alpTom/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2026-01-15 01:33:41 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,248 Commits 8 Branches 53 Tags
master
Commit Graph

134 Commits

Author SHA1 Message Date
Tom van der Woerdt
3150b28fc4 feat: add goanalysis package for nogo (#1449) 
* feat: add goanalysis package for nogo

Add goanalysis package providing a standard
golang.org/x/tools/go/analysis.Analyzer for gosec. Enables
integration with nogo, and go vet.

- Implements analysis.Analyzer interface
- Reuses SSA built by analysis framework for efficient caching
- Configurable severity/confidence filtering via flags
- Includes CWE IDs in diagnostics ([CWE-XXX] format)
- Runs both AST rules and SSA analyzers
- Respects #nosec and suppression directives

Also exclude testdata from security scanning in Makefile to
prevent false positives on intentionally vulnerable test files.

* Also exclude testdata from github action
 2026-01-14 11:10:06 +01:00
renovate[bot]
25804378cd chore(deps): update all dependencies (#1440) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-12-16 09:22:49 +01:00
Cosmin Cojocar
d4be2876cf Update go to 1.25.5 and 1.24.11 in CI (#1433) 
* Update go version to 1.25.5 and 1.24.11 in CI


Signed-off-by: Cosmin Cojocar <ccojocar@google.com>

* Update the buildSSA to use the new tools package

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>

* Remove the type allignment check

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>

---------

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-12-03 13:57:07 +01:00
renovate[bot]
fde7515239 chore(deps): update all dependencies (#1425) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-12-02 09:31:48 +01:00
renovate[bot]
a8fefd17f7 chore(deps): update all dependencies (#1421) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-11-10 10:10:57 +01:00
Cosmin Cojocar
c34cbbf565 Update go to version 1.25.4 and 1.24.10 in CI (#1415) 
fixes #1404

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-11-06 17:09:17 +01:00
Cosmin Cojocar
6be2b51fd7 Update go to version 1.25.3 and 1.24.9 in CI (#1404) 
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-10-14 14:54:01 +02:00
renovate[bot]
fddb9427b8 chore(deps): update all dependencies (#1402) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-10-13 09:54:49 +02:00
Cosmin Cojocar
f6760311e8 Update go to version 1.25.2 and 2.24.8 in CI (#1401) 
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-10-08 12:55:04 +02:00
Cosmin Cojocar
15d5c61e86 Update cosign to v2.6.0 and go in the CI to latest version 
Change-Id: I1754871a875f82fa1177793e74a41cc88ef4059f
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-09-22 08:42:03 +00:00
renovate[bot]
4be6b11bbc chore(deps): update all dependencies 2025-09-08 11:06:08 +00:00
renovate[bot]
287b46c018 chore(deps): update all dependencies 2025-08-18 07:59:10 +00:00
Cosmin Cojocar
c9453023c4 Add support for go version 1.25.0 
Change-Id: Ia694411be7e861177970485cc6185af5a6944686
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-08-14 12:38:12 +00:00
Cosmin Cojocar
ef7adab98c Update go version in CI to 1.24.6 and 1.23.12 
Change-Id: I940b6382282fa2609736a62491c22b3e9319f430
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-08-11 13:42:46 +00:00
renovate[bot]
e201bb86c2 chore(deps): update all dependencies 2025-08-11 08:54:42 +00:00
Cosmin Cojocar
bc3f2145b5 Update go version to 1.24.5 and 1.23.11 in the CI 
Change-Id: I56c3576fbda7cc2633dac335c29b2494985978e9
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-07-21 09:38:01 +00:00
renovate[bot]
59ae7e9e27 chore(deps): update all dependencies 2025-07-14 08:59:55 +00:00
Cosmin Cojocar
1bef91a07f Update go version 1.24.4 and 1.23.10 in CI 
Change-Id: I3d7d82da3385d231873a8901132a8a025beb01fc
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-06-16 11:21:59 +02:00
renovate[bot]
621702f13a chore(deps): update all dependencies 2025-06-10 10:39:08 +02:00
Cosmin Cojocar
6decf96c3d Update to go version 1.24.3 and 1.23.9 
Change-Id: I51a700de77a580647088f6ac40a725bac5c4e233
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-05-08 11:19:37 +02:00
renovate[bot]
270b5ce868 chore(deps): update all dependencies 2025-05-06 09:44:05 +02:00
renovate[bot]
d514c42671 chore(deps): update all dependencies (#1333) 
* chore(deps): update all dependencies

* Fix all lint warnings after upgrading golangci-lint action

Change-Id: I7b4162307ae0d6a1c9ec00b7127469c64ed93f64
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>

* Remove the backup file

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>

---------

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Cosmin Cojocar <ccojocar@google.com>
 2025-04-07 13:12:14 +02:00
Cosmin Cojocar
955a68d0d1 Update go version to 1.24.2 and 1.23.8 (#1331) 2025-04-03 16:53:13 +02:00
Cosmin Cojocar
136f6c0040 Update to go version 1.24.1 and 1.23.7 (#1313) 
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-03-05 11:40:35 +01:00
Cosmin Cojocar
43fee884f6 Update cosign to v2.4.2 (#1303) 
Change-Id: I5346ca655388a5c33463ccecc72657b539c83d76

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-02-13 10:19:46 +01:00
Cosmin Cojocar
77238291df Add support for go 1.24 and phased out support for go 1.22 (#1302) 
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-02-13 10:16:37 +01:00
Cosmin Cojocar
f4d2576c36 Update to go version 1.23.6 and 1.22.12 (#1299) 
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-02-05 10:21:51 +01:00
Cosmin Cojocar
59291a08ae Update to go version 1.23.5 and 1.22.11 (#1291) 2025-01-20 09:31:43 +01:00
Cosmin Cojocar
ca55eca3de Update to go 1.22.10 and 1.23.4 versions (#1264) 
Change-Id: Ie36866e0b27c08e2211e86f6fffea559a193924c

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2024-12-12 12:10:18 +01:00
Cosmin Cojocar
699cb55eb3 Upate go to version 1.23.3 and 1.22.9 
Change-Id: I8c9767333830999d35119505fa70de1b133ba36f
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2024-11-26 09:48:59 +01:00
renovate[bot]
44156135bf chore(deps): update all dependencies 2024-11-18 09:46:28 +01:00
Cosmin Cojocar
4fd98728a7 Update go version to 1.23.2 and 1.22.8 
Change-Id: I8f941e97f1ec7b0df2e3efa76f881b85f2a287cc
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2024-10-22 14:57:16 +02:00
Cosmin Cojocar
1216c9b96b Fix the cosign step to authenticate with the container registry 
Change-Id: I8b5fd63128b7c661c438c9cff9e8a4a3e487712b
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2024-10-01 17:11:46 +02:00
Cosmin Cojocar
0396179112 Update go version to 1.23.1 and 1.22.7 (#1216) 
Change-Id: I2c5ad3b96a96470ce663de84d767590b842990ac

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2024-09-09 15:29:43 +02:00
Cosmin Cojocar
b278b40c52 Update cosign version to v2.4.0 in release github workflow (#1207) 
Change-Id: I78b4ad65597f6c10d9cc3113864fd73a25101b25

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2024-09-04 16:22:00 +02:00
Cosmin Cojocar
c52dc0ea4e Add a build step to measure the scan perfomance 
This step will measure the scan performance difference against the
master version.

Change-Id: I1b9196ef3348350cf818471f55d9024d14064ac6
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2024-08-26 19:08:32 +02:00
Cosmin Cojocar
18135b439c Update to Go 1.23.0 (#1183) 
Change-Id: I11a6402e85ac543305e8bad4ea35239779424dd6

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2024-08-19 09:17:50 +02:00
Cosmin Cojocar
87fcb9b95b Update to go 1.22.5 and 1.21.12 
Change-Id: I3334016ed2714ce4aed959d7f19a33e220c000e4
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2024-07-08 16:00:12 +02:00
renovate[bot]
3edc633c24 chore(deps): update docker/build-push-action action to v6 2024-06-24 15:24:22 +02:00
Cosmin Cojocar
2ae137abcf Update to go versions to 1.21.11 and 1.22.4 
Signed-off-by: Cosmin Cojocar <cosmin@cojocar.ch>
 2024-06-11 21:47:56 +02:00
renovate[bot]
30a8a9c8c3 chore(deps): update all dependencies 2024-06-11 21:31:12 +02:00
renovate[bot]
d34f8b77d5 chore(deps): update all dependencies 2024-05-13 14:19:10 +02:00
Cosmin Cojocar
8658b8eab6 Update Go to version 2.22.3 in CI and release 
Signed-off-by: Cosmin Cojocar <cosmin@cojocar.ch>
 2024-05-12 11:40:57 +02:00
renovate[bot]
cf29d543e2 chore(deps): update all dependencies 2024-05-02 10:27:10 +02:00
Cosmin Cojocar
3b23ec8f09 Update to go 1.22.2 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2024-04-08 11:51:51 +02:00
Cosmin Cojocar
903c75b05e Update go version to 1.22.1 and 1.21.8 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2024-03-07 12:23:46 +01:00
Cosmin Cojocar
26e57d6b34 Update CI to go version 1.22 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2024-02-12 10:08:56 +01:00
renovate[bot]
e60b8d88e0 chore(deps): update all dependencies 2024-02-12 09:36:56 +01:00
renovate[bot]
1285eb7300 chore(deps): update all dependencies 2024-02-05 09:59:32 +01:00
renovate[bot]
277553c23d chore(deps): update all dependencies 2024-01-22 09:42:14 +01:00