Oleksandr Redko
4fda076e5d
Refactor AppendError to use strings.Contains ( #1270 )
2024-12-16 15:18:11 +01:00
Oleksandr Redko
b01f49e366
Simplify Analyzer.ignore by reducing nesting ( #1269 )
2024-12-16 15:17:42 +01:00
Oleksandr Redko
b62cc3316d
Improve capitalization in AI API flags descriptions ( #1267 )
2024-12-16 10:42:23 +01:00
Oleksandr Redko
bc77d16301
Remove unused golint dependency ( #1266 )
2024-12-16 10:41:16 +01:00
Oleksandr Redko
ef1a35faf9
Simplify tests by using GinkgoT().TempDir() ( #1265 )
2024-12-16 10:40:43 +01:00
dannyc-grafana
09b914371e
Documentation on adding new rules and analyzers ( #1262 )
...
* Create CONTRIBUTING.md
Add some docs for developers who want to extend gosec
* Address comments from ccojocar
* Update CONTRIBUTING.md
Co-authored-by: Oleksandr Redko <oleksandr.red+github@gmail.com>
* Update CONTRIBUTING.md
Co-authored-by: Oleksandr Redko <oleksandr.red+github@gmail.com>
* Update README.md
Co-authored-by: Oleksandr Redko <oleksandr.red+github@gmail.com>
* Update CONTRIBUTING.md
Co-authored-by: Oleksandr Redko <oleksandr.red+github@gmail.com>
* Update CONTRIBUTING.md
Co-authored-by: Oleksandr Redko <oleksandr.red+github@gmail.com>
* Linting/formatting pass
* Update CONTRIBUTING.md
* Update README.md
Fix phrasing to be clearer
---------
Co-authored-by: Oleksandr Redko <oleksandr.red+github@gmail.com>
2024-12-16 10:38:51 +01:00
renovate[bot]
1bd92a8e30
chore(deps): update all dependencies ( #1268 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-12-16 10:34:38 +01:00
Cosmin Cojocar
ca55eca3de
Update to go 1.22.10 and 1.23.4 versions ( #1264 )
...
CI / test (map[go:1.22.10 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.4 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
Change-Id: Ie36866e0b27c08e2211e86f6fffea559a193924c
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-12-12 12:10:18 +01:00
renovate[bot]
329cad89ee
chore(deps): update module golang.org/x/crypto to v0.31.0 [security] ( #1263 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-12-12 10:08:44 +01:00
renovate[bot]
08beb25d41
chore(deps): update all dependencies ( #1261 )
...
CI / test (map[go:1.22.9 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.3 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-12-09 10:42:25 +01:00
renovate[bot]
d566be274e
chore(deps): update module github.com/onsi/gomega to v1.36.0 ( #1259 )
...
CI / test (map[go:1.22.9 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.3 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-12-02 10:09:45 +01:00
Oleksandr Redko
8c602d0bc4
fix: revive.redefines-builtin-id lint warnings ( #1257 )
...
CI / test (map[go:1.22.9 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.3 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
Co-authored-by: Cosmin Cojocar <cosmin@cojocar.ch>
2024-11-30 10:54:57 +01:00
Oleksandr Redko
399e835157
Fix typos in comments and fields
2024-11-30 10:37:42 +01:00
Cosmin Cojocar
229cf63a09
Remove the decryption funtions/methods from G407 check
...
CI / test (map[go:1.22.9 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.3 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
The nonce in the decryption functions/methods is typically provided and
it should not be randomnly generated.
Change-Id: Id0df0d43aecb2aadb00b9fa901bd060a43a201c5
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-11-26 10:14:30 +01:00
Cosmin Cojocar
699cb55eb3
Upate go to version 1.23.3 and 1.22.9
...
Change-Id: I8c9767333830999d35119505fa70de1b133ba36f
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-11-26 09:48:59 +01:00
Dave Henderson
9b13cd5ab4
Fix G115 false positive when going from parsed uint to larger int
...
Signed-off-by: Dave Henderson <dhenderson@gmail.com>
2024-11-26 09:36:56 +01:00
renovate[bot]
08ea2a57db
chore(deps): update all dependencies
CI / test (map[go:1.22.8 golangci:latest]) (push) Waiting to run
CI / test (map[go:1.23.2 golangci:latest]) (push) Waiting to run
CI / coverage (push) Blocked by required conditions
Security Scan / build (push) Waiting to run
2024-11-25 11:21:19 +01:00
renovate[bot]
44156135bf
chore(deps): update all dependencies
CI / test (map[go:1.22.8 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.2 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
2024-11-18 09:46:28 +01:00
renovate[bot]
3274716ce3
chore(deps): update all dependencies
CI / test (map[go:1.22.8 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.2 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
2024-11-11 09:28:10 +01:00
renovate[bot]
1fb6a46eed
chore(deps): update all dependencies
CI / test (map[go:1.22.8 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.2 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
2024-11-04 10:11:47 +01:00
renovate[bot]
d2c92ed7b3
chore(deps): update all dependencies
CI / test (map[go:1.22.8 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.2 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
2024-10-28 09:23:35 +01:00
Cosmin Cojocar
4fd98728a7
Update go version to 1.23.2 and 1.22.8
...
CI / test (map[go:1.22.8 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.2 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
Change-Id: I8f941e97f1ec7b0df2e3efa76f881b85f2a287cc
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-10-22 14:57:16 +02:00
renovate[bot]
1501618b90
chore(deps): update module google.golang.org/api to v0.201.0
CI / test (map[go:1.22.7 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.1 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
2024-10-21 10:44:17 +02:00
renovate[bot]
7d33bc1991
chore(deps): update all dependencies
CI / test (map[go:1.22.7 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.1 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
2024-10-14 08:52:45 +02:00
renovate[bot]
bd8b4b4ece
chore(deps): update all dependencies
CI / test (map[go:1.22.7 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.1 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
2024-10-07 11:06:29 +02:00
Cosmin Cojocar
1216c9b96b
Fix the cosign step to authenticate with the container registry
...
CI / test (map[go:1.22.7 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.1 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
Change-Id: I8b5fd63128b7c661c438c9cff9e8a4a3e487712b
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-10-01 17:11:46 +02:00
renovate[bot]
50d1b4ae6b
chore(deps): update module google.golang.org/api to v0.199.0
2024-10-01 16:51:00 +02:00
Cosmin Cojocar
c0ba7c7a74
Update the gosec to v2.21.4 in the Github action
...
Security Scan / build (push) Has been cancelled
CI / test (map[go:1.22.7 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.1 golangci:latest]) (push) Has been cancelled
CI / coverage (push) Has been cancelled
Change-Id: Idb7fd0b7f7524adf3a87dc06e1fe3935a5593c60
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-26 14:24:09 +02:00
Cosmin Cojocar
a3299ce10c
Add the version into goreleaser config
...
Change-Id: Id759cc78f3c8f3c69864311e91dd64cbacb1b958
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-26 14:24:09 +02:00
renovate[bot]
d4617f51ba
chore(deps): update module google.golang.org/api to v0.198.0 ( #1233 )
...
CI / test (map[go:1.22.7 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.1 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-23 09:30:44 +02:00
Laurent Demailly
1d23143bee
Prevent panic: unexpected constant value: <nil> ( #1232 )
CI / test (map[go:1.22.7 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.1 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
2024-09-20 10:58:58 +02:00
Laurent Demailly
6741874d9b
Fix running single analyzer which isn't a rule bug ( #1231 )
...
* Fix running single analyzer which isn't a rule bug
* remove uncessary diff (even if it's proper fmt)
2024-09-20 10:56:50 +02:00
Cosmin Cojocar
a83689867d
Update gosec version to v2.21.3 in github action ( #1227 )
...
CI / test (map[go:1.22.7 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.1 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
Change-Id: If12ea73f08ff79b5c53ece6c96454fb99418ced2
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-18 14:10:47 +02:00
Cosmin Cojocar
be8bd6e40b
Populate the fixes only when autofix is not empty ( #1226 )
...
Change-Id: If4de66d1ea0fd5a179808d023fdac677437c6d5a
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-18 13:43:01 +02:00
renovate[bot]
3004932005
chore(deps): update all dependencies ( #1223 )
...
CI / test (map[go:1.22.7 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.1 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
* chore(deps): update all dependencies
* Update go.mod
* Remove the toolchain directive
Change-Id: I2ecbdec86e3eb8a771232f649f6da2273b3026ac
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
---------
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Cosmin Cojocar <cosmin@cojocar.ch>
Co-authored-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-16 10:42:08 +02:00
czechbol
1f3bdd9349
G115 Struct Attribute Checks ( #1221 )
...
* allow struct attributes checks
* fix explicit check results
2024-09-16 10:30:54 +02:00
Cosmin Cojocar
5f3194b581
Update the github action to v2.21.2 ( #1218 )
...
CI / test (map[go:1.22.7 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.1 golangci:latest]) (push) Has been cancelled
CI / coverage (push) Has been cancelled
Security Scan / build (push) Has been cancelled
Change-Id: I0b31f470f716e6b0ea1dacae7814075ee9f6d898
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-09 16:20:57 +02:00
Cosmin Cojocar
abfe8cfd6d
Update the SARIF schema URL ( #1217 )
...
Change-Id: I4a19f289ed6c4da8277bcc30be7c905ca13b6898
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-09 15:36:18 +02:00
Cosmin Cojocar
0396179112
Update go version to 1.23.1 and 1.22.7 ( #1216 )
...
Change-Id: I2c5ad3b96a96470ce663de84d767590b842990ac
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-09 15:29:43 +02:00
renovate[bot]
5e53c8b9f7
chore(deps): update all dependencies ( #1215 )
...
* chore(deps): update all dependencies
* Update go.mod
* Update go.mod
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Cosmin Cojocar <cosmin@cojocar.ch>
2024-09-09 15:20:27 +02:00
Cosmin Cojocar
014751c91c
Update gosec version to v2.21.1 in github action ( #1213 )
...
Change-Id: I0dda98f91eabc1881c55cb886425acf62a000002
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-04 17:22:49 +02:00
Cosmin Cojocar
0ce4453ddd
Rollback the SARIF version to 2.1 since github doesn't support 2.2 ( #1210 )
...
Change-Id: If3500ec2c522339ca0a4e6c1f58574ce3cc870a9
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-04 16:56:15 +02:00
Cosmin Cojocar
ea26e8431f
Update gosec in github action to v2.21.0 ( #1208 )
...
Change-Id: Ia6a5cc01472103d435cd5931aaef98a71a0a89f2
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-04 16:49:35 +02:00
Cosmin Cojocar
b278b40c52
Update cosign version to v2.4.0 in release github workflow ( #1207 )
...
Change-Id: I78b4ad65597f6c10d9cc3113864fd73a25101b25
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-04 16:22:00 +02:00
czechbol
eaedce9a8b
Improvement the int conversion overflow logic to handle bound checks ( #1194 )
...
* add test cases
Signed-off-by: czechbol <adamludes@gmail.com>
* fix bounds check logic
Signed-off-by: czechbol <adamludes@gmail.com>
* tweak test cases
Signed-off-by: czechbol <adamludes@gmail.com>
* fix codestyle
Signed-off-by: czechbol <adamludes@gmail.com>
* improve bounds check logic
Signed-off-by: czechbol <adamludes@gmail.com>
* max recursion depth
Signed-off-by: czechbol <adamludes@gmail.com>
* add test case for len function
Signed-off-by: czechbol <adamludes@gmail.com>
* relax len function bounds checks
Co-authored-by: Ben Krieger <ben.krieger@intel.com>
* handle cases when convert instruction is after the if blocks
Signed-off-by: czechbol <adamludes@gmail.com>
* improve range check discovery, add tests
Signed-off-by: czechbol <adamludes@gmail.com>
* refactor for readability
Signed-off-by: czechbol <adamludes@gmail.com>
* add cap function test
Signed-off-by: czechbol <adamludes@gmail.com>
* calculate signed min without throwing overflow warnings
Signed-off-by: czechbol <adamludes@gmail.com>
* perform bounds checks int size calculations
Signed-off-by: czechbol <adamludes@gmail.com>
* basic equal operator logic
Signed-off-by: czechbol <adamludes@gmail.com>
* uintptr -> unsafe.Pointer test case
Signed-off-by: czechbol <adamludes@gmail.com>
* fix review comments
Signed-off-by: czechbol <adamludes@gmail.com>
* Rebase and fix go module
Change-Id: I8da6495eaaf25b1739389aa98492bd7df338085b
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
* fix false positive for negated value
Signed-off-by: czechbol <adamludes@gmail.com>
* fix range conditions
Signed-off-by: czechbol <adamludes@gmail.com>
* Ignore the golangci/gosec G115 warning
Change-Id: I0db56cb0a5f9ab6e815e2480ec0b66d7061b23d3
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
---------
Signed-off-by: czechbol <adamludes@gmail.com>
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
Co-authored-by: Ben Krieger <ben.krieger@intel.com>
Co-authored-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-04 16:09:54 +02:00
William Bergeron-Drouin
ea5b2766bb
fix: G602 support for nested conditionals with bounds check ( #1201 )
...
* Recursive fix
* Add some more test cases
* Fix formatting
* Add depth check
2024-09-04 11:07:42 +02:00
Cosmin Cojocar
11d69032b0
Update go.mod to sue go 1.22.0 toolchain
2024-09-02 09:46:29 +02:00
renovate[bot]
655527dfb4
chore(deps): update all dependencies
2024-09-02 09:46:29 +02:00
Cosmin Cojocar
0898560169
Make variable name more clear
...
Change-Id: I5b863c0da6cc3d01efa527c60c93fdcbc8c5a53c
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-08-30 19:35:07 +02:00
Cosmin Cojocar
ac67231ec5
Make variable names more explicity and reduce duplications
...
Change-Id: Ifa141b70351136cfe7d0756a83e8166a24b5d538
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-08-30 19:35:07 +02:00