Cosmin Cojocar
9c047e32a3
Add support for Go 1.16 in the CI and release workflows ( #581 )
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2021-02-26 11:12:38 +01:00
Matouš Dzivjak
1fce46151c
fix: WriteParams rule to work also with golang 1.16 ( #577 )
...
In go 1.16 the `ioutil` package was deprecated and
the functions should be replaced by their equivalents
in either `io` or `os` packages. This means,
that `ioutil.WriteFile` should be replaced by
`os.WriteFile` instead. To account for this change
and to detect incorrect permissions also for `os.WriteFile`
I changed `filePermissions` rule slightly to allows
specifying multiple packages that can contain given
function and that we should check. This workaround
can be removed after a sufficient time has passed
and after it is decided that checking `os.WriteFile`
is enough.
Fixes: https://github.com/securego/gosec/issues/576
2021-02-22 09:22:04 +01:00
Cosmin Cojocar
dcbcc4dd2a
Use a more generic path for sonarqube import path ( #573 )
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2021-02-11 14:19:46 +01:00
Cosmin Cojocar
2777e5065e
Update README with a note which describes how to import a SonarQube report ( #572 )
2021-02-11 12:10:44 +01:00
Cosmin Cojocar
897c203e62
Reset the state of TLS rule after each version check ( #570 )
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2021-02-11 10:52:16 +01:00
Dmitry Salakhov
6c57ae1628
Fix sarif formatting issues ( #565 )
...
* include tool version
* change declared safix shema version
* dedup rules, fix result locations
* refactor rules collection creation
2021-02-05 10:06:04 +01:00
Renovate Bot
b6524ce487
Update all dependencies
2021-02-01 09:45:05 +01:00
Cosmin Cojocar
00bbbd8413
Fix the release workflow to allow unsecure commands
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2021-01-22 11:36:52 +01:00
Mark Wolfe
d9d75834b6
update README with instructions on how to integrate with GitHub codescanning
2021-01-22 11:31:07 +01:00
Mark Wolfe
3ed39fe612
fix sarif add default configuration set to correct level
2021-01-22 10:26:59 +01:00
Mark Wolfe
732f759e4f
fix for sarif which maps level from issue severity
2021-01-21 18:26:43 +01:00
Mark Wolfe
327b2a0841
ensure the sarif results are an empty array if nothing is reported
2021-01-21 11:03:13 +01:00
K
41ea431779
Fix for SARIF output when Issue.Line contains a range
2021-01-05 08:38:25 +01:00
Cosmin Cojocar
a5911ad7bb
Fix compilation errors in the test samples
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2021-01-04 09:28:00 +01:00
Chris Bandy
23ef7009f9
Fix some typos in rules tests
2021-01-04 09:28:00 +01:00
Chris Bandy
e100f6b862
Assert that sample code compiles
2021-01-04 09:28:00 +01:00
Cosmin Cojocar
bcfb27955e
Clean up the go module dependncies ( #555 )
...
* Clean up the dependencies
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
* Add pq package to dependencies
2021-01-04 08:41:45 +01:00
renovate[bot]
e4d0e9f5be
Update all dependencies ( #553 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-04 08:03:52 +01:00
Jeff Widman
9fe0b2e21a
Fix typo ( #547 )
2020-12-11 09:34:38 +01:00
renovate[bot]
d8fa95aad8
Update all dependencies ( #544 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2020-12-01 09:29:25 +01:00
Ethan Buchman
984c1d39a0
fix typo in ContainsPkgCallExpr comment ( #545 )
2020-12-01 09:28:38 +01:00
renovate[bot]
208b73eec4
Update all dependencies ( #538 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2020-11-02 09:15:56 +01:00
mrtc0
0d4f1cb2cb
Support SARIF output ( #539 )
...
* SARIF support
* add sarif option to help text
2020-11-02 09:13:53 +01:00
renovate[bot]
a4746e18e3
Update all dependencies ( #533 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2020-10-07 20:32:18 +02:00
Miki Tebeka
6bd6e4ba2c
Use $(go env GOPATH) that works even when GOPATH is not set
2020-10-01 04:17:43 +10:00
Lucas Charles
aef335a98e
Fix typo in README.md
...
s/trucate/truncate for G101 configuration
2020-10-01 04:17:00 +10:00
xpivarc
0ce48a584f
Reproducible junit report ( #529 )
...
* Fix junit format ordering
Signed-off-by: L. Pivarc <lpivarc@redhat.com>
* Make ordering stable
Signed-off-by: L. Pivarc <lpivarc@redhat.com>
* Test ordering
Signed-off-by: L. Pivarc <lpivarc@redhat.com>
2020-09-29 19:17:38 +02:00
Cosmin Cojocar
868556b846
Update README with the correct path to tlsconfig command
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2020-09-03 10:54:08 +02:00
Cosmin Cojocar
13519fda59
Update the tls configuration generate to handle also the NSS alternative names
...
Regenerate the configuration of TLS rule.
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2020-09-03 10:54:08 +02:00
Renovate Bot
e351067255
Update all dependencies
2020-09-01 08:58:31 +02:00
Cosmin Cojocar
166e4f5f45
Update README file with some more details required to run successfully a scan with the docker image
...
The current working directory needs to be specified in the docker run option in order for gosec
to download the dependencies defined in the go module file.
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2020-09-01 08:57:52 +02:00
Cosmin Cojocar
f5cc32a320
Update the Go version to 1.15 in the Makefile
...
This is only used when building locally the docker image.
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2020-09-01 08:57:52 +02:00
Cosmin Cojocar
ea0fa28b7f
Update the Github go action version to 1.6.0
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2020-08-31 10:27:23 +02:00
Cosmin Cojocar
feea8bb243
Fix the action tag
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2020-08-31 10:27:23 +02:00
Cosmin Cojocar
6688a97661
Fix the github action for Go 1.15
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2020-08-31 10:27:23 +02:00
Cosmin Cojocar
7234349e33
Add Go 1.15 to the supported version and phase out the Go 1.12
...
Also updated the release automation to release gosec with use Go 1.15
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2020-08-31 10:27:23 +02:00
Cosmin Cojocar
a3895d5c55
Fix typo in README file
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2020-08-31 10:27:02 +02:00
Jamie Cuthill
17c955519e
Incorrect local installation instructions for v2
2020-08-21 11:23:36 +02:00
Cosmin Cojocar
f13b8bc639
Add also filepath.Rel as a sanitization method for input argument in the G304 rule
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2020-08-19 09:40:07 +02:00
Cosmin Cojocar
047729a84f
Fix the rule G304 to handle the case when the input is cleaned as a variable assignment
...
Signed-off-by: Cosmin Cojocar <ccojocar@cloudbees.com>
2020-08-19 09:40:07 +02:00
ggkitsas
b60ddc21ba
feat: adds support for path.Join and for tar archives in G305
2020-08-03 09:17:45 +02:00
Renovate Bot
673a139e55
Update all dependencies
2020-08-03 09:07:46 +02:00
Cosmin Cojocar
110b62b05f
Add io.CopyBuffer function to rule G110
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2020-07-29 14:25:45 +02:00
Cosmin Cojocar
6bcd89aa6b
Mark all lines of a multi-line finding
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2020-07-07 10:00:15 +02:00
Cosmin Cojocar
4d4e5949c6
Add some comments
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2020-07-07 10:00:15 +02:00
Cosmin Cojocar
d1467ac998
Extend the code snippet included in the issue and refactored how the code snippet is printed
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2020-07-07 10:00:15 +02:00
Cosmin Cojocar
37d1af0af3
Expand the arguments to a list of strings when they are provided as a single string
...
The GitHub action provide the arguments as a single string to the docker container,
so we need to expand them in order for gosec to properly interpret them.
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2020-07-06 19:38:49 +02:00
Renovate Bot
59cbe0071f
Update all dependencies
2020-07-01 09:13:45 +02:00
Cosmin Cojocar
ade81d3873
Rename file for consistency
...
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
2020-06-29 13:52:47 +02:00
evalphobia
03f12f3f5d
Change naming rule from blacklist to blocklist
2020-06-29 13:45:44 +02:00