Releases: securego/gosec
Releases Β· securego/gosec
v2.22.0
Changelog
- e0cca6f Update what message for G104 (#1282)
- 534689b chore(deps): update module github.com/onsi/ginkgo/v2 to v2.22.2 (#1281)
- eb95db1 chore(deps): update all dependencies (#1280)
- 6c6da40 chore(deps): update all dependencies (#1279)
- b12f51f Simplify sortIssues implementation (#1277)
- 54c2185 Enable testifylint and fix up lint issues (#1276)
- 36c81ed Refactor AppendError to check for build.NoGoError (#1273)
- 9a2d74f chore(deps): update module golang.org/x/net to v0.33.0 [security] (#1275)
- 4c5ad91 Update README.md (#1274)
- e21b4d4 Rule documentation updates (#1272)
- 92de0ee Replace old golang.org links with new go.dev (#1271)
- 4fda076 Refactor AppendError to use strings.Contains (#1270)
- b01f49e Simplify Analyzer.ignore by reducing nesting (#1269)
- b62cc33 Improve capitalization in AI API flags descriptions (#1267)
- bc77d16 Remove unused golint dependency (#1266)
- ef1a35f Simplify tests by using GinkgoT().TempDir() (#1265)
- 09b9143 Documentation on adding new rules and analyzers (#1262)
- 1bd92a8 chore(deps): update all dependencies (#1268)
- ca55eca Update to go 1.22.10 and 1.23.4 versions (#1264)
- 329cad8 chore(deps): update module golang.org/x/crypto to v0.31.0 [security] (#1263)
- 08beb25 chore(deps): update all dependencies (#1261)
- d566be2 chore(deps): update module github.com/onsi/gomega to v1.36.0 (#1259)
- 8c602d0 fix: revive.redefines-builtin-id lint warnings (#1257)
- 399e835 Fix typos in comments and fields
- 229cf63 Remove the decryption funtions/methods from G407 check
- 699cb55 Upate go to version 1.23.3 and 1.22.9
- 9b13cd5 Fix G115 false positive when going from parsed uint to larger int
- 08ea2a5 chore(deps): update all dependencies
- 4415613 chore(deps): update all dependencies
- 3274716 chore(deps): update all dependencies
- 1fb6a46 chore(deps): update all dependencies
- d2c92ed chore(deps): update all dependencies
- 4fd9872 Update go version to 1.23.2 and 1.22.8
- 1501618 chore(deps): update module google.golang.org/api to v0.201.0
- 7d33bc1 chore(deps): update all dependencies
- bd8b4b4 chore(deps): update all dependencies
- 1216c9b Fix the cosign step to authenticate with the container registry
- 50d1b4a chore(deps): update module google.golang.org/api to v0.199.0
- c0ba7c7 Update the gosec to v2.21.4 in the Github action
- a3299ce Add the version into goreleaser config
v2.21.4
v2.21.3
v2.21.2
v2.21.1
v2.21.0
Changelog
- b278b40 Update cosign version to v2.4.0 in release github workflow (#1207)
- eaedce9 Improvement the int conversion overflow logic to handle bound checks (#1194)
- ea5b276 fix: G602 support for nested conditionals with bounds check (#1201)
- 11d6903 Update go.mod to sue go 1.22.0 toolchain
- 655527d chore(deps): update all dependencies
- 0898560 Make variable name more clear
- ac67231 Make variable names more explicity and reduce duplications
- e0414c4 Fix formatting
- c7003fc Refactor to reduce some fuctions and variable names
- 2401936 Pass the value argument directly since is an interface
- f5d3128 Added suggested changes
- a14ca4a Added another test case in order to increase code coverage
- a6dd589 Removed function parameter which is always the same
- b4c7469 Formatting problems(CI was not passing)
- 7f8f654 Updated analyzer to use new way of initialization
- a26215c Migrated the rule to the analyzers folder
- 3f6e1e7 Refractored code a little bit
- 0eb8143 Added new rule G407(hardcoded IV/nonce)
- 4ae73c8 Fix conversion overflow false positive when using ParseUint
- c52dc0e Add a build step to measure the scan perfomance
- bcec04e Fix conversion overflow false positives when they are checked or pre-determined
- 71e397b Update go.mod
- aec45b0 chore(deps): update all dependencies
- ab3f6c1 Fix false positive in conversion overflow check from uint8/int8 type
- a39ec5a Disable staticcheck SA1019 rule
- a1b2ab8 Update the golangci linters
- 8467f01 Add more test to cover more use cases for G115 rule
- 81cda2f Allow excluding analyzers globally (#1180)
- 18135b4 Update to Go 1.23.0 (#1183)
- 91c708a chore(deps): update all dependencies (#1182)
- 92bac42 Read the AI API key also from an environment variable (#1181)
- 56f943b Add support to generate auto fixes using LLM (AI) (#1177)
- f33fd4b chore(deps): update all dependencies
- 55a47f3 chore(deps): update all dependencies
- a5d9ef6 chore(deps): update all dependencies
- 6842444 chore(deps): update dependency babel-standalone to v7.24.10
- 08b94f9 Resolve underlying type to detect overflows in type aliases
- 4487a0c chore(deps): update dependency babel-standalone to v7.24.8
- 0076267 Fix multifile ignores
- 2f1b81b Add -enable-audit cli flag
- 87fcb9b Update to go 1.22.5 and 1.21.12
- 466992f chore(deps): update all dependencies
- 9a4a741 Added more rules
- 6382394 Fixed coverage workflow
- 5666ea3 Fixed CI workflow
- fc0957f Minor changes
- 58e4fcc Split the G401 rule into two separate ones
- 2e71f37 Updated G401 corresponding CWE
- 3edc633 chore(deps): update docker/build-push-action action to v6
- 2ae137a Update to go versions to 1.21.11 and 1.22.4
- 30a8a9c chore(deps): update all dependencies
- ac75d44 Fix nosec when applied to a block
- ed3f51e Add more types to templates rule
- c3209fc Map the G115 rule to an CWE ID
- 45fbb27 chore(deps): update all dependencies
- 43bef71 Update README with G115 rule description
- 555fe44 Remove deprecated megacheck linter from golangci
- 81b076f Format imports
- f775eb1 Update .gitignore
- 4bf5667 Add a new rule to detect integer overflow on integer types conversion
- 5f0084e feat: add env var to override the Go version detection
- 75dd9d6 Use the proper logic when disabling the go module version
- 1e1fc91 Update the README with some details related to Go version used by the rules
- 9a03665 Add an environment varialbe which disables the parsing of Go version from module file
- b633c4c chore(deps): update module github.com/onsi/ginkgo/v2 to v2.17.3
- 40f29c8 Update docker image in action to v2.20.0
v2.20.0
Changelog
- 6fbd381 Catch os.ModePerm permissions in os.WriteFile
- dc5e5a9 Add a unit test to detect the false negative in rule G306 for os.ModePerm permissions
- 417a44c Add filepath.EvalSymlinks to clean functions in rule G304
- d34f8b7 chore(deps): update all dependencies
- 8658b8e Update Go to version 2.22.3 in CI and release
- d3b2359 chore(deps): update module golang.org/x/text to v0.15.0
- cf29d54 chore(deps): update all dependencies
- 09d62bd chore(deps): update module github.com/onsi/gomega to v1.33.0
- 3b23ec8 Update to go 1.22.2
- 31009c3 chore(deps): update all dependencies
- daf6f67 chore(deps): update module github.com/onsi/ginkgo/v2 to v2.17.1
- e27f442 chore(deps): update all dependencies
- 5513615 fix(helpers/goversion): get from go.mod
- 43b8b75 chore: fix function name
- accd7a1 chore(deps): update all dependencies
- 48aa72e Format the imports using the gci tool
- b6df69c Fixup: delete unused variable
- ccb0a08 Fix test: update test to comply with the spec of generated sources
- 3a0ea51 Refactor: use standard function to check if a file is generated
- 11c3252 Fix lint warnings
- be378e6 Add support for math/rand/v2 added in Go 1.22
- 36878a9 Skip the G601 tests for Go version 1.22
- 903c75b Update go version to 1.22.1 and 1.21.8
- f25ccd9 Ignore 'implicit memory aliasing' rule for Go 1.22+
- 582e91a chore(deps): update all dependencies
- 198a40c chore(deps): update module golang.org/x/tools to v0.18.0
- c824a5d fix(hardcoded): remove duplicated
Stripe API Key
- d13d7da Update gosec version to v2.19.0 in the Github action
v2.19.0
Changelog
- 26e57d6 Update CI to go version 1.22
- e60b8d8 chore(deps): update all dependencies
- 1285eb7 chore(deps): update all dependencies
- cf4ab3e chore(deps): update all dependencies
- 277553c chore(deps): update all dependencies
- 57ec76b chore(deps): update all dependencies
- 8fa46c1 chore(deps): update dependency babel-standalone to v7.23.7
- 53aa3f7 chore(deps): update module golang.org/x/crypto to v0.17.0 [security]
- 187adab chore(deps): update all dependencies
- e1f27ba chore(deps): update actions/setup-go action to v5
- 2aad3f0 Fix lint warnings by properly formatting the files
- 0e2a618 chore: Refactor Sample Code to Separate Files
- bc03d1c Update go version to 1.21.5 and 1.20.12 (#1084)
- 79a6b47 chore(deps): update all dependencies (#1080)
- eb256a7 Ignore the issues from generated files when using the analysis framework (#1079)
- 43b7cbf Update README with upload-sarif v2 (#1078)
- fece498 chore(deps): update dependency babel-standalone to v7.23.4
- 24c614b Added ppc64le support
- c736581 chore(deps): update all dependencies
- 3188e3f Ensure ignores are handled properly for multi-line issues
- 6d56592 Update Go to version 1.21.4 and 1.20.11
- 870103b chore(deps): update module golang.org/x/text to v0.14.0
- b50e493 chore(deps): update all dependencies
- 2f9965b Remove the hardcoded GOOS value when building the Linux binary to enable support for container image for ARM
- fa1b74d Avoid allocations with
(*regexp.Regexp).MatchString
- 64bbe90 Fix some typos
- d9071e3 Update local installation instructions by removing the details for Go 1.16
- 5d837bc Update gosec version to 2.18.2 in the action
v2.18.2
Changelog
- 55d7949 Disable dot-imports in revive linter
- 4656817 chore(deps): update module github.com/onsi/gomega to v1.28.1
- 5567ac4 Run the gosec with data race detector active during tests
- a239758 Fix data race in the analyzer
- c06903a Fix test that checks the overriden nosec directive
- bde2619 Clean global state in flgs tests
- e108c56 Format the file
- e298388 Update README with details which describe the current behaviour of #nosec
- d8a6d35 Ensure the ignores are parsed before analysing the package
- 7846db0 chore(deps): update all dependencies
- 8e0cf8c Update gosec to version 2.18.1 in the action
- 6b12a71 Update cosign version to v2.2.0
v2.18.1
Changelog
- 0ec6cd9 Refactor how ignored issues are tracked
- f338a98 Restrict the maximum depth when tracking the slice bounds
- 7e2d8d3 Handle empty ssa results
- 074353a Handle gracefully any panic that occurs when building the SSA representation of a package
- ec31a3a Fix typo
- a11eb28 Handle new function when getting the call info in case is overriden
- 5b7867d Bump golang.org/x/net from 0.16.0 to 0.17.0 (#1037)
- dd08f99 Update to Go 1.21.3 and 1.20.10 (#1035)
- 616520f Update the list of unsafe functions detected by the unsafe rule (#1033)
- 3952187 Update the action to use gosec version v2.18.0 (#1029)
- 2b62dd1 Use a step ID in github release action to get the digest of the image (#1028)