Commit graph

104 commits

Author SHA1 Message Date
Cosmin Cojocar
0ce4453ddd
Rollback the SARIF version to 2.1 since github doesn't support 2.2 (#1210)
Change-Id: If3500ec2c522339ca0a4e6c1f58574ce3cc870a9

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-04 16:56:15 +02:00
renovate[bot]
655527dfb4 chore(deps): update all dependencies 2024-09-02 09:46:29 +02:00
Dimitar Banchev
0eb8143c23 Added new rule G407(hardcoded IV/nonce)
The rule is supposed to detect for the usage of hardcoded or static nonce/Iv in many encryption algorithms:

* The different modes of AES (mainly tested here)
* It should be able to work with ascon

Currently the rules doesn't check when constant variables are used.

TODO: Improve the rule, to detected for constatant variable usage
2024-08-30 19:35:07 +02:00
renovate[bot]
aec45b0b7d chore(deps): update all dependencies 2024-08-26 16:47:36 +02:00
Tran The Lam
56f943b802
Add support to generate auto fixes using LLM (AI) (#1177)
This feature adds support to generate auto fixes for Go scanning findings using LLM (AI). In a first instance, it relies on Gemini API to get a suggestion for a solution. This can be later extended, to integrate also other AI providers.

---------

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
Co-authored-by: ccoVeille <3875889+ccoVeille@users.noreply.github.com>
Co-authored-by: Cosmin Cojocar <ccojocar@google.com>
2024-08-12 12:52:41 +02:00
renovate[bot]
55a47f3774 chore(deps): update all dependencies 2024-08-05 17:38:32 +02:00
renovate[bot]
a5d9ef67e2 chore(deps): update all dependencies 2024-07-29 10:58:28 +02:00
renovate[bot]
68424445af chore(deps): update dependency babel-standalone to v7.24.10 2024-07-23 11:43:16 +02:00
renovate[bot]
4487a0c5a2 chore(deps): update dependency babel-standalone to v7.24.8 2024-07-15 09:13:59 +02:00
renovate[bot]
466992feca chore(deps): update all dependencies 2024-07-08 15:49:41 +02:00
Dimitar Banchev
9a4a741e6b Added more rules
* Rule G406 responsible for the usage of deprecated MD4 and RIPEMD160 added.
* Rules G506, G507 responsible for tracking the usage of the already mentioned libraries added.
* Slight changes in the Makefile(`make clean` wasn't removing all expected files)
* Added license to `analyzer_test.go`
2024-06-25 13:18:27 +02:00
Dimitar Banchev
58e4fccc13 Split the G401 rule into two separate ones
Now the G401 rule is split into hashing and encryption algorithms.

G401 is responsible for checking the usage of MD5 and SHA1, with corresponding CWE of 328.
And G405(New rule) is responsible for checking the usege of DES and RC4, with corresponding CWE of 327.
2024-06-24 15:25:54 +02:00
renovate[bot]
30a8a9c8c3 chore(deps): update all dependencies 2024-06-11 21:31:12 +02:00
renovate[bot]
45fbb27d87 chore(deps): update all dependencies 2024-05-27 13:03:14 +02:00
renovate[bot]
cf29d543e2 chore(deps): update all dependencies 2024-05-02 10:27:10 +02:00
renovate[bot]
31009c3db8 chore(deps): update all dependencies 2024-04-08 11:41:11 +02:00
renovate[bot]
e27f442499 chore(deps): update all dependencies 2024-03-25 11:02:28 +01:00
renovate[bot]
582e91af06 chore(deps): update all dependencies 2024-03-04 10:10:31 +01:00
renovate[bot]
1285eb7300 chore(deps): update all dependencies 2024-02-05 09:59:32 +01:00
renovate[bot]
cf4ab3ea7c chore(deps): update all dependencies 2024-01-29 09:48:13 +01:00
renovate[bot]
57ec76b97b chore(deps): update all dependencies 2024-01-15 09:52:33 +01:00
renovate[bot]
8fa46c1e3e chore(deps): update dependency babel-standalone to v7.23.7 2024-01-03 09:54:15 +01:00
renovate[bot]
187adabe34 chore(deps): update all dependencies 2023-12-18 10:42:31 +01:00
renovate[bot]
79a6b475f0
chore(deps): update all dependencies (#1080)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-04 10:06:03 +01:00
renovate[bot]
fece49805b chore(deps): update dependency babel-standalone to v7.23.4 2023-11-27 09:30:11 +01:00
renovate[bot]
c736581f85 chore(deps): update all dependencies 2023-11-13 09:45:27 +01:00
renovate[bot]
7846db034c chore(deps): update all dependencies 2023-10-16 09:29:43 +02:00
renovate[bot]
7f7c47fefe
chore(deps): update all dependencies (#1026)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-10-09 09:22:00 +02:00
Oleksandr Redko
09cf6efb3e
Fix typos in struct fields, comments, and docs (#1023) 2023-10-05 12:59:17 +02:00
renovate[bot]
665e87b287 chore(deps): update all dependencies 2023-10-05 12:58:26 +02:00
renovate[bot]
f6a64969a3 chore(deps): update all dependencies 2023-09-18 08:40:10 +02:00
renovate[bot]
b192f06cca
chore(deps): update all dependencies (#1011)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-11 10:53:32 +02:00
renovate[bot]
325eb19a54
chore(deps): update all dependencies (#1008)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-04 09:12:42 +02:00
renovate[bot]
4b458c4f59
chore(deps): update all dependencies (#997)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-14 09:36:16 +02:00
renovate[bot]
e76ad70182
chore(deps): update all dependencies (#982)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-17 10:13:40 +02:00
renovate[bot]
ef8f560d84
chore(deps): update all dependencies (#976)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-10 10:37:30 +02:00
renovate[bot]
82364a710c
chore(deps): update all dependencies (#974)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-06-19 09:15:01 +02:00
Oleksandr Redko
1f689968ec Fix typos in comments, vars and tests 2023-05-30 08:26:41 +02:00
renovate[bot]
e1484658ac chore(deps): update all dependencies 2023-05-30 08:25:13 +02:00
renovate[bot]
970cc2957f
chore(deps): update all dependencies (#955)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-05-03 09:46:14 +02:00
renovate[bot]
780ebd0819
chore(deps): update all dependencies (#947)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-04-03 10:17:38 +02:00
Matthieu MOREL
d6aeaad931
correct gci linter (#946)
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
2023-03-30 09:31:24 +02:00
Cosmin Cojocar
6a73248135 Fix some linting warnings 2023-03-20 10:25:45 +01:00
Cosmin Cojocar
83fc5e63fa Fix lint warning 2023-03-20 10:25:45 +01:00
renovate[bot]
e7bfcd1d53
chore(deps): update all dependencies (#942)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-03-20 09:23:03 +01:00
Cosmin Cojocar
27bf0e4f9b
Fix rule index reference into sarif report (#934) 2023-02-21 11:43:38 +01:00
Cosmin Cojocar
de2c6a36fa Extract the issue in its own package 2023-02-16 09:45:28 +01:00
renovate[bot]
54f56c7d6a
chore(deps): update all dependencies (#922)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-06 14:16:49 +01:00
Cosmin Cojocar
df14837174
Update to Go 1.20 and fix unit tests (#923)
* Fix unit tests for Go 1.20

* Update to Go 1.20 in the build scripts

* Remove support for 1.18 in the build

* Fix the golangci lint version according to Go version used

* Fix golangci version string

* Fix gci linter warning

* Remove golint in favour of golangci
2023-02-06 14:15:05 +01:00
Cosmin Cojocar
a522ae6f5f
Fix build after updating the dependencies (#910) 2023-01-09 09:42:20 +01:00