Commit graph

63 commits

Author SHA1 Message Date
Cosmin Cojocar
699cb55eb3 Upate go to version 1.23.3 and 1.22.9
Change-Id: I8c9767333830999d35119505fa70de1b133ba36f
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-11-26 09:48:59 +01:00
renovate[bot]
44156135bf chore(deps): update all dependencies
Some checks failed
CI / test (map[go:1.22.8 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.2 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
2024-11-18 09:46:28 +01:00
Cosmin Cojocar
4fd98728a7 Update go version to 1.23.2 and 1.22.8
Some checks failed
CI / test (map[go:1.22.8 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.2 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
Change-Id: I8f941e97f1ec7b0df2e3efa76f881b85f2a287cc
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-10-22 14:57:16 +02:00
Cosmin Cojocar
0396179112
Update go version to 1.23.1 and 1.22.7 (#1216)
Change-Id: I2c5ad3b96a96470ce663de84d767590b842990ac

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-09 15:29:43 +02:00
Cosmin Cojocar
c52dc0ea4e Add a build step to measure the scan perfomance
This step will measure the scan performance difference against the
master version.

Change-Id: I1b9196ef3348350cf818471f55d9024d14064ac6
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-08-26 19:08:32 +02:00
Cosmin Cojocar
18135b439c
Update to Go 1.23.0 (#1183)
Change-Id: I11a6402e85ac543305e8bad4ea35239779424dd6

Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-08-19 09:17:50 +02:00
Cosmin Cojocar
87fcb9b95b Update to go 1.22.5 and 1.21.12
Change-Id: I3334016ed2714ce4aed959d7f19a33e220c000e4
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-07-08 16:00:12 +02:00
Cosmin Cojocar
2ae137abcf Update to go versions to 1.21.11 and 1.22.4
Signed-off-by: Cosmin Cojocar <cosmin@cojocar.ch>
2024-06-11 21:47:56 +02:00
renovate[bot]
d34f8b77d5 chore(deps): update all dependencies 2024-05-13 14:19:10 +02:00
Cosmin Cojocar
8658b8eab6 Update Go to version 2.22.3 in CI and release
Signed-off-by: Cosmin Cojocar <cosmin@cojocar.ch>
2024-05-12 11:40:57 +02:00
renovate[bot]
cf29d543e2 chore(deps): update all dependencies 2024-05-02 10:27:10 +02:00
Cosmin Cojocar
3b23ec8f09 Update to go 1.22.2
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2024-04-08 11:51:51 +02:00
Cosmin Cojocar
903c75b05e Update go version to 1.22.1 and 1.21.8
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2024-03-07 12:23:46 +01:00
Cosmin Cojocar
26e57d6b34 Update CI to go version 1.22
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2024-02-12 10:08:56 +01:00
renovate[bot]
e60b8d88e0 chore(deps): update all dependencies 2024-02-12 09:36:56 +01:00
renovate[bot]
1285eb7300 chore(deps): update all dependencies 2024-02-05 09:59:32 +01:00
renovate[bot]
277553c23d chore(deps): update all dependencies 2024-01-22 09:42:14 +01:00
renovate[bot]
e1f27ba8fc chore(deps): update actions/setup-go action to v5 2023-12-11 10:12:41 +01:00
Cosmin Cojocar
bc03d1c1bc
Update go version to 1.21.5 and 1.20.12 (#1084)
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-12-08 14:19:34 +01:00
Cosmin Cojocar
6d56592f09 Update Go to version 1.21.4 and 1.20.11
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-11-10 10:38:54 +01:00
Cosmin Cojocar
dd08f99f53
Update to Go 1.21.3 and 1.20.10 (#1035)
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-10-11 10:18:12 +02:00
Cosmin Cojocar
53fc0c3c83
Update to go version 1.21.2 and 1.20.9 (#1027)
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-10-09 09:35:41 +02:00
Cosmin Cojocar
aebe20cfba Drop support for go 1.19.x since go team doesn't ship anymore security fixes for it
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-09-11 11:26:07 +02:00
Cosmin Cojocar
7a98537c9a Update to latest go version
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-09-11 11:26:07 +02:00
renovate[bot]
b192f06cca
chore(deps): update all dependencies (#1011)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-11 10:53:32 +02:00
Cosmin Cojocar
a89e9d5a7a
Enable go 1.21.0 in the CI build (#998)
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-08-14 09:59:18 +02:00
Cosmin Cojocar
7d51bfe004
Update to go version 1.20.7 and 1.19.12 (#993)
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-08-07 10:05:55 +02:00
Cosmin Cojocar
3a6fd99e54
Update to Go version 1.19.11 and 1.20.6 (#981)
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-07-13 09:53:11 +02:00
Cosmin Cojocar
b824c10eb4 Update build script to go version 1.20.5
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-06-07 08:53:25 +02:00
Cosmin Cojocar
ae3c2f787c
Update go version in build and release scripts (#957) 2023-05-15 12:05:44 +02:00
Cosmin Cojocar
47bfd4eb6f
Update Go version to 1.20.3 (#953) 2023-04-18 10:18:21 +02:00
Cosmin Cojocar
96bb741801 Use the latest version 2023-03-20 10:25:45 +01:00
Cosmin Cojocar
8e7cf4bd72 Bump the go versions and golanci 2023-03-20 10:25:45 +01:00
renovate[bot]
e7bfcd1d53
chore(deps): update all dependencies (#942)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-03-20 09:23:03 +01:00
Cosmin Cojocar
2071786199 Update Go version in CI builds 2023-02-16 09:45:28 +01:00
Cosmin Cojocar
8aa00db022
Remove the version form ci github action 2023-02-08 11:33:30 +01:00
Cosmin Cojocar
d22a7b6ede
Add gosec version as an input parameter to GitHub action (#927)
* Add gosec version as a paramter to the Github action

* Run gosec as a github action as part of CI
2023-02-08 10:40:36 +01:00
Cosmin Cojocar
df14837174
Update to Go 1.20 and fix unit tests (#923)
* Fix unit tests for Go 1.20

* Update to Go 1.20 in the build scripts

* Remove support for 1.18 in the build

* Fix the golangci lint version according to Go version used

* Fix golangci version string

* Fix gci linter warning

* Remove golint in favour of golangci
2023-02-06 14:15:05 +01:00
Cosmin Cojocar
b4270dd020
Update Go to latest version (#920) 2023-01-31 10:00:24 +01:00
Cosmin Cojocar
c5d217da7a
Update Go version in CI script (#913)
* Update Go version in CI script

* Introduce back an additional check for filepath clean to fix the unit tests
2023-01-09 16:49:02 +01:00
Cosmin Cojocar
0acfbb436c
Update Go version in CI scripts (#889) 2022-11-08 09:54:40 +01:00
Sebastiaan van Stijn
ed386818fd
go.mod: ginkgo/v2 v2.3.1, golang.org/x/text v0.3.8, update go versions (#880)
* gha: remove go1.17, temporarily force 1.18.7, 1.19.2

The  security scanner is flagging the code to have a vulnerability, but it's
detecting that we're running go1.18.6, not "latest" (go1.18.7 at time of writing).

Temporarily pinning to go1.18.7 to force installing the latest version:

    Vulnerability #1: GO-2022-1039
      Programs which compile regular expressions from untrusted
      sources may be vulnerable to memory exhaustion or denial of
      service. The parsed regexp representation is linear in the size
      of the input, but in some cases the constant factor can be as
      high as 40,000, making relatively small regexps consume much
      larger amounts of memory. After fix, each regexp being parsed is
      limited to a 256 MB memory footprint. Regular expressions whose
      representation would use more space than that are rejected.
      Normal use of regular expressions is unaffected.

      Call stacks in your code:
      Error:       helpers.go:463:26: github.com/securego/gosec/v2.ExcludedDirsRegExp calls regexp.MustCompile, which eventually calls regexp/syntax.Parse

      Found in: regexp/syntax@go1.18.6
      Fixed in: regexp/syntax@go1.19.2
      More info: https://pkg.go.dev/vuln/GO-2022-1039

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

* go.mod: github.com/onsi/ginkgo/v2 v2.3.1

CI was failing because of a mismatch:

    /home/runner/go/bin/ginkgo -v --fail-fast
    Ginkgo detected a version mismatch between the Ginkgo CLI and the version of Ginkgo imported by your packages:
      Ginkgo CLI Version:
        2.3.1
      Mismatched package versions found:
       2.2.0 used by gosec

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

* go.mod: golang.org/x/text v0.3.8

to address GO-2022-1059

    The vulnerabilities below are in packages that you import, but your code
    doesn't appear to call any vulnerable functions. You may not need to take any
    action. See https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck
    for details.

    Vulnerability #1: GO-2022-1059
      An attacker may cause a denial of service by crafting an Accept-Language
      header which ParseAcceptLanguage will take significant time to parse.

      Found in: golang.org/x/text/language@v0.3.7
      Fixed in: golang.org/x/text/language@v0.3.8
      More info: https://pkg.go.dev/vuln/GO-2022-1059

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-10-17 10:05:13 +02:00
Cosmin Cojocar
d3933f9e14 chore: add support for Go 1.19
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2022-08-08 10:56:19 +02:00
Cosmin Cojocar
21fcd2f904
Phase out support for Go 1.16 since is not supported anymore by Go team (#837)
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2022-07-26 11:08:30 +02:00
renovate[bot]
b69c3d48c8
chore(deps): update all dependencies (#805)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-11 20:12:37 +02:00
renovate[bot]
82eaa12696
chore(deps): update all dependencies (#796)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-28 20:23:59 +02:00
Cosmin Cojocar
607d607b51
Enable Go 1.18 in the ci and release workflows
* Enable Go 1.18 in the ci and release workflows

* Fix lint warning

* Add golangci as a make target
2022-03-21 16:53:22 +01:00
Cosmin Cojocar
b99b5f7838
Fix the lint action after upgrade (#790) 2022-03-14 14:19:29 +01:00
renovate[bot]
8af0af7611
chore(deps): update all dependencies (#789)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-14 14:10:28 +01:00
Cosmin Cojocar
5a3a27afae
Phase out support for go version 1.15 because current ginko is not backward compatible (#710)
We are going to support only the stable versions provided by the Go team.
2021-10-15 10:46:13 +02:00