Commit graph

1086 commits

Author SHA1 Message Date
Cosmin Cojocar
17b7d31f41
Update README file with new rule (#975)
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-06-21 10:07:27 +02:00
Morgen Malinoski
a018cf0fbb
Feature: G602 Slice Bound Checking (#973)
* Added slice bounds testing for slice expressions.

* Added checking slice index.

* Added test for reassigning slice.

* Store capacities on reslicing.

* Scope change clears map. Func name used to track slices.

* Map CallExpr to check bounds when passing to functions.

* Fixed linter errors.

* Updated rulelist with CWE mapping.

* Added comment for NewSliceBoundCheck.

* Addressed nil cap runtime error.

* Replaced usage of nil in call arg map with dummy callexprs.

* Updated comments, wrapped error return, addressed other review concerns.
2023-06-21 09:56:36 +02:00
renovate[bot]
82364a710c
chore(deps): update all dependencies (#974)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-06-19 09:15:01 +02:00
Morgen Malinoski
abeab1092d
Feature: G101 match variable values and names (#971)
* G101 now checks LHS of ValueAssignments for patternValue.

* Added matching string literals in equality check.

* Added patternValue matching for ValueSpec.

* Ran gci to fix linter error.

* Added tests and updated regex to be more inclusive.

* Addressed short-circuit eval for isHighEntropy and non-standard ok variable.

* Resolved unhandled error and added more tests.

* Flattened code to make it more readable.

* Added better comments.

* Added new regex for Google API Key, GitHub PAT, and GoogleOAuth.

* Gofmt'ed the test cases.
2023-06-15 10:18:03 +02:00
Cosmin Cojocar
b824c10eb4 Update build script to go version 1.20.5
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-06-07 08:53:25 +02:00
renovate[bot]
022584d770 chore(deps): update all dependencies 2023-06-05 09:29:32 +02:00
futuretea
bd58600acf Recognize struct field in G601
Signed-off-by: futuretea <1913508671@qq.com>
2023-06-02 17:17:10 +02:00
Cosmin Cojocar
1457921142 Remove the depguard from the list of enabled linters
It seems that it flags some imports which are part of the project.

Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-06-02 16:14:14 +02:00
Oleksandr Redko
1f689968ec Fix typos in comments, vars and tests 2023-05-30 08:26:41 +02:00
renovate[bot]
e1484658ac chore(deps): update all dependencies 2023-05-30 08:25:13 +02:00
Cosmin Cojocar
9120883a15
Fix no-sec alternative tag (#962)
The no-sec alternative tag prepends now automatically the # symbol

Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-05-25 11:54:26 +02:00
Cosmin Cojocar
87cc45e1cd
Use image digest instead of tag when signing the released image with cosign (#960)
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-05-17 15:58:25 +02:00
Cosmin Cojocar
6df05bd7a3
Update gosec image version to 2.16.0 in the Github action (#959)
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-05-17 15:50:14 +02:00
Cosmin Cojocar
c5ea1b7bdd
Update cosign to latest version in release Github action (#958)
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-05-17 15:27:49 +02:00
renovate[bot]
8632a8c58a
chore(deps): update all dependencies (#956)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-05-15 12:05:59 +02:00
Cosmin Cojocar
ae3c2f787c
Update go version in build and release scripts (#957) 2023-05-15 12:05:44 +02:00
renovate[bot]
970cc2957f
chore(deps): update all dependencies (#955)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-05-03 09:46:14 +02:00
Cosmin Cojocar
47bfd4eb6f
Update Go version to 1.20.3 (#953) 2023-04-18 10:18:21 +02:00
renovate[bot]
440141a948
chore(deps): update all dependencies (#952)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-04-18 10:08:02 +02:00
Giovanni Rosa
7df7baa3f0
Fix for Dockerfile smell DL3059 (#951)
Signed-off-by: Giovanni Rosa <g.rosa1@studenti.unimol.it>
2023-04-14 13:46:24 +02:00
Olivier Mengué
2ee3213dc1
README: upgrade GitHub action in examples (#950)
Upgrade actions/checkout from v2 to v3 in GitHub actions examples.
2023-04-13 10:23:06 +02:00
Matthieu MOREL
68b520165d
enable ginkgolinter linter (#948)
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
2023-04-04 08:52:59 +02:00
renovate[bot]
780ebd0819
chore(deps): update all dependencies (#947)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-04-03 10:17:38 +02:00
Matthieu MOREL
d6aeaad931
correct gci linter (#946)
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
2023-03-30 09:31:24 +02:00
Matthieu MOREL
73f0efcd02 remove deprecated linters 2023-03-28 20:39:41 +02:00
Matthieu MOREL
aef69b3f85 increase timeout to 5m
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
2023-03-28 20:39:41 +02:00
renovate[bot]
6bad723dfa chore(deps): update all dependencies 2023-03-27 09:16:10 +02:00
Cosmin Cojocar
96bb741801 Use the latest version 2023-03-20 10:25:45 +01:00
Cosmin Cojocar
6a73248135 Fix some linting warnings 2023-03-20 10:25:45 +01:00
Cosmin Cojocar
83fc5e63fa Fix lint warning 2023-03-20 10:25:45 +01:00
Cosmin Cojocar
8e7cf4bd72 Bump the go versions and golanci 2023-03-20 10:25:45 +01:00
renovate[bot]
e7bfcd1d53
chore(deps): update all dependencies (#942)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-03-20 09:23:03 +01:00
Rick Moran
f823a7e92b
Check nil pointer when variable is declared in a different file 2023-03-08 14:42:45 +01:00
dan "smiley" murray
cdd3476f91
fix dead link to issue.go in README.md (#936) 2023-03-06 09:09:40 +01:00
Cosmin Cojocar
d5a9c73723
Remove rule G307 which checks when an error is not handled when a file or socket connection is closed (#935)
* Remove read only types from unsafe defer rules

* Remove rule G307 which checks when an error is not handled when a file or socket connection is closed

This doesn't seem to bring much value from security perspective, and it caused a lot of controversy since
is a very common pattern in Go.

* Mentioned in documentation that rule G307 is retired

* Clean up the test for rule G307
2023-02-24 14:04:13 +01:00
Cosmin Cojocar
27bf0e4f9b
Fix rule index reference into sarif report (#934) 2023-02-21 11:43:38 +01:00
dependabot[bot]
e7b896f234 Bump golang.org/x/net from 0.6.0 to 0.7.0
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/golang/net/releases)
- [Commits](https://github.com/golang/net/compare/v0.6.0...v0.7.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-20 08:58:52 +01:00
Cosmin Cojocar
4340efaa9a Format file 2023-02-16 09:45:28 +01:00
Cosmin Cojocar
f850069114 Use the gosec issue in the go analysers 2023-02-16 09:45:28 +01:00
Cosmin Cojocar
b1fd94881e Fix file formatting 2023-02-16 09:45:28 +01:00
Cosmin Cojocar
2071786199 Update Go version in CI builds 2023-02-16 09:45:28 +01:00
Cosmin Cojocar
1915717875 Fix method name in the comment 2023-02-16 09:45:28 +01:00
Cosmin Cojocar
de2c6a36fa Extract the issue in its own package 2023-02-16 09:45:28 +01:00
Cosmin Cojocar
31e63276f1 Add support for Go analysis framework and SSA code representation 2023-02-16 09:45:28 +01:00
renovate[bot]
e795d75a46
chore(deps): update all dependencies (#931)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-13 10:25:24 +01:00
Cosmin Cojocar
8aa00db022
Remove the version form ci github action 2023-02-08 11:33:30 +01:00
Cosmin Cojocar
392e53c8d0
Pin github action to latest release version 2.15.0 2023-02-08 11:29:30 +01:00
Cosmin Cojocar
ffe254e3a9
Revert the image tag in github action until a working solution is found 2023-02-08 10:47:46 +01:00
Cosmin Cojocar
a0eddfb4ab
Fix version interpolation in github action image 2023-02-08 10:45:57 +01:00
Cosmin Cojocar
d22a7b6ede
Add gosec version as an input parameter to GitHub action (#927)
* Add gosec version as a paramter to the Github action

* Run gosec as a github action as part of CI
2023-02-08 10:40:36 +01:00