actions/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2024-11-06 12:05:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
862 commits 2 branches 41 tags 20 MiB
Commit graph

62 commits

Author SHA1 Message Date
Cosmin Cojocar
6a73248135 Fix some linting warnings 2023-03-20 10:25:45 +01:00
Cosmin Cojocar
83fc5e63fa Fix lint warning 2023-03-20 10:25:45 +01:00
renovate[bot]
e7bfcd1d53
chore(deps): update all dependencies (#942) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-03-20 09:23:03 +01:00
Cosmin Cojocar
27bf0e4f9b
Fix rule index reference into sarif report (#934) 2023-02-21 11:43:38 +01:00
Cosmin Cojocar
de2c6a36fa Extract the issue in its own package 2023-02-16 09:45:28 +01:00
renovate[bot]
54f56c7d6a
chore(deps): update all dependencies (#922) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-02-06 14:16:49 +01:00
Cosmin Cojocar
df14837174
Update to Go 1.20 and fix unit tests (#923) 
* Fix unit tests for Go 1.20

* Update to Go 1.20 in the build scripts

* Remove support for 1.18 in the build

* Fix the golangci lint version according to Go version used

* Fix golangci version string

* Fix gci linter warning

* Remove golint in favour of golangci
 2023-02-06 14:15:05 +01:00
Cosmin Cojocar
a522ae6f5f
Fix build after updating the dependencies (#910) 2023-01-09 09:42:20 +01:00
renovate[bot]
4cc97adbef
chore(deps): update all dependencies (#909) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-01-09 09:27:57 +01:00
renovate[bot]
11898d512a
chore(deps): update all dependencies (#906) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-01-02 17:35:12 +01:00
renovate[bot]
f79c584dbb
chore(deps): update all dependencies (#898) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-12-05 09:23:50 +01:00
renovate[bot]
2fe6c5b64a
chore(deps): update all dependencies (#894) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-11-27 17:44:24 +01:00
renovate[bot]
a0b7ebb312
chore(deps): update all dependencies (#892) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-11-14 09:16:07 +01:00
renovate[bot]
6a964b2a86
chore(deps): update all dependencies (#888) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-11-08 09:37:54 +01:00
renovate[bot]
26f038913f
chore(deps): update all dependencies (#886) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-10-31 09:23:49 +01:00
renovate[bot]
7f91d85b65
chore(deps): update all dependencies (#884) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-10-24 09:20:26 +02:00
renovate[bot]
a2719d3248
chore(deps): update all dependencies (#881) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-10-17 10:14:22 +02:00
renovate[bot]
bb4a1e3544
chore(deps): update all dependencies (#872) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-10-04 09:23:21 +02:00
renovate[bot]
e244c811ea
chore(deps): update all dependencies (#868) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-09-22 11:18:20 +02:00
renovate[bot]
180fc23b72 chore(deps): update all dependencies 2022-09-12 09:35:57 +02:00
renovate[bot]
ae58325bfe chore(deps): update all dependencies 2022-08-29 10:21:47 +02:00
Cosmin Cojocar
19fa856bad fix: make sure that nil Cwe pointer is handled when getting the CWE ID 2022-08-20 13:32:31 +02:00
Cosmin Cojocar
62fa4b4e9b test: remove white spaces from template 2022-08-20 13:08:50 +02:00
Cosmin Cojocar
074dc71087 fix: handle nil CWE pointer in text template 2022-08-20 13:08:50 +02:00
renovate[bot]
79a5b13bdb chore(deps): update dependency babel-standalone to v7 2022-08-15 09:17:13 +02:00
renovate[bot]
0212c83699
chore(deps): update dependency highlight.js to v11.6.0 (#830) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2022-07-18 16:20:54 +02:00
Vladimir Severov
9c19cb6501
Add check for usage of Rat.SetString in math/big with an overflow error (#819) 
* Add check for usage of Rat.SetString in math/big with an overflow error

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7
has an overflow that can lead to Uncontrolled Memory Consumption.

It is the CVE-2022-23772.

* Use ContainsPkgCallExpr instead of manual parsing
 2022-06-03 00:19:51 +02:00
renovate[bot]
12be14859b
chore(deps): update all dependencies (#812) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-05-09 12:02:57 +02:00
云微
34d144b3fa
Add new rule for Slowloris Attack 2022-04-30 12:38:50 +02:00
renovate[bot]
b69c3d48c8
chore(deps): update all dependencies (#805) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-04-11 20:12:37 +02:00
renovate[bot]
8af0af7611
chore(deps): update all dependencies (#789) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-03-14 14:10:28 +01:00
Calin Capitanu
48bbf96b56
Adds directory traversal for Http.Dir("/") 2022-03-06 10:58:47 +01:00
Cosmin Cojocar
26f10e0a7a
Extend the release action to sign the docker image and binary files with cosign (#781) 
* Extend the release action to sign the docker image and binary files with cosign

* Fix lint warnings

* Fix the ling warnings

* Fix the lint warnings
 2022-02-22 21:33:42 +01:00
Cosmin Cojocar
c0680bb6a3 Process the code snippet before adding it to the SARIF report 
Preprocess the code snippet from the issue in order to extract only the line(s)
of code where the issue is located.  In addition remove the line numbers and whitespaces
before writing the code snippet into the SARIF report.
 2022-02-09 16:19:40 +01:00
Cosmin Cojocar
09a2941ad4 Use the CWE name as a name in the SARIF report 2022-01-27 15:51:51 +01:00
renovate[bot]
58058af0c8
chore(deps): update dependency highlight.js to v11.4.0 (#758) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-01-10 10:56:36 +01:00
Cosmin Cojocar
ad5d74d5a1
Update to ginkgo v2 (#753) 2022-01-03 18:11:35 +01:00
Yiwei Ding
b45f95f6ad
Add support for suppressing the findings 2021-12-09 11:53:36 +01:00
renovate[bot]
040327f7d7
chore(deps): update all dependencies (#734) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-12-07 15:49:48 +01:00
renovate[bot]
c95e9c21e7
chore(deps): update all dependencies (#731) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-11-22 14:04:48 +01:00
Marc Brugger
ff17c30a97
Use go embed for templates (#725) 2021-11-15 16:17:22 +01:00
Ville Skyttä
f1f0056a90
Spelling fixes (#717) 2021-11-09 21:02:24 +01:00
Matthieu MOREL
bfb0f422fe
chore(lint): enable errorlint and gci (#698) 2021-09-13 09:40:10 +02:00
Marc Brugger
fd5472caaf
remove tabs (#689) 2021-08-20 10:27:45 +02:00
Marc Brugger
b695b66e4d
add key to Highlight component (#686) 2021-08-19 14:54:12 +02:00
Marc Brugger
aee782bfe8
add summary to html report (#687) 2021-08-19 14:53:39 +02:00
Marc Brugger
ba23b5e49a
Add possibility to list waived (nosec) marked issues but not count them as such 2021-08-18 13:00:38 +02:00
Marc Brugger
c0c122cdc7
Add rule ID and CWE reference to the html report 2021-08-04 17:39:03 +02:00
Matthieu MOREL
731d0d51ce
Results must always be present in the SARIF report (#650) 
* Don't omit empty results

* Add tests
 2021-06-17 14:21:42 +02:00
Matthieu MOREL
e72b1e5f25
Use of vars instead of func 2021-06-13 13:30:16 +02:00