* Update cosign to latest version in release Github action
* chore(deps): update all dependencies
* Update go version in build and release scripts
* chore(deps): update all dependencies
* Update Go version to 1.20.3
* chore(deps): update all dependencies
* Fix for Dockerfile smell DL3059
* README: upgrade GitHub action in examples
* enable ginkgolinter linter
* chore(deps): update all dependencies
* correct gci linter
* remove deprecated linters
* increase timeout to 5m
* chore(deps): update all dependencies
* Use the latest version
* Fix some linting warnings
* Fix lint warning
* Bump the go versions and golanci
* chore(deps): update all dependencies
* Check nil pointer when variable is declared in a different file
* fix dead link to issue.go in README.md
* Remove rule G307 which checks when an error is not handled when a file or socket connection is closed
* Fix rule index reference into sarif report
* Bump golang.org/x/net from 0.6.0 to 0.7.0
* Format file
* Use the gosec issue in the go analysers
* Fix file formatting
* Update Go version in CI builds
* Fix method name in the comment
* Extract the issue in its own package
* Add support for Go analysis framework and SSA code representation
* chore(deps): update all dependencies
* Remove the version form ci github action
* Pin github action to latest release version 2.15.0
* Revert the image tag in github action until a working solution is found
* Fix version interpolation in github action image
* Add gosec version as an input parameter to GitHub action
* Update release build script
OBS-URL: https://build.opensuse.org/request/show/1088575
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=18
* Update to version 2.15.0
- Fix dependencies after renovate update
- chore(deps): update all dependencies (#922)
- Update to Go 1.20 and fix unit tests (#923)
- Update Go to latest version (#920)
- Update hardcoded_credentials.go fix: adaper equal expr which const value at left (#917)
- Fix github latest URL (#918)
- Fix github release url (#916)
- chore(deps): update module github.com/onsi/ginkgo/v2 to v2.7.0 (#914)
- Update Go version in CI script (#913)
- Track back when a file path was sanitized with filepath.Clean (#912)
- Fix the TLS config rule when parsing the settings from a variable (#911)
- Fix build after updating the dependencies (#910)
- chore(deps): update all dependencies (#909)
- Fix dependencies after renovate update (#907)
- chore(deps): update all dependencies (#906)
- Update slack badge and link (#905)
- Auto-detect TLS MinVersion integer base (#903)
- Adding s390x support (#902)
- chore(deps): update all dependencies (#904)
- chore(deps): update all dependencies (#898)
- Additional types for bad defer check (#897)
- chore(deps): update all dependencies (#894)
- chore(deps): update all dependencies (#892)
- Update Go version in CI scripts (#889)
- chore(deps): update all dependencies (#888)
- Allow to override build date with SOURCE_DATE_EPOCH (#887)
- chore(deps): update all dependencies (#886)
- chore(deps): update all dependencies (#884)
- fileperms: bitwise permission comparison (#883) (forwarded request 1063437 from ph03nix)
OBS-URL: https://build.opensuse.org/request/show/1063471
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=8
* Update to version 2.15.0
- Fix dependencies after renovate update
- chore(deps): update all dependencies (#922)
- Update to Go 1.20 and fix unit tests (#923)
- Update Go to latest version (#920)
- Update hardcoded_credentials.go fix: adaper equal expr which const value at left (#917)
- Fix github latest URL (#918)
- Fix github release url (#916)
- chore(deps): update module github.com/onsi/ginkgo/v2 to v2.7.0 (#914)
- Update Go version in CI script (#913)
- Track back when a file path was sanitized with filepath.Clean (#912)
- Fix the TLS config rule when parsing the settings from a variable (#911)
- Fix build after updating the dependencies (#910)
- chore(deps): update all dependencies (#909)
- Fix dependencies after renovate update (#907)
- chore(deps): update all dependencies (#906)
- Update slack badge and link (#905)
- Auto-detect TLS MinVersion integer base (#903)
- Adding s390x support (#902)
- chore(deps): update all dependencies (#904)
- chore(deps): update all dependencies (#898)
- Additional types for bad defer check (#897)
- chore(deps): update all dependencies (#894)
- chore(deps): update all dependencies (#892)
- Update Go version in CI scripts (#889)
- chore(deps): update all dependencies (#888)
- Allow to override build date with SOURCE_DATE_EPOCH (#887)
- chore(deps): update all dependencies (#886)
- chore(deps): update all dependencies (#884)
- fileperms: bitwise permission comparison (#883)
OBS-URL: https://build.opensuse.org/request/show/1063437
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=16
- Switch OBS source service from tar_scm to obs_scm.
* Embed version info with go build arg GIT_TAG="v%{version}"
* _service obs_scm switch from tar_scm
* _service obs_scm switch param revision (branch) to version (tag)
* _service tar set to buildtime
* _service recompress set to buildtime
* _service recompress change tar compression from gz to xz (forwarded request 1043862 from jfkw)
OBS-URL: https://build.opensuse.org/request/show/1043867
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=7
* Update to versin 2.14.0
- Pin release build to Go version 1.19.2 (#882)
- Refactor to support duplicate imports with different aliases (#865)
- chore(deps): update all dependencies (#881)
- go.mod: ginkgo/v2 v2.3.1, golang.org/x/text v0.3.8, update go versions (#880)
- Update Go version to 1.19 in the makefile (#876)
- chore(deps): update all dependencies (#875)
- Add CWE-676 to cwe mapping (#874)
- chore(deps): update all dependencies (#872)
- Add a way to use private repositories on GitHub (#869)
- chore(deps): update all dependencies (#868)
- Check go version when installing govulncheck
- Check go version when running govulncheck
- Add vulncheck to the test steps
- chore(deps): update all dependencies
- Fix false positives for G404 with aliased packages
- chore(deps): update all dependencies
- chore(deps): update all dependencies
- fix: add a CWE ID mapping to rule G114
- chore(deps): update golang.org/x/crypto digest to bc19a97
OBS-URL: https://build.opensuse.org/request/show/1026508
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=6
* Update to versin 2.14.0
- Pin release build to Go version 1.19.2 (#882)
- Refactor to support duplicate imports with different aliases (#865)
- chore(deps): update all dependencies (#881)
- go.mod: ginkgo/v2 v2.3.1, golang.org/x/text v0.3.8, update go versions (#880)
- Update Go version to 1.19 in the makefile (#876)
- chore(deps): update all dependencies (#875)
- Add CWE-676 to cwe mapping (#874)
- chore(deps): update all dependencies (#872)
- Add a way to use private repositories on GitHub (#869)
- chore(deps): update all dependencies (#868)
- Check go version when installing govulncheck
- Check go version when running govulncheck
- Add vulncheck to the test steps
- chore(deps): update all dependencies
- Fix false positives for G404 with aliased packages
- chore(deps): update all dependencies
- chore(deps): update all dependencies
- fix: add a CWE ID mapping to rule G114
- chore(deps): update golang.org/x/crypto digest to bc19a97
OBS-URL: https://build.opensuse.org/request/show/1014614
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/gosec?expand=0&rev=12
