Skip to content

Bump github.com/securego/gosec/v2 from 2.5.0 to 2.8.0 in /internal/tools #33

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Bump github.com/securego/gosec/v2 from 2.5.0 to 2.8.0 in /internal/tools #33

wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github May 27, 2021

Bumps github.com/securego/gosec/v2 from 2.5.0 to 2.8.0.

Release notes

Sourced from github.com/securego/gosec/v2's releases.

v2.8.0

Changelog

9fc8e20 Add favicon for HTML template (#628) 91dae7f Update the design of HTML report e72f54e Fix HTML template and display the gosec version c3f25b8 fix html report tag styling (#623) 433a674 show nosec in html report summary (#621) d040f07 Handle gosec version in SARIF report 51f7411 Add arm64 support (#618) e7ac882 Update go version to 1.16 (#616) 3a9a6ad Sarif provide Snippet with Issue.Code 1325319 Create dependabot.yml (#614) d8cfcd6 Allow the user to enable/disable colorisation of the text report in the stdout a8b633f Adding stdout and verbose flags and refactor how the report is saved 103c429 Enable golangcli and improve testing for formatters 4df7f1c Fix typos, Go Report link and Gofmt f4ea33d Update how the test coverage is generated c4f5932 Refactor : Replace Cwe with cwe.Weakness ddfa253 Define a report package with core and per format sub-packages cc83d4c Generate the SARIF types, handle taxonomies and separate responsibilities 0fa5d0b Fix the go modules after updating to get the tests passing (#605) 3763953 Migrate sonar types in a dedicated package (#604) b519743 chore(deps): update all dependencies (#599) 569328e Fix typos (#594) 0695fa0 Add -u to local install instructions (#595) 7f2308b Tidy up the moduels after updating (#593) f21b0b8 chore(deps): update all dependencies (#592) 148e608 Adding KICS to USERS.md (#590)

v2.7.0

Changelog

27a5ffb Quiet warnings about integer truncation (#586) bf2cd23 Update all dependencies (#585) 01ee764 Fix typo in USERS.md (#583) 9c047e3 Add support for Go 1.16 in the CI and release workflows (#581) 1fce461 fix: WriteParams rule to work also with golang 1.16 (#577) dcbcc4d Use a more generic path for sonarqube import path (#573) 2777e50 Update README with a note which describes how to import a SonarQube report (#572) 897c203 Reset the state of TLS rule after each version check (#570) 6c57ae1 Fix sarif formatting issues (#565) b6524ce Update all dependencies

v2.6.1

Changelog

00bbbd8 Fix the release workflow to allow unsecure commands

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label May 27, 2021
@dependabot dependabot bot mentioned this pull request May 27, 2021
Closed
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Jun 18, 2021

Superseded by #39.

@dependabot dependabot bot closed this Jun 18, 2021
@dependabot dependabot bot deleted the dependabot/go_modules/internal/tools/github.com/securego/gosec/v2-2.8.0 branch June 18, 2021 20:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant