actions/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2024-11-05 11:35:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
1090 commits 2 branches 41 tags 20 MiB
Commit graph

113 commits

Author SHA1 Message Date
Laurent Demailly
6741874d9b
Fix running single analyzer which isn't a rule bug (#1231) 
* Fix running single analyzer which isn't a rule bug

* remove uncessary diff (even if it's proper fmt)
 2024-09-20 10:56:50 +02:00
Rahul Gadi
81cda2f91f
Allow excluding analyzers globally (#1180) 
* This change does not exclude analyzers for inline comment
* Changed the expected issues count for G103, G109 samples for test. Previously G115 has been included in the issue count
* Show analyzers IDs(G115, G602) in gosec usage help
* See #1175
 2024-08-20 10:43:40 +02:00
Cosmin Cojocar
92bac42afc
Read the AI API key also from an environment variable (#1181) 
* Read the AI API key also from an environment variable

Change-Id: If18fd025ab2ef68a3690f8a69d1c8894e44a87ef
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>

* Fix lint warning

Change-Id: Icd3eb8a029764db76596c3e171275c03a23f8cef
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>

---------

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2024-08-18 17:59:45 +02:00
Tran The Lam
56f943b802
Add support to generate auto fixes using LLM (AI) (#1177) 
This feature adds support to generate auto fixes for Go scanning findings using LLM (AI). In a first instance, it relies on Gemini API to get a suggestion for a solution. This can be later extended, to integrate also other AI providers.

---------

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
Co-authored-by: ccoVeille <3875889+ccoVeille@users.noreply.github.com>
Co-authored-by: Cosmin Cojocar <ccojocar@google.com>
 2024-08-12 12:52:41 +02:00
Alex Gartner
2f1b81b889 Add -enable-audit cli flag 2024-07-13 11:25:25 +02:00
Cosmin Cojocar
0ec6cd95d7 Refactor how ignored issues are tracked 
Track ignored issues using file location instead of a AST node. There are issues linked to a different AST node than the original node used to start the scan.

Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-10-13 14:11:08 +02:00
Oleksandr Redko
09cf6efb3e
Fix typos in struct fields, comments, and docs (#1023) 2023-10-05 12:59:17 +02:00
Cosmin Cojocar
fc570b6f1a
Add a new flag terse to show only the results and summary (#986) 
The new flag '-terse' will only show the results and summary ignoring any logs occured during a scan.

Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2023-07-18 16:21:22 +02:00
Oleksandr Redko
1f689968ec Fix typos in comments, vars and tests 2023-05-30 08:26:41 +02:00
Matthieu MOREL
d6aeaad931
correct gci linter (#946) 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2023-03-30 09:31:24 +02:00
Cosmin Cojocar
de2c6a36fa Extract the issue in its own package 2023-02-16 09:45:28 +01:00
Cosmin Cojocar
fd280360cd
Fix the TLS config rule when parsing the settings from a variable (#911) 2023-01-09 15:10:44 +01:00
Dmitry Golushko
44f484fdc7
Additional types for bad defer check (#897) 
* Additional types for bad defer check

* Ignore new check in tlsconfig.go
 2022-11-30 09:38:46 +01:00
Cosmin Cojocar
0ba05e160a chore: fix lint warnings 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2022-08-08 10:56:19 +02:00
Ludovic Fernandez
4e68fb5b15
fix: parsing of the Go version (#844) 
* fix: parsing of the Go version

* fix: convert pseudo directive to comment
 2022-08-08 09:28:41 +02:00
Cosmin Cojocar
845483e0b1 Fix lint warning 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2022-07-28 11:10:00 +02:00
Cosmin Cojocar
45bf9a6095 Check the suppressed issues when generating the exit code 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
 2022-07-28 11:10:00 +02:00
Tim Costa
9a25f4ed2d
fix: filepaths with git anywhere in them being erroneously excluded (#828) 
Co-authored-by: Tim Costa <timcosta@amazon.com>
 2022-07-06 06:46:49 +02:00
Cosmin Cojocar
607d607b51
Enable Go 1.18 in the ci and release workflows 
* Enable Go 1.18 in the ci and release workflows

* Fix lint warning

* Add golangci as a make target
 2022-03-21 16:53:22 +01:00
Per Arn
ea5d31f7f5
Add a recursive flag -r to skip specifying ./... path 
* added recursive flag to skip specifying ./... path

* refactored to remove code duplication
 2022-03-07 10:31:22 +01:00
kruskal
7d539ed494
feat: add concurrency option to parallelize package loading (#778) 
* feat: add concurrency option to parallelize package loading

* refactor: move wg.add inside the for loop

* fix: gracefully stop the workers on error

* test: add test for concurrent scan
 2022-02-16 18:23:37 +01:00
Cosmin Cojocar
7be6d4efb5
Add os.Create to the readfile rule (#761) 2022-01-12 19:33:17 +01:00
kaiili
9d66b0d346
Fix false negatives for SQL injection in multi-line queries 2022-01-05 12:05:53 +01:00
Cosmin Cojocar
ad5d74d5a1
Update to ginkgo v2 (#753) 2022-01-03 18:11:35 +01:00
kaiili
3038a30e3c
Add in the config file settings for exclude and include options 
Co-authored-by: kaiili <kaii@openingsource.org>
 2021-12-20 23:43:50 +01:00
Ville Skyttä
d23ab2d997
Remove space between // and #nosec in examples and internal use 
Comments intended for machines to read do not have the space by
convention.
 2021-12-15 19:31:14 +01:00
Yiwei Ding
b45f95f6ad
Add support for suppressing the findings 2021-12-09 11:53:36 +01:00
Ville Skyttä
f1f0056a90
Spelling fixes (#717) 2021-11-09 21:02:24 +01:00
Ryan Leung
79c8b79263
use a better naming for the variable (#715) 
Signed-off-by: Ryan Leung <rleungx@gmail.com>
 2021-10-19 11:54:51 +02:00
Matthieu MOREL
bfb0f422fe
chore(lint): enable errorlint and gci (#698) 2021-09-13 09:40:10 +02:00
Nanik
efbefc6930
fix: create a separate type for flag that has validation (#692) 2021-09-02 14:44:20 +02:00
Cosmin Cojocar
f285d612b5
Fix formatting issues with gofumpt (#685) 
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
 2021-08-18 13:16:21 +02:00
Marc Brugger
ba23b5e49a
Add possibility to list waived (nosec) marked issues but not count them as such 2021-08-18 13:00:38 +02:00
Marc Brugger
62db81342e
Allow excluding generated files 2021-08-04 17:33:20 +02:00
Matthieu MOREL
3ff0a2cc36
Fixes #644 (#645) 2021-06-13 13:28:53 +02:00
Matthieu MOREL
1256f16f33
Fix lint and fail on error in the ci build 2021-05-31 10:44:12 +02:00
Matthieu MOREL
d040f0725f
Handle gosec version in SARIF report 2021-05-20 10:16:42 +02:00
Matthieu MOREL
d8cfcd6e76
Allow the user to enable/disable colorisation of the text report in the stdout 2021-05-10 14:18:39 +02:00
Shreyas Subhedar
a8b633f124
Adding stdout and verbose flags and refactor how the report is saved 2021-05-10 10:44:55 +02:00
Matthieu MOREL
c4f5932ab7
Refactor : Replace Cwe with cwe.Weakness 2021-05-07 16:54:34 +02:00
Matthieu MOREL
ddfa25381f
Define a report package with core and per format sub-packages 2021-05-06 09:31:51 +02:00
mrtc0
0d4f1cb2cb
Support SARIF output (#539) 
* SARIF support

* add sarif option to help text
 2020-11-02 09:13:53 +01:00
xpivarc
0ce48a584f
Reproducible junit report (#529) 
* Fix junit format ordering

Signed-off-by: L. Pivarc <lpivarc@redhat.com>

* Make ordering stable

Signed-off-by: L. Pivarc <lpivarc@redhat.com>

* Test ordering

Signed-off-by: L. Pivarc <lpivarc@redhat.com>
 2020-09-29 19:17:38 +02:00
Cosmin Cojocar
13519fda59 Update the tls configuration generate to handle also the NSS alternative names 
Regenerate the configuration of TLS rule.

Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
 2020-09-03 10:54:08 +02:00
Cosmin Cojocar
3784ffea4e Fix panic when reading the version from debug info in Go 1.13 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-06-25 15:27:53 +02:00
Cosmin Cojocar
ad1cb7e47e Make sure some version information is set when no version was injected into the binary 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-06-25 09:20:55 +02:00
Hiroaki Sano
af699f6a62
Exclude .git directory from scan (#485) 2020-06-09 15:16:27 +02:00
Cosmin Cojocar
c58f3563d3 Set the default color on only for text format 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-04-14 09:33:44 -07:00
Cosmin Cojocar
1a113d6da9 Turn the color always on when the text format is set 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-04-14 02:21:37 -07:00
Marco Antônio Singer
656691b387
feature(formatter/text): Add color option on text format (#460) 
* feature(issue): Add function to return file path and line number

* docs(formatter/CreateReport): Update formats accepted

* feature(formatter): Add color output for text format

Basic color support for text format. For now, only the "Summary" title
and "Issues" section has color

* feature(formatter): Highlight issues based on severity

Given an issue, the file path is painted based on its severity.
We're using the following rules: high is red, medium is yellow and
low is simple black & white

* feature(main): Add color flag

It's only valid for text format

* refactor(formatter): Passing color flag forward
 2020-04-14 09:50:02 +02:00