a32e2a03fa
- Update to version 2.21.2: * Update the github action to v2.21.2 (#1218) * Update the SARIF schema URL (#1217) * Update go version to 1.23.1 and 1.22.7 (#1216) * chore(deps): update all dependencies (#1215) * Update gosec version to v2.21.1 in github action (#1213) * Rollback the SARIF version to 2.1 since github doesn't support 2.2 (#1210) * Update gosec in github action to v2.21.0 (#1208) * Update cosign version to v2.4.0 in release github workflow (#1207) * Improvement the int conversion overflow logic to handle bound checks (#1194) * fix: G602 support for nested conditionals with bounds check (#1201) * Update go.mod to sue go 1.22.0 toolchain * chore(deps): update all dependencies * Make variable name more clear * Make variable names more explicity and reduce duplications * Fix formatting * Refactor to reduce some fuctions and variable names * Pass the value argument directly since is an interface * Added suggested changes * Added another test case in order to increase code coverage * Removed function parameter which is always the same * Formatting problems(CI was not passing) * Updated analyzer to use new way of initialization * Migrated the rule to the analyzers folder * Refractored code a little bit * Added new rule G407(hardcoded IV/nonce) * Fix conversion overflow false positive when using ParseUint * Add a build step to measure the scan perfomance * Fix conversion overflow false positives when they are checked or pre-determined * Update go.mod * chore(deps): update all dependencies * Fix false positive in conversion overflow check from uint8/int8 type * Disable staticcheck SA1019 rule * Update the golangci linters * Add more test to cover more use cases for G115 rule * Allow excluding analyzers globally (#1180) * Update to Go 1.23.0 (#1183) * chore(deps): update all dependencies (#1182) * Read the AI API key also from an environment variable (#1181) * Add support to generate auto fixes using LLM (AI) (#1177) * chore(deps): update all dependencies * chore(deps): update all dependencies * chore(deps): update all dependencies * chore(deps): update dependency babel-standalone to v7.24.10 * Resolve underlying type to detect overflows in type aliases * chore(deps): update dependency babel-standalone to v7.24.8 * Fix multifile ignores * Add -enable-audit cli flag * Update to go 1.22.5 and 1.21.12 * chore(deps): update all dependencies * Added more rules * Fixed coverage workflow * Fixed CI workflow * Minor changes * Split the G401 rule into two separate ones * Updated G401 corresponding CWE * chore(deps): update docker/build-push-action action to v6 * Update to go versions to 1.21.11 and 1.22.4 * chore(deps): update all dependencies * Fix nosec when applied to a block * Add more types to templates rule * Map the G115 rule to an CWE ID * chore(deps): update all dependencies * Update README with G115 rule description * Remove deprecated megacheck linter from golangci * Format imports * Update .gitignore * Add a new rule to detect integer overflow on integer types conversion * feat: add env var to override the Go version detection * Use the proper logic when disabling the go module version * Update the README with some details related to Go version used by the rules * Add an environment varialbe which disables the parsing of Go version from module file * chore(deps): update module github.com/onsi/ginkgo/v2 to v2.17.3 (forwarded request 1199812 from ph03nix) OBS-URL: https://build.opensuse.org/request/show/1199817 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gosec?expand=0&rev=16 |
||
---|---|---|
_service | ||
_servicedata | ||
.gitattributes | ||
.gitignore | ||
gosec-2.21.2.obscpio | ||
gosec.changes | ||
gosec.obsinfo | ||
gosec.spec | ||
vendor.tar.gz |