Releases: securego/gosec
Releases Β· securego/gosec
v2.21.4
v2.21.3
v2.21.2
v2.21.1
v2.21.0
Changelog
- b278b40 Update cosign version to v2.4.0 in release github workflow (#1207)
- eaedce9 Improvement the int conversion overflow logic to handle bound checks (#1194)
- ea5b276 fix: G602 support for nested conditionals with bounds check (#1201)
- 11d6903 Update go.mod to sue go 1.22.0 toolchain
- 655527d chore(deps): update all dependencies
- 0898560 Make variable name more clear
- ac67231 Make variable names more explicity and reduce duplications
- e0414c4 Fix formatting
- c7003fc Refactor to reduce some fuctions and variable names
- 2401936 Pass the value argument directly since is an interface
- f5d3128 Added suggested changes
- a14ca4a Added another test case in order to increase code coverage
- a6dd589 Removed function parameter which is always the same
- b4c7469 Formatting problems(CI was not passing)
- 7f8f654 Updated analyzer to use new way of initialization
- a26215c Migrated the rule to the analyzers folder
- 3f6e1e7 Refractored code a little bit
- 0eb8143 Added new rule G407(hardcoded IV/nonce)
- 4ae73c8 Fix conversion overflow false positive when using ParseUint
- c52dc0e Add a build step to measure the scan perfomance
- bcec04e Fix conversion overflow false positives when they are checked or pre-determined
- 71e397b Update go.mod
- aec45b0 chore(deps): update all dependencies
- ab3f6c1 Fix false positive in conversion overflow check from uint8/int8 type
- a39ec5a Disable staticcheck SA1019 rule
- a1b2ab8 Update the golangci linters
- 8467f01 Add more test to cover more use cases for G115 rule
- 81cda2f Allow excluding analyzers globally (#1180)
- 18135b4 Update to Go 1.23.0 (#1183)
- 91c708a chore(deps): update all dependencies (#1182)
- 92bac42 Read the AI API key also from an environment variable (#1181)
- 56f943b Add support to generate auto fixes using LLM (AI) (#1177)
- f33fd4b chore(deps): update all dependencies
- 55a47f3 chore(deps): update all dependencies
- a5d9ef6 chore(deps): update all dependencies
- 6842444 chore(deps): update dependency babel-standalone to v7.24.10
- 08b94f9 Resolve underlying type to detect overflows in type aliases
- 4487a0c chore(deps): update dependency babel-standalone to v7.24.8
- 0076267 Fix multifile ignores
- 2f1b81b Add -enable-audit cli flag
- 87fcb9b Update to go 1.22.5 and 1.21.12
- 466992f chore(deps): update all dependencies
- 9a4a741 Added more rules
- 6382394 Fixed coverage workflow
- 5666ea3 Fixed CI workflow
- fc0957f Minor changes
- 58e4fcc Split the G401 rule into two separate ones
- 2e71f37 Updated G401 corresponding CWE
- 3edc633 chore(deps): update docker/build-push-action action to v6
- 2ae137a Update to go versions to 1.21.11 and 1.22.4
- 30a8a9c chore(deps): update all dependencies
- ac75d44 Fix nosec when applied to a block
- ed3f51e Add more types to templates rule
- c3209fc Map the G115 rule to an CWE ID
- 45fbb27 chore(deps): update all dependencies
- 43bef71 Update README with G115 rule description
- 555fe44 Remove deprecated megacheck linter from golangci
- 81b076f Format imports
- f775eb1 Update .gitignore
- 4bf5667 Add a new rule to detect integer overflow on integer types conversion
- 5f0084e feat: add env var to override the Go version detection
- 75dd9d6 Use the proper logic when disabling the go module version
- 1e1fc91 Update the README with some details related to Go version used by the rules
- 9a03665 Add an environment varialbe which disables the parsing of Go version from module file
- b633c4c chore(deps): update module github.com/onsi/ginkgo/v2 to v2.17.3
- 40f29c8 Update docker image in action to v2.20.0
v2.20.0
Changelog
- 6fbd381 Catch os.ModePerm permissions in os.WriteFile
- dc5e5a9 Add a unit test to detect the false negative in rule G306 for os.ModePerm permissions
- 417a44c Add filepath.EvalSymlinks to clean functions in rule G304
- d34f8b7 chore(deps): update all dependencies
- 8658b8e Update Go to version 2.22.3 in CI and release
- d3b2359 chore(deps): update module golang.org/x/text to v0.15.0
- cf29d54 chore(deps): update all dependencies
- 09d62bd chore(deps): update module github.com/onsi/gomega to v1.33.0
- 3b23ec8 Update to go 1.22.2
- 31009c3 chore(deps): update all dependencies
- daf6f67 chore(deps): update module github.com/onsi/ginkgo/v2 to v2.17.1
- e27f442 chore(deps): update all dependencies
- 5513615 fix(helpers/goversion): get from go.mod
- 43b8b75 chore: fix function name
- accd7a1 chore(deps): update all dependencies
- 48aa72e Format the imports using the gci tool
- b6df69c Fixup: delete unused variable
- ccb0a08 Fix test: update test to comply with the spec of generated sources
- 3a0ea51 Refactor: use standard function to check if a file is generated
- 11c3252 Fix lint warnings
- be378e6 Add support for math/rand/v2 added in Go 1.22
- 36878a9 Skip the G601 tests for Go version 1.22
- 903c75b Update go version to 1.22.1 and 1.21.8
- f25ccd9 Ignore 'implicit memory aliasing' rule for Go 1.22+
- 582e91a chore(deps): update all dependencies
- 198a40c chore(deps): update module golang.org/x/tools to v0.18.0
- c824a5d fix(hardcoded): remove duplicated
Stripe API Key
- d13d7da Update gosec version to v2.19.0 in the Github action
v2.19.0
Changelog
- 26e57d6 Update CI to go version 1.22
- e60b8d8 chore(deps): update all dependencies
- 1285eb7 chore(deps): update all dependencies
- cf4ab3e chore(deps): update all dependencies
- 277553c chore(deps): update all dependencies
- 57ec76b chore(deps): update all dependencies
- 8fa46c1 chore(deps): update dependency babel-standalone to v7.23.7
- 53aa3f7 chore(deps): update module golang.org/x/crypto to v0.17.0 [security]
- 187adab chore(deps): update all dependencies
- e1f27ba chore(deps): update actions/setup-go action to v5
- 2aad3f0 Fix lint warnings by properly formatting the files
- 0e2a618 chore: Refactor Sample Code to Separate Files
- bc03d1c Update go version to 1.21.5 and 1.20.12 (#1084)
- 79a6b47 chore(deps): update all dependencies (#1080)
- eb256a7 Ignore the issues from generated files when using the analysis framework (#1079)
- 43b7cbf Update README with upload-sarif v2 (#1078)
- fece498 chore(deps): update dependency babel-standalone to v7.23.4
- 24c614b Added ppc64le support
- c736581 chore(deps): update all dependencies
- 3188e3f Ensure ignores are handled properly for multi-line issues
- 6d56592 Update Go to version 1.21.4 and 1.20.11
- 870103b chore(deps): update module golang.org/x/text to v0.14.0
- b50e493 chore(deps): update all dependencies
- 2f9965b Remove the hardcoded GOOS value when building the Linux binary to enable support for container image for ARM
- fa1b74d Avoid allocations with
(*regexp.Regexp).MatchString
- 64bbe90 Fix some typos
- d9071e3 Update local installation instructions by removing the details for Go 1.16
- 5d837bc Update gosec version to 2.18.2 in the action
v2.18.2
Changelog
- 55d7949 Disable dot-imports in revive linter
- 4656817 chore(deps): update module github.com/onsi/gomega to v1.28.1
- 5567ac4 Run the gosec with data race detector active during tests
- a239758 Fix data race in the analyzer
- c06903a Fix test that checks the overriden nosec directive
- bde2619 Clean global state in flgs tests
- e108c56 Format the file
- e298388 Update README with details which describe the current behaviour of #nosec
- d8a6d35 Ensure the ignores are parsed before analysing the package
- 7846db0 chore(deps): update all dependencies
- 8e0cf8c Update gosec to version 2.18.1 in the action
- 6b12a71 Update cosign version to v2.2.0
v2.18.1
Changelog
- 0ec6cd9 Refactor how ignored issues are tracked
- f338a98 Restrict the maximum depth when tracking the slice bounds
- 7e2d8d3 Handle empty ssa results
- 074353a Handle gracefully any panic that occurs when building the SSA representation of a package
- ec31a3a Fix typo
- a11eb28 Handle new function when getting the call info in case is overriden
- 5b7867d Bump golang.org/x/net from 0.16.0 to 0.17.0 (#1037)
- dd08f99 Update to Go 1.21.3 and 1.20.10 (#1035)
- 616520f Update the list of unsafe functions detected by the unsafe rule (#1033)
- 3952187 Update the action to use gosec version v2.18.0 (#1029)
- 2b62dd1 Use a step ID in github release action to get the digest of the image (#1028)
v2.18.0
Changelog
- 53fc0c3 Update to go version 1.21.2 and 1.20.9 (#1027)
- 7f7c47f chore(deps): update all dependencies (#1026)
- d864a91 Enable gochecknoinits; fix lint issues; use consts for some vars (#1022)
- 09cf6ef Fix typos in struct fields, comments, and docs (#1023)
- 665e87b chore(deps): update all dependencies
- 4def3a4 Fix lint warning
- 0d332a1 Add a new rule which detects when a file is created with os.Create but the configured permissions are less than 0666
- 293d887 Fix lint warnings
- ac482cb Update ginkgo to latest version
- e02e2f6 Redesign and reimplement the slice out of bounds check using SSA code representation
- e1278f9 docs: add reMarkable to users list
- f6a6496 chore(deps): update all dependencies
- aebe20c Drop support for go 1.19.x since go team doesn't ship anymore security fixes for it
- 7a98537 Update to latest go version
- b192f06 chore(deps): update all dependencies (#1011)
- 6c93653 Fix hardcoded_credentials rule to only match on more specific patterns (#1009)
- 325eb19 chore(deps): update all dependencies (#1008)
- beef125 Exclude maps from slince bounce check rule (#1006)
- 21d13c9 Ignore struct pointers in G601 (#1003)
- 85005c4 Update gosec image version to 2.17.0 in the Github action (#1002)
- 6a2c5e1 Update cosign to version v2.1.1 (#1000)