Revisions of gosec
Ana Guerrero (anag+factory)
accepted
request 1146391
from
Jeff Kowalczyk (jfkw)
(revision 14)
- Update to version 2.19.0: * Update gosec version to v2.19.0 in the Github action * Update CI to go version 1.22 * chore(deps): update all dependencies * chore(deps): update all dependencies * chore(deps): update all dependencies * chore(deps): update all dependencies * chore(deps): update all dependencies * chore(deps): update dependency babel-standalone to v7.23.7 * chore(deps): update module golang.org/x/crypto to v0.17.0 [security] * chore(deps): update all dependencies * chore(deps): update actions/setup-go action to v5 * Fix lint warnings by properly formatting the files * chore: Refactor Sample Code to Separate Files * Update go version to 1.21.5 and 1.20.12 (#1084) * chore(deps): update all dependencies (#1080) * Ignore the issues from generated files when using the analysis framework (#1079) * Update README with upload-sarif v2 (#1078) * chore(deps): update dependency babel-standalone to v7.23.4 (forwarded request 1146309 from ph03nix)
Ana Guerrero (anag+factory)
accepted
request 1128786
from
Dirk Mueller (dirkmueller)
(revision 13)
- update to 2.18.2:
* Disable dot-imports in revive linter
* Run the gosec with data race detector active during
tests
* Fix data race in the analyzer
* Fix test that checks the overriden nosec directive
* Clean global state in flgs tests
* Format the file
* Update README with details which describe the current
of #nosec
* Ensure the ignores are parsed before analysing the
package
- Update to version 2.18.2:
* Added ppc64le support
* chore(deps): update all dependencies
* Ensure ignores are handled properly for multi-line issues
* Update Go to version 1.21.4 and 1.20.11
* chore(deps): update module golang.org/x/text to v0.14.0
* chore(deps): update all dependencies
* Remove the hardcoded GOOS value when building the Linux binary to enable support for container image for ARM
* Avoid allocations with `(*regexp.Regexp).MatchString`
* Fix some typos
* Update local installation instructions by removing the details for Go 1.16
Ana Guerrero (anag+factory)
accepted
request 1118372
from
Jeff Kowalczyk (jfkw)
(revision 12)
- Update to version 2.18.1: * chore(deps): update all dependencies * Update gosec to version 2.18.1 in the action * Update cosign version to v2.2.0 * Refactor how ignored issues are tracked * Restrict the maximum depth when tracking the slice bounds * Handle empty ssa results * Handle gracefully any panic that occurs when building the SSA representation of a package * Fix typo * Handle new function when getting the call info in case is overriden * Bump golang.org/x/net from 0.16.0 to 0.17.0 (#1037) * Update to Go 1.21.3 and 1.20.10 (#1035) * Update the list of unsafe functions detected by the unsafe rule (#1033) (forwarded request 1118368 from jfkw)
Ana Guerrero (anag+factory)
accepted
request 1116475
from
Jeff Kowalczyk (jfkw)
(revision 11)
- Update to version 2.18.0:
* Update the action to use gosec version v2.18.0 (#1029)
* Use a step ID in github release action to get the digest of the image (#1028)
* Update to go version 1.21.2 and 1.20.9 (#1027)
* chore(deps): update all dependencies (#1026)
* Enable gochecknoinits; fix lint issues; use consts for some vars (#1022)
* Fix typos in struct fields, comments, and docs (#1023)
* chore(deps): update all dependencies
* Fix lint warning
* Add a new rule which detects when a file is created with os.Create but the configured permissions are less than 0666
* Fix lint warnings
* Update ginkgo to latest version
* Redesign and reimplement the slice out of bounds check using SSA code representation
* docs: add reMarkable to users list
* chore(deps): update all dependencies
* Drop support for go 1.19.x since go team doesn't ship anymore security fixes for it
* Update to latest go version
* chore(deps): update all dependencies (#1011)
* Fix hardcoded_credentials rule to only match on more specific patterns (#1009)
* chore(deps): update all dependencies (#1008)
* Exclude maps from slince bounce check rule (#1006)
* Ignore struct pointers in G601 (#1003)
* Update gosec image version to 2.17.0 in the Github action (#1002)
- Packaging improvements:
* Use BuildRequires: golang(API) >= 1.20 instead of go >= 1.20.
The go metapackage points to a single go version that
increments at a date TBD after each go1.x major release. The
expression golang(API) is available immediately upon each go1.x
major release and is stable for expressing the minimum version
or a temporarily pinned version.
* Summary and Description clarify the purpose of this CLI tool
* Use Group: Development/Languages/Go instead of Other
* Drop BuildRequires: golang-packaging. The recommended Go
toolchain dependency is BuildRequires: golang(API) >= 1.x or
optionally the metapackage BuildRequires: go
* Drop Requires: golang-packaging. The original macros for file
movements into GOPATH are obsolete with Go modules. Macro
go_nostrip is no longer needed with current binutils and Go.
* Remove %%{go_nostrip} macro which is no longer recommended (forwarded request 1116472 from jfkw)
Ana Guerrero (anag+factory)
accepted
request 1104424
from
Jeff Kowalczyk (jfkw)
(revision 10)
- Update to version 2.17.0: * Update cosign to version v2.1.1 (#1000) * Enable go 1.21.0 in the CI build (#998) * chore(deps): update all dependencies (#997) * Update to go version 1.20.7 and 1.19.12 (#993) * chore(deps): update all dependencies (#992) * chore(deps): update module github.com/onsi/gomega to v1.27.10 (#991) * fix: correctly identify infixed concats as potential SQL injections (#987) * chore(deps): update all dependencies (#989) * Add a new flag terse to show only the results and summary (#986) * Switch to a maintained fork of zxcvbn module (#984) - Require go 1.20 (forwarded request 1104395 from ph03nix)
Dominique Leuenberger (dimstar_suse)
accepted
request 1088705
from
Jeff Kowalczyk (jfkw)
(revision 9)
- Update to version 2.16.0 * Update cosign to latest version in release Github action * chore(deps): update all dependencies * Update go version in build and release scripts * chore(deps): update all dependencies * Update Go version to 1.20.3 * chore(deps): update all dependencies * Fix for Dockerfile smell DL3059 * README: upgrade GitHub action in examples * enable ginkgolinter linter * chore(deps): update all dependencies * correct gci linter * remove deprecated linters * increase timeout to 5m * chore(deps): update all dependencies * Use the latest version * Fix some linting warnings * Fix lint warning * Bump the go versions and golanci * chore(deps): update all dependencies * Check nil pointer when variable is declared in a different file * fix dead link to issue.go in README.md * Remove rule G307 which checks when an error is not handled when a file or socket connection is closed * Fix rule index reference into sarif report * Bump golang.org/x/net from 0.6.0 to 0.7.0 * Format file * Use the gosec issue in the go analysers * Fix file formatting * Update Go version in CI builds * Fix method name in the comment * Extract the issue in its own package * Add support for Go analysis framework and SSA code representation * chore(deps): update all dependencies * Remove the version form ci github action * Pin github action to latest release version 2.15.0 * Revert the image tag in github action until a working solution is found * Fix version interpolation in github action image * Add gosec version as an input parameter to GitHub action * Update release build script (forwarded request 1088575 from ph03nix)
Dominique Leuenberger (dimstar_suse)
accepted
request 1063471
from
Jeff Kowalczyk (jfkw)
(revision 8)
* Update to version 2.15.0 - Fix dependencies after renovate update - chore(deps): update all dependencies (#922) - Update to Go 1.20 and fix unit tests (#923) - Update Go to latest version (#920) - Update hardcoded_credentials.go fix: adaper equal expr which const value at left (#917) - Fix github latest URL (#918) - Fix github release url (#916) - chore(deps): update module github.com/onsi/ginkgo/v2 to v2.7.0 (#914) - Update Go version in CI script (#913) - Track back when a file path was sanitized with filepath.Clean (#912) - Fix the TLS config rule when parsing the settings from a variable (#911) - Fix build after updating the dependencies (#910) - chore(deps): update all dependencies (#909) - Fix dependencies after renovate update (#907) - chore(deps): update all dependencies (#906) - Update slack badge and link (#905) - Auto-detect TLS MinVersion integer base (#903) - Adding s390x support (#902) - chore(deps): update all dependencies (#904) - chore(deps): update all dependencies (#898) - Additional types for bad defer check (#897) - chore(deps): update all dependencies (#894) - chore(deps): update all dependencies (#892) - Update Go version in CI scripts (#889) - chore(deps): update all dependencies (#888) - Allow to override build date with SOURCE_DATE_EPOCH (#887) - chore(deps): update all dependencies (#886) - chore(deps): update all dependencies (#884) - fileperms: bitwise permission comparison (#883) (forwarded request 1063437 from ph03nix)
Dominique Leuenberger (dimstar_suse)
accepted
request 1043867
from
Jeff Kowalczyk (jfkw)
(revision 7)
- Switch OBS source service from tar_scm to obs_scm.
* Embed version info with go build arg GIT_TAG="v%{version}"
* _service obs_scm switch from tar_scm
* _service obs_scm switch param revision (branch) to version (tag)
* _service tar set to buildtime
* _service recompress set to buildtime
* _service recompress change tar compression from gz to xz (forwarded request 1043862 from jfkw)
Dominique Leuenberger (dimstar_suse)
accepted
request 1026508
from
Jeff Kowalczyk (jfkw)
(revision 6)
* Update to versin 2.14.0 - Pin release build to Go version 1.19.2 (#882) - Refactor to support duplicate imports with different aliases (#865) - chore(deps): update all dependencies (#881) - go.mod: ginkgo/v2 v2.3.1, golang.org/x/text v0.3.8, update go versions (#880) - Update Go version to 1.19 in the makefile (#876) - chore(deps): update all dependencies (#875) - Add CWE-676 to cwe mapping (#874) - chore(deps): update all dependencies (#872) - Add a way to use private repositories on GitHub (#869) - chore(deps): update all dependencies (#868) - Check go version when installing govulncheck - Check go version when running govulncheck - Add vulncheck to the test steps - chore(deps): update all dependencies - Fix false positives for G404 with aliased packages - chore(deps): update all dependencies - chore(deps): update all dependencies - fix: add a CWE ID mapping to rule G114 - chore(deps): update golang.org/x/crypto digest to bc19a97
Dominique Leuenberger (dimstar_suse)
accepted
request 998691
from
Jeff Kowalczyk (jfkw)
(revision 5)
Update to version 2.13.1 (forwarded request 998624 from ph03nix)
Dominique Leuenberger (dimstar_suse)
accepted
request 984265
from
Jeff Kowalczyk (jfkw)
(revision 4)
- Enable _service tar_scm changelog automation - Commit _servicedata to support tar_scm changelog automation - Update to version 2.12.0: (forwarded request 984075 from jfkw)
Dominique Leuenberger (dimstar_suse)
accepted
request 974964
from
Jeff Kowalczyk (jfkw)
(revision 3)
* Use build-linux target on x86_64 to include git tag and version (for `gosec -version`) * Add additional build check (forwarded request 974534 from ph03nix)
Dominique Leuenberger (dimstar_suse)
accepted
request 958490
from
Jeff Kowalczyk (jfkw)
(revision 2)
Update to v2.10.0 (forwarded request 958397 from ph03nix)
Dominique Leuenberger (dimstar_suse)
accepted
request 950920
from
Felix Niederwanger (ph03nix)
(revision 1)
Add gosec package to Tumbleweed
Displaying all 14 revisions
