renovate[bot]
26f038913f
chore(deps): update all dependencies ( #886 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-31 09:23:49 +01:00
renovate[bot]
7f91d85b65
chore(deps): update all dependencies ( #884 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-24 09:20:26 +02:00
renovate[bot]
a2719d3248
chore(deps): update all dependencies ( #881 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-17 10:14:22 +02:00
Sebastiaan van Stijn
ed386818fd
go.mod: ginkgo/v2 v2.3.1, golang.org/x/text v0.3.8, update go versions ( #880 )
...
* gha: remove go1.17, temporarily force 1.18.7, 1.19.2
The security scanner is flagging the code to have a vulnerability, but it's
detecting that we're running go1.18.6, not "latest" (go1.18.7 at time of writing).
Temporarily pinning to go1.18.7 to force installing the latest version:
Vulnerability #1 : GO-2022-1039
Programs which compile regular expressions from untrusted
sources may be vulnerable to memory exhaustion or denial of
service. The parsed regexp representation is linear in the size
of the input, but in some cases the constant factor can be as
high as 40,000, making relatively small regexps consume much
larger amounts of memory. After fix, each regexp being parsed is
limited to a 256 MB memory footprint. Regular expressions whose
representation would use more space than that are rejected.
Normal use of regular expressions is unaffected.
Call stacks in your code:
Error: helpers.go:463:26: github.com/securego/gosec/v2.ExcludedDirsRegExp calls regexp.MustCompile, which eventually calls regexp/syntax.Parse
Found in: regexp/syntax@go1.18.6
Fixed in: regexp/syntax@go1.19.2
More info: https://pkg.go.dev/vuln/GO-2022-1039
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* go.mod: github.com/onsi/ginkgo/v2 v2.3.1
CI was failing because of a mismatch:
/home/runner/go/bin/ginkgo -v --fail-fast
Ginkgo detected a version mismatch between the Ginkgo CLI and the version of Ginkgo imported by your packages:
Ginkgo CLI Version:
2.3.1
Mismatched package versions found:
2.2.0 used by gosec
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* go.mod: golang.org/x/text v0.3.8
to address GO-2022-1059
The vulnerabilities below are in packages that you import, but your code
doesn't appear to call any vulnerable functions. You may not need to take any
action. See https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck
for details.
Vulnerability #1 : GO-2022-1059
An attacker may cause a denial of service by crafting an Accept-Language
header which ParseAcceptLanguage will take significant time to parse.
Found in: golang.org/x/text/language@v0.3.7
Fixed in: golang.org/x/text/language@v0.3.8
More info: https://pkg.go.dev/vuln/GO-2022-1059
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-10-17 10:05:13 +02:00
renovate[bot]
f9ad0d88a1
chore(deps): update all dependencies ( #875 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-10 09:27:01 +02:00
renovate[bot]
bb4a1e3544
chore(deps): update all dependencies ( #872 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-04 09:23:21 +02:00
renovate[bot]
e244c811ea
chore(deps): update all dependencies ( #868 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-22 11:18:20 +02:00
renovate[bot]
180fc23b72
chore(deps): update all dependencies
2022-09-12 09:35:57 +02:00
renovate[bot]
aaaf80c9a7
chore(deps): update all dependencies
2022-09-05 09:42:37 +02:00
renovate[bot]
ae58325bfe
chore(deps): update all dependencies
2022-08-29 10:21:47 +02:00
renovate[bot]
a319b668cd
chore(deps): update golang.org/x/crypto digest to bc19a97
2022-08-22 09:57:21 +02:00
renovate[bot]
1b0873a235
chore(deps): update module golang.org/x/tools to v0.1.12 ( #840 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-08-02 08:08:23 +02:00
renovate[bot]
3cda47a9b8
chore(deps): update all dependencies ( #836 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-07-26 10:57:36 +02:00
renovate[bot]
7dd9ddd583
chore(deps): update golang.org/x/crypto digest to 0559593 ( #826 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-07-06 06:34:31 +02:00
renovate[bot]
a9b0ef0a11
chore(deps): update all dependencies ( #822 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-06-13 19:48:12 +02:00
Thomas Gorham
c3ede62822
Update x/tools to pick up fix for golang/go#51629 ( #817 )
2022-05-29 17:41:10 +02:00
renovate[bot]
0a929c7b6c
chore(deps): update all dependencies ( #816 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-05-29 17:36:29 +02:00
renovate[bot]
12be14859b
chore(deps): update all dependencies ( #812 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-05-09 12:02:57 +02:00
renovate[bot]
0dcc3362ae
chore(deps): update all dependencies ( #811 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-05-02 21:00:33 +02:00
Cosmin Cojocar
a64cde55a4
Fix the dependencies after renovate upate ( #806 )
2022-04-11 20:21:09 +02:00
Cosmin Cojocar
2ef1d9a037
Fix build after renovate update ( #800 )
2022-03-28 20:38:14 +02:00
renovate[bot]
8af0af7611
chore(deps): update all dependencies ( #789 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-14 14:10:28 +01:00
Renovate Bot
43577cebb7
chore(deps): update all dependencies
2022-02-16 12:21:25 +01:00
Renovate Bot
507f8472ca
chore(deps): update golang.org/x/crypto commit hash to 30dcbda
2022-02-07 10:34:16 +01:00
Renovate Bot
853e1d5034
chore(deps): update all dependencies
2022-01-31 18:58:38 +01:00
renovate[bot]
9399e7bed7
chore(deps): update all dependencies ( #771 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-27 11:26:33 +10:00
renovate[bot]
b12c0f6e4e
chore(deps): update all dependencies ( #765 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-26 11:10:11 +01:00
renovate[bot]
742aa848f9
chore(deps): update golang.org/x/crypto commit hash to 5e0467b ( #764 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-17 12:42:54 +01:00
Cosmin Cojocar
ad5d74d5a1
Update to ginkgo v2 ( #753 )
2022-01-03 18:11:35 +01:00
renovate[bot]
bf0dd2fdd3
chore(deps): update golang.org/x/crypto commit hash to e495a2d ( #745 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-20 23:36:02 +01:00
renovate[bot]
6c0b34426c
chore(deps): update golang.org/x/crypto commit hash to 4570a08 ( #737 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-13 17:44:29 +01:00
renovate[bot]
040327f7d7
chore(deps): update all dependencies ( #734 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-07 15:49:48 +01:00
renovate[bot]
c95e9c21e7
chore(deps): update all dependencies ( #731 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-22 14:04:48 +01:00
renovate[bot]
873ac243ea
chore(deps): update all dependencies ( #722 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-09 21:05:07 +01:00
renovate[bot]
0680c75f99
chore(deps): update all dependencies ( #716 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-01 20:56:57 +01:00
renovate[bot]
e73248cc12
chore(deps): update all dependencies ( #701 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-10-05 19:29:19 +02:00
renovate[bot]
cb89567f99
chore(deps): update module github.com/lib/pq to v1.10.3 ( #695 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-13 09:39:36 +02:00
renovate[bot]
1978a52ff4
Update all dependencies ( #690 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-23 08:04:46 +02:00
renovate[bot]
83355dc837
Update all dependencies ( #683 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-16 11:28:27 +02:00
renovate[bot]
2d4133d7a1
Update module github.com/onsi/gomega to v1.15.0 ( #679 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-09 17:29:21 +02:00
renovate[bot]
b869720342
Update module golang.org/x/tools to v0.1.5 ( #668 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-07-19 11:26:21 +02:00
renovate[bot]
a484c77736
Update all dependencies ( #663 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-07-13 18:43:09 +02:00
renovate[bot]
e936c84a90
Update all dependencies ( #658 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-28 16:09:51 +02:00
renovate[bot]
8c43b96d54
Update golang.org/x/crypto commit hash to 5ff15b2 ( #656 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-21 10:51:01 +02:00
renovate[bot]
c81cff094e
Update all dependencies ( #646 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-13 13:29:17 +02:00
Cosmin Cojocar
8a8dbec703
Tidy up the dependencies ( #637 )
2021-06-01 09:58:09 +02:00
renovate[bot]
3a4d09b0b0
Update all dependencies ( #635 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-01 09:43:14 +02:00
Matthieu MOREL
dbb9811e62
Add crypto and lint to the tools modules
2021-05-31 10:41:57 +02:00
Matthieu MOREL
cc83d4c922
Generate the SARIF types, handle taxonomies and separate responsibilities
2021-05-05 18:54:32 +02:00
Cosmin Cojocar
0fa5d0b2d6
Fix the go modules after updating to get the tests passing ( #605 )
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2021-05-05 16:38:35 +02:00
renovate[bot]
b519743da6
chore(deps): update all dependencies ( #599 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-03 09:52:24 +02:00
Cosmin Cojocar
7f2308bd85
Tidy up the moduels after updating ( #593 )
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2021-04-01 09:49:25 +02:00
renovate[bot]
f21b0b8dac
chore(deps): update all dependencies ( #592 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-01 09:16:31 +02:00
Cosmin Cojocar
bf2cd2392b
Update all dependencies ( #585 )
2021-03-01 09:45:00 +01:00
Cosmin Cojocar
897c203e62
Reset the state of TLS rule after each version check ( #570 )
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2021-02-11 10:52:16 +01:00
Renovate Bot
b6524ce487
Update all dependencies
2021-02-01 09:45:05 +01:00
Cosmin Cojocar
bcfb27955e
Clean up the go module dependncies ( #555 )
...
* Clean up the dependencies
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
* Add pq package to dependencies
2021-01-04 08:41:45 +01:00
renovate[bot]
e4d0e9f5be
Update all dependencies ( #553 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-04 08:03:52 +01:00
renovate[bot]
d8fa95aad8
Update all dependencies ( #544 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2020-12-01 09:29:25 +01:00
renovate[bot]
208b73eec4
Update all dependencies ( #538 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2020-11-02 09:15:56 +01:00
renovate[bot]
a4746e18e3
Update all dependencies ( #533 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2020-10-07 20:32:18 +02:00
xpivarc
0ce48a584f
Reproducible junit report ( #529 )
...
* Fix junit format ordering
Signed-off-by: L. Pivarc <lpivarc@redhat.com>
* Make ordering stable
Signed-off-by: L. Pivarc <lpivarc@redhat.com>
* Test ordering
Signed-off-by: L. Pivarc <lpivarc@redhat.com>
2020-09-29 19:17:38 +02:00
Cosmin Cojocar
13519fda59
Update the tls configuration generate to handle also the NSS alternative names
...
Regenerate the configuration of TLS rule.
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2020-09-03 10:54:08 +02:00
Renovate Bot
e351067255
Update all dependencies
2020-09-01 08:58:31 +02:00
Renovate Bot
673a139e55
Update all dependencies
2020-08-03 09:07:46 +02:00
Renovate Bot
59cbe0071f
Update all dependencies
2020-07-01 09:13:45 +02:00
renovate[bot]
6202b38a44
Update all dependencies ( #484 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2020-06-02 09:31:29 +02:00
Cosmin Cojocar
a5db4e1f04
Run mod tidy to clean up the dependencies
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2020-04-20 03:08:39 -07:00
Cosmin Cojocar
fb44007c6e
Enhance the hardcoded credentials rule to check the equality and non-equality of strings
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2020-04-20 03:08:39 -07:00
Cosmin Cojocar
c4417de46d
Use the latest color package to get the color working with tmux
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2020-04-14 02:21:37 -07:00
Marco Antônio Singer
656691b387
feature(formatter/text): Add color option on text format ( #460 )
...
* feature(issue): Add function to return file path and line number
* docs(formatter/CreateReport): Update formats accepted
* feature(formatter): Add color output for text format
Basic color support for text format. For now, only the "Summary" title
and "Issues" section has color
* feature(formatter): Highlight issues based on severity
Given an issue, the file path is painted based on its severity.
We're using the following rules: high is red, medium is yellow and
low is simple black & white
* feature(main): Add color flag
It's only valid for text format
* refactor(formatter): Passing color flag forward
2020-04-14 09:50:02 +02:00
Cosmin Cojocar
c6e10af40f
Handle properly the gosec module version v2
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2020-04-06 09:06:23 -07:00
Renovate Bot
e946c8c399
Update all dependencies
2020-04-01 01:20:31 -07:00
Cosmin Cojocar
8de5fb6eb2
Migrate the build to GitHub Actions
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2020-03-30 03:32:24 -07:00
renovate[bot]
a2ac0bf32b
Update all dependencies ( #445 )
...
Co-authored-by: WhiteSource Renovate <renovatebot@gmail.com>
2020-03-01 21:44:28 +01:00
Renovate Bot
d13bb6d242
Update all dependencies
2020-02-03 10:45:20 +01:00
Rafael dos Santos
f43a957359
Check for both default and alternative nosec tags ( #426 )
...
* Check both nosec tags
* Adjust test to find vulnerabilities
* Add a few alias in Makefile to get GOPATH
2020-01-06 09:47:28 +01:00
renovate[bot]
57c3788fe5
Update all dependencies ( #427 )
2020-01-02 17:56:50 +01:00
renovate[bot]
cb4f343eaf
Update all dependencies ( #417 )
2019-12-17 09:31:52 +01:00
renovate[bot]
b4c76d4234
Update all dependencies ( #410 )
2019-11-04 16:45:32 +01:00
Cosmin Cojocar
28c1128b73
Add more tests to improve the coverage of resolve
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2019-10-08 11:56:58 +02:00
renovate[bot]
ad375d3b8f
Update golang.org/x/tools commit hash to 7c411de ( #389 )
2019-10-01 09:10:45 +02:00
renovate[bot]
7dbc65b199
Update golang.org/x/tools commit hash to 3ac2a5b ( #387 )
2019-09-24 10:14:45 +02:00
Renovate Bot
f3bd9fb960
Update golang.org/x/tools commit hash to 0f9bb8f
2019-09-24 11:40:53 +10:00
Renovate Bot
c6ac709aa8
Update golang.org/x/net commit hash to aa69164
2019-09-24 00:41:44 +00:00
Renovate Bot
7a6460dde9
Update golang.org/x/crypto commit hash to 9ee001b
2019-09-24 09:35:22 +10:00
Renovate Bot
73fbc9ba49
Update golang.org/x/net commit hash to 1a5e07d
2019-09-23 09:54:52 +00:00
renovate[bot]
124da07009
Update golang.org/x/tools commit hash to 5eefd05 ( #378 )
2019-09-23 11:54:36 +02:00
renovate[bot]
915e9eeba8
Update golang.org/x/sys commit hash to b4ddaad ( #374 )
2019-09-17 12:37:15 +02:00
renovate[bot]
f90efff866
Update golang.org/x/tools commit hash to 2dc213d ( #375 )
2019-09-17 12:22:00 +02:00
renovate[bot]
90e975912b
Update golang.org/x/net commit hash to c858923 ( #373 )
2019-09-17 12:20:44 +02:00
renovate[bot]
98749b7357
Update golang.org/x/net commit hash to 24e19bd ( #372 )
2019-09-16 10:25:16 +02:00
renovate[bot]
d8f6c4f7f7
Update golang.org/x/sys commit hash to c3b328c ( #371 )
2019-09-16 10:23:55 +02:00
renovate[bot]
32041942e8
Update golang.org/x/tools commit hash to 92af9d6 ( #370 )
2019-09-16 10:23:43 +02:00
Renovate Bot
140048b2a2
Update golang.org/x/sys commit hash to 7ad0cfa
2019-09-12 12:07:52 +00:00
renovate[bot]
a65402bc5a
Update golang.org/x/tools commit hash to 6bfd74c ( #365 )
2019-09-12 14:07:35 +02:00
renovate[bot]
bee7b5aa0d
Update golang.org/x/crypto commit hash to 227b76d ( #363 )
2019-09-11 09:51:50 +02:00
renovate[bot]
069c31f980
Update golang.org/x/tools commit hash to 16c5e0f ( #362 )
2019-09-11 09:51:26 +02:00
renovate[bot]
3e65f8ff9d
Update golang.org/x/sys commit hash to bbd1755 ( #361 )
2019-09-11 09:51:06 +02:00
renovate[bot]
f5d5e20b3e
Update golang.org/x/tools commit hash to dd2b5c8 ( #360 )
2019-09-10 09:18:49 +02:00