Commit graph

107 commits

Author SHA1 Message Date
renovate[bot]
7d33bc1991 chore(deps): update all dependencies
Some checks failed
CI / test (map[go:1.22.7 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.1 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
2024-10-14 08:52:45 +02:00
Cosmin Cojocar
be8bd6e40b
Populate the fixes only when autofix is not empty (#1226)
Change-Id: If4de66d1ea0fd5a179808d023fdac677437c6d5a

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-18 13:43:01 +02:00
Cosmin Cojocar
abfe8cfd6d
Update the SARIF schema URL (#1217)
Change-Id: I4a19f289ed6c4da8277bcc30be7c905ca13b6898

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-09 15:36:18 +02:00
Cosmin Cojocar
0ce4453ddd
Rollback the SARIF version to 2.1 since github doesn't support 2.2 (#1210)
Change-Id: If3500ec2c522339ca0a4e6c1f58574ce3cc870a9

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-04 16:56:15 +02:00
renovate[bot]
655527dfb4 chore(deps): update all dependencies 2024-09-02 09:46:29 +02:00
Dimitar Banchev
0eb8143c23 Added new rule G407(hardcoded IV/nonce)
The rule is supposed to detect for the usage of hardcoded or static nonce/Iv in many encryption algorithms:

* The different modes of AES (mainly tested here)
* It should be able to work with ascon

Currently the rules doesn't check when constant variables are used.

TODO: Improve the rule, to detected for constatant variable usage
2024-08-30 19:35:07 +02:00
renovate[bot]
aec45b0b7d chore(deps): update all dependencies 2024-08-26 16:47:36 +02:00
Tran The Lam
56f943b802
Add support to generate auto fixes using LLM (AI) (#1177)
This feature adds support to generate auto fixes for Go scanning findings using LLM (AI). In a first instance, it relies on Gemini API to get a suggestion for a solution. This can be later extended, to integrate also other AI providers.

---------

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
Co-authored-by: ccoVeille <3875889+ccoVeille@users.noreply.github.com>
Co-authored-by: Cosmin Cojocar <ccojocar@google.com>
2024-08-12 12:52:41 +02:00
renovate[bot]
55a47f3774 chore(deps): update all dependencies 2024-08-05 17:38:32 +02:00
renovate[bot]
a5d9ef67e2 chore(deps): update all dependencies 2024-07-29 10:58:28 +02:00
renovate[bot]
68424445af chore(deps): update dependency babel-standalone to v7.24.10 2024-07-23 11:43:16 +02:00
renovate[bot]
4487a0c5a2 chore(deps): update dependency babel-standalone to v7.24.8 2024-07-15 09:13:59 +02:00
renovate[bot]
466992feca chore(deps): update all dependencies 2024-07-08 15:49:41 +02:00
Dimitar Banchev
9a4a741e6b Added more rules
* Rule G406 responsible for the usage of deprecated MD4 and RIPEMD160 added.
* Rules G506, G507 responsible for tracking the usage of the already mentioned libraries added.
* Slight changes in the Makefile(`make clean` wasn't removing all expected files)
* Added license to `analyzer_test.go`
2024-06-25 13:18:27 +02:00
Dimitar Banchev
58e4fccc13 Split the G401 rule into two separate ones
Now the G401 rule is split into hashing and encryption algorithms.

G401 is responsible for checking the usage of MD5 and SHA1, with corresponding CWE of 328.
And G405(New rule) is responsible for checking the usege of DES and RC4, with corresponding CWE of 327.
2024-06-24 15:25:54 +02:00
renovate[bot]
30a8a9c8c3 chore(deps): update all dependencies 2024-06-11 21:31:12 +02:00
renovate[bot]
45fbb27d87 chore(deps): update all dependencies 2024-05-27 13:03:14 +02:00
renovate[bot]
cf29d543e2 chore(deps): update all dependencies 2024-05-02 10:27:10 +02:00
renovate[bot]
31009c3db8 chore(deps): update all dependencies 2024-04-08 11:41:11 +02:00
renovate[bot]
e27f442499 chore(deps): update all dependencies 2024-03-25 11:02:28 +01:00
renovate[bot]
582e91af06 chore(deps): update all dependencies 2024-03-04 10:10:31 +01:00
renovate[bot]
1285eb7300 chore(deps): update all dependencies 2024-02-05 09:59:32 +01:00
renovate[bot]
cf4ab3ea7c chore(deps): update all dependencies 2024-01-29 09:48:13 +01:00
renovate[bot]
57ec76b97b chore(deps): update all dependencies 2024-01-15 09:52:33 +01:00
renovate[bot]
8fa46c1e3e chore(deps): update dependency babel-standalone to v7.23.7 2024-01-03 09:54:15 +01:00
renovate[bot]
187adabe34 chore(deps): update all dependencies 2023-12-18 10:42:31 +01:00
renovate[bot]
79a6b475f0
chore(deps): update all dependencies (#1080)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-04 10:06:03 +01:00
renovate[bot]
fece49805b chore(deps): update dependency babel-standalone to v7.23.4 2023-11-27 09:30:11 +01:00
renovate[bot]
c736581f85 chore(deps): update all dependencies 2023-11-13 09:45:27 +01:00
renovate[bot]
7846db034c chore(deps): update all dependencies 2023-10-16 09:29:43 +02:00
renovate[bot]
7f7c47fefe
chore(deps): update all dependencies (#1026)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-10-09 09:22:00 +02:00
Oleksandr Redko
09cf6efb3e
Fix typos in struct fields, comments, and docs (#1023) 2023-10-05 12:59:17 +02:00
renovate[bot]
665e87b287 chore(deps): update all dependencies 2023-10-05 12:58:26 +02:00
renovate[bot]
f6a64969a3 chore(deps): update all dependencies 2023-09-18 08:40:10 +02:00
renovate[bot]
b192f06cca
chore(deps): update all dependencies (#1011)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-11 10:53:32 +02:00
renovate[bot]
325eb19a54
chore(deps): update all dependencies (#1008)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-04 09:12:42 +02:00
renovate[bot]
4b458c4f59
chore(deps): update all dependencies (#997)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-14 09:36:16 +02:00
renovate[bot]
e76ad70182
chore(deps): update all dependencies (#982)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-17 10:13:40 +02:00
renovate[bot]
ef8f560d84
chore(deps): update all dependencies (#976)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-10 10:37:30 +02:00
renovate[bot]
82364a710c
chore(deps): update all dependencies (#974)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-06-19 09:15:01 +02:00
Oleksandr Redko
1f689968ec Fix typos in comments, vars and tests 2023-05-30 08:26:41 +02:00
renovate[bot]
e1484658ac chore(deps): update all dependencies 2023-05-30 08:25:13 +02:00
renovate[bot]
970cc2957f
chore(deps): update all dependencies (#955)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-05-03 09:46:14 +02:00
renovate[bot]
780ebd0819
chore(deps): update all dependencies (#947)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-04-03 10:17:38 +02:00
Matthieu MOREL
d6aeaad931
correct gci linter (#946)
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
2023-03-30 09:31:24 +02:00
Cosmin Cojocar
6a73248135 Fix some linting warnings 2023-03-20 10:25:45 +01:00
Cosmin Cojocar
83fc5e63fa Fix lint warning 2023-03-20 10:25:45 +01:00
renovate[bot]
e7bfcd1d53
chore(deps): update all dependencies (#942)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-03-20 09:23:03 +01:00
Cosmin Cojocar
27bf0e4f9b
Fix rule index reference into sarif report (#934) 2023-02-21 11:43:38 +01:00
Cosmin Cojocar
de2c6a36fa Extract the issue in its own package 2023-02-16 09:45:28 +01:00