alpTom/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2026-01-15 09:53:40 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,221 Commits 8 Branches 53 Tags
update_go
Commit Graph

1221 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Cosmin Cojocar
ed925e017d Update go version to 1.25.5 and 1.24.11 in CI 
Change-Id: I76ec41968949796816c3242fb36c8fb39e56a731
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-12-03 08:48:55 +00:00
renovate[bot]
fde7515239 chore(deps): update all dependencies (#1425) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-12-02 09:31:48 +01:00
Bo-Yi Wu
20c9506c19 feat(ai): add support for latest Claude models and update provider flags (#1423) 
- Add support for "claude-sonnet-4-5" and "claude-haiku-4-5" models
- Update provider flag help to include new Claude model options

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2025-11-24 16:09:07 +01:00
dependabot[bot]
bd9e372f20 Bump golang.org/x/crypto from 0.43.0 to 0.45.0 (#1427) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.43.0 to 0.45.0.
- [Commits](https://github.com/golang/crypto/compare/v0.43.0...v0.45.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.45.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-24 16:04:08 +01:00
renovate[bot]
7aa7e93872 chore(deps): update module golang.org/x/crypto to v0.45.0 [security] (#1428) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-11-24 16:02:08 +01:00
Sebastian Rühl
a58917f611 fix: correct schema with temporary placeholder (#1418) 2025-11-11 10:24:32 +01:00
Ian
8b0d0b8871 perf: skip SSA analysis if no analyzers are loaded (#1419) 2025-11-10 10:28:13 +01:00
Sebastian Rühl
8a5d01aca5 test: add sarif validation (#1417) 2025-11-10 10:12:07 +01:00
renovate[bot]
a8fefd17f7 chore(deps): update all dependencies (#1421) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-11-10 10:10:57 +01:00
Cosmin Cojocar
c34cbbf565 Update go to version 1.25.4 and 1.24.10 in CI (#1415) 
fixes #1404

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-11-06 17:09:17 +01:00
Matthew Hartstonge
10cf58a4a4 fix: build tag parsing. (#1413) 
* fix: build tag parsing.

* chore: lint fixes.
 2025-11-05 10:46:27 +01:00
renovate[bot]
d2d734859c chore(deps): update all dependencies (#1411) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-11-03 10:03:44 +01:00
renovate[bot]
afa853e9eb chore(deps): update all dependencies (#1409) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-10-27 13:59:17 +01:00
renovate[bot]
6b2e6e45a6 chore(deps): update all dependencies (#1408) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-10-20 14:51:49 +02:00
Cosmin Cojocar
0adab9d9be Update gosec to version v2.22.10 in the github action (#1405) 
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-10-15 10:18:27 +02:00
Cosmin Cojocar
6be2b51fd7 Update go to version 1.25.3 and 1.24.9 in CI (#1404) 
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
v2.22.10 		2025-10-14 14:54:01 +02:00
renovate[bot]
fddb9427b8 chore(deps): update all dependencies (#1402) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-10-13 09:54:49 +02:00
Cosmin Cojocar
f6760311e8 Update go to version 1.25.2 and 2.24.8 in CI (#1401) 
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-10-08 12:55:04 +02:00
renovate[bot]
35f7ec2ca2 chore(deps): update all dependencies (#1399) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-10-06 10:06:01 +02:00
kondratev
01029f0a74 check nil slices, partially check bounds (#1396) 
* check nil slices, partially check bounds

* add tests, cleanup, add fixed array

* cleanup

* lint

* looks like go bug, add second check

* ohh

* check instruction position

---------

Co-authored-by: Kondratev Pavel <kondratev_pa@magnit.ru>
 2025-10-03 10:41:33 +02:00
Cosmin Cojocar
34db3de0ee Remove unused target from the makefile 
Change-Id: Ic663c249a5529114d386e59f522386f132e13879
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-10-02 10:35:04 +00:00
Cosmin Cojocar
f5a3b7ab78 Use the ginkgo command install by the dependencies 
Change-Id: Ia8a28cd79a61fc8a95ac9a7700ad1a436874da6f
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-10-02 10:35:04 +00:00
Cosmin Cojocar
761fcbc36c Keep the go module at 1.24 version for compatibility reasons 
Change-Id: I4a572ee651896232fe4b5d51b9ee9b4896ee0f50
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-10-02 10:35:04 +00:00
Cosmin Cojocar
2238079261 Remove manual test deps 
It is not required anymore to install the test dependencies seprately.
They are now managed by the go module file.

Change-Id: I67bb8ca4619e36477a62b24692b795e16c89397b
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-10-02 10:35:04 +00:00
Sebastian Rühl
bb08aa3188 fix: text must be supplied when markdown is used 
https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/os/sarif-v2.1.0-errata01-os-complete.html#_Toc141790720

Fixes https://github.com/securego/gosec/issues/1393
 2025-10-01 08:08:21 +00:00
Sebastian Rühl
23597d2569 fix: improve error message of CheckAnalyzers 2025-09-29 15:45:53 +00:00
Sebastian Rühl
8d7e9d598b fix: log panic on SSA 2025-09-29 15:45:53 +00:00
renovate[bot]
0d8255e75e chore(deps): update all dependencies 2025-09-29 07:58:47 +00:00
Cosmin Cojocar
f9c52aac4b Update gosec to version v.22.9 in the github action 
Change-Id: Ib3a1fa4255b4fdff577cc97492bf4696553a4a43
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-09-22 09:18:06 +00:00
Cosmin Cojocar
15d5c61e86 Update cosign to v2.6.0 and go in the CI to latest version 
Change-Id: I1754871a875f82fa1177793e74a41cc88ef4059f
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
v2.22.9 		2025-09-22 08:42:03 +00:00
Matteo Calabrò
7b8713e2c9 fix(autofix): unnecessary conversion 2025-09-22 08:24:39 +00:00
Matteo Calabrò
64ebfc0106 feat(autofix): update gemini sdk and add anthropic claude 
* upgrade gemini sdk to google.golang.org/genai v1.25.0
* support newer gemini models
* add anthropic claude
 2025-09-22 08:24:39 +00:00
Eshani Parulekar
506407e7df feat(G304): add os.Root remediation hint (Autofix) when Go >= 1.24 2025-09-16 14:37:06 +00:00
renovate[bot]
3ead143f0a chore(deps): update all dependencies 2025-09-15 07:25:27 +00:00
Eshani Parulekar
e81fba3c3a refactor(G304): remove unused trackJoin helper; no functional change 2025-09-12 13:52:23 +00:00
Eshani Parulekar
ab078db7b0 style: gofmt rules/readfile.go 2025-09-12 13:52:23 +00:00
Eshani Parulekar
e6218c83ec test(g304): add samples for var perm and var flag with cleaned path\n\n- Ensure G304 does not fire when only non-path args (flag/perm) are variables\n- Both samples use filepath.Clean on the path arg\n- Rules suite remains green (42 passed) 2025-09-12 13:52:23 +00:00
Eshani Parulekar
79f835d9c7 rules(G304): analyze only path arg; ignore flag/perm vars; track Clean and safe Join; fix nil-context panic\n\n- Limit G304 checks to first arg (path) for os.Open/OpenFile/ReadFile, avoiding false positives when flag/perm are variables\n- Track filepath.Clean so cleaned identifiers are treated as safe\n- Consider safe joins: filepath.Join(const|resolvedBase, Clean(var)|cleanedIdent)\n- Record Join(...) assigned to identifiers and allow if later cleaned\n- Fix panic by passing non-nil context in trackJoinAssignStmt\n- All rules tests: 42 passed 2025-09-12 13:52:23 +00:00
Eshani Parulekar
40ac53017b rules(G202): detect SQL concat in ValueSpec declarations; add test sample\n\n- Handle var query string = 'SELECT ...' + user style declarations\n- Reuse existing binary expr detection on ValueSpec.Values\n- Add postgres sample mirroring issue #1309 report\n- Rules tests: 42 passed 2025-09-12 13:27:02 +00:00
renovate[bot]
4be6b11bbc chore(deps): update all dependencies 2025-09-08 11:06:08 +00:00
renovate[bot]
5af1117217 chore(deps): update all dependencies 2025-08-25 08:18:38 +00:00
renovate[bot]
287b46c018 chore(deps): update all dependencies 2025-08-18 07:59:10 +00:00
Cosmin Cojocar
cee0aeae8a Update gosec version to v2.22.8 in the Github action 
Change-Id: Ifc3c472f6c6aa08bda00ab57298fd7d383ab8325
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-08-14 13:16:42 +00:00
Cosmin Cojocar
c9453023c4 Add support for go version 1.25.0 
Change-Id: Ia694411be7e861177970485cc6185af5a6944686
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
v2.22.8 		2025-08-14 12:38:12 +00:00
Cosmin Cojocar
ef7adab98c Update go version in CI to 1.24.6 and 1.23.12 
Change-Id: I940b6382282fa2609736a62491c22b3e9319f430
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-08-11 13:42:46 +00:00
renovate[bot]
e201bb86c2 chore(deps): update all dependencies 2025-08-11 08:54:42 +00:00
renovate[bot]
ba592afef6 chore(deps): update all dependencies 2025-07-28 09:33:21 +00:00
Cosmin Cojocar
2ef6017991 Update github action to release v2.22.7 
Change-Id: I827d332eb4ad80fbddbabccc4d501d2968449aab
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-07-21 15:54:30 +00:00
Cosmin Cojocar
32975f4bab Fix crash in hardcoded_nonce analyzer 
Change-Id: If5ed3709d6e1ddced1be555477dd0f5451aab901
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
v2.22.7 		2025-07-21 15:19:49 +00:00
Cosmin Cojocar
6ea6b35e61 Update go action to use release v2.22.6 
Change-Id: I9081035b07d8b254034468af77d65d48c7c06ecb
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-07-21 10:49:17 +00:00