actions/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2024-11-06 12:05:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
1060 commits 2 branches 41 tags 20 MiB
Commit graph

1060 commits

This branch
This branch
All branches
Author SHA1 Message Date
Cosmin Cojocar
d4ebb032a9 Sort the issues by severity in descending order before creating the report 2018-02-08 12:12:22 +01:00
Grant Murphy
6b28d5c0e6
Merge pull request #166 from cosmincojocar/fprint_whitelist 
Add Fprint, Fprintf, Fprintln to NoErrorCheck whitelist
 2018-02-08 11:54:44 +10:00
Grant Murphy
ac4622d395
Merge pull request #165 from cosmincojocar/fix_gas_warnings 
Fix some gas warnings
 2018-02-08 11:54:16 +10:00
Grant Murphy
a72a21bb2c
Merge pull request #164 from cosmincojocar/ssh_rule 
Add a rule to audit the usage of ssh.InsecureIgnoreHostKey
 2018-02-08 11:52:42 +10:00
Cosmin Cojocar
6cd7a6d7fe Add Fprint, Fprintf, Fprintln to NoErrorCheck whitelist 2018-02-07 14:13:17 +01:00
Cosmin Cojocar
c2c21553a3 Fix some gas warnings 2018-02-07 14:07:24 +01:00
Cosmin Cojocar
a7cdd9cd8d Add ssh package to the build 
The ssh package is not part of the standard library in go 1.5.
 2018-02-07 10:10:34 +01:00
Cosmin Cojocar
179c178924 Add some review fixes 2018-02-07 09:23:52 +01:00
Cosmin Cojocar
f1b903f060 Update README 2018-02-06 16:59:00 +01:00
Cosmin Cojocar
d3c3cd6419 Add a rule to detect the usage of ssh InsecureIgnoreHostKey function 2018-02-06 16:56:26 +01:00
Grant Murphy
8b87505d97
Merge pull request #163 from wongherlung/fix-junit-failure-text 
Escape html string for JUnit output
 2018-02-02 16:07:21 +10:00
Delon Wong Her Laang
33fff9514f Excape html string for junit output. 2018-02-01 12:30:47 +08:00
Grant Murphy
e92170b49a
Merge pull request #160 from wongherlung/junit-xml-output 
JUnit XML output
 2018-01-30 12:12:30 +10:00
Delon Wong Her Laang
862295cb7d Return err instead of panic. 2018-01-30 09:54:30 +08:00
Grant Murphy
187a71124e Unused import 2018-01-30 00:55:35 +00:00
Grant Murphy
485bc31df8 Fix go vet errors in tests 2018-01-30 00:55:35 +00:00
Grant Murphy
f7c31f2439 Using godep not glide for dependency management 2018-01-30 00:55:35 +00:00
Jon McClintock
846c9ffc7c [Issue 159] Allow loader errors so that processing continues if there's a package loading problem. 2018-01-30 00:55:35 +00:00
Grant Murphy
a2930983a1
Merge pull request #161 from jonmcclintock/allow-loader-errors 
[Issue 159] Allow loader errors so that processing continues
 2018-01-30 09:58:21 +10:00
Grant Murphy
8125622cde
Merge pull request #162 from gcmurphy/bugfix 
Cleanup vet failures and unused files
 2018-01-30 09:42:24 +10:00
Grant Murphy
a97a196160 Unused import 2018-01-30 09:35:35 +10:00
Grant Murphy
7c7fe752b6 Fix go vet errors in tests 2018-01-30 09:32:04 +10:00
Grant Murphy
b49fef79a5 Using godep not glide for dependency management 2018-01-30 09:27:55 +10:00
Jon McClintock
f111d5de2c [Issue 159] Allow loader errors so that processing continues if there's a package loading problem. 2018-01-29 18:33:48 +00:00
Wong Her Laang
143df04ede Fixed typo. 2018-01-27 22:23:07 +08:00
Wong Her Laang
5b91afec36 Unexport junit xml structs and some further refactoring. 2018-01-27 14:45:04 +08:00
Wong Her Laang
fdc78c0c47 Changed failure text from json to plaintext. 2018-01-27 12:43:08 +08:00
Wong Her Laang
4059facfb9 Pretty print xml result for better viewing. 2018-01-27 12:25:54 +08:00
Wong Her Laang
1346bd37ca Edited README and help text. 2018-01-27 12:19:38 +08:00
Wong Her Laang
2c1a0b8732 Refactored code. 2018-01-27 12:14:35 +08:00
Wong Her Laang
7539b3735f Added xml header format. 2018-01-27 11:49:58 +08:00
Delon Wong Her Laang
b8cdc32174 Working version of xml result format. 2018-01-26 11:16:49 +08:00
Grant Murphy
07a2eecabe
Merge pull request #156 from gcmurphy/bugfix 
Sending log messages to multiple streams
 2018-01-23 10:17:07 +10:00
Grant Murphy
5361949a13 Sending log messages to multiple streams 
Use the configured logger for all log messages.
 2018-01-23 10:02:20 +10:00
Grant Murphy
51b4a4ddc8
Merge pull request #138 from jonmcclintock/sqli-format-whitelist 
Adjust SQL format-string rules to ignore inherently safe formats
 2018-01-23 07:50:52 +10:00
Jon McClintock
bc2a61bd17 Merge branch 'sqli-format-whitelist' of github.com:jonmcclintock/gas into sqli-format-whitelist 2018-01-22 18:56:58 +00:00
Jon McClintock
1ca335016a Rebase to master 2018-01-22 18:45:07 +00:00
Jon McClintock
8eb9cc02a4 Adjust SQL format-string rules to ignore inherently safe formats 2018-01-22 18:34:57 +00:00
Grant Murphy
a0fc08918b
Merge pull request #154 from GoASTScanner/issue/153 
Add install instructions
 2018-01-11 11:31:50 +10:00
Grant Murphy
806c1d081f
Add install instructions 
Closes 153
 2018-01-11 11:31:08 +10:00
Grant Murphy
b0682841bb
Merge pull request #152 from ashanbrown/one-build 
Do a single build for all packages
 2018-01-08 09:23:10 +10:00
Andrew S. Brown
22dc89384d Do a single build for all packages. 
This is much faster because the loader can reuse packages.
 2018-01-07 15:02:33 -08:00
Grant Murphy
085e0f65af
Merge pull request #150 from GoASTScanner/experimental 
Use explicit packages in call lists
 2018-01-05 23:14:24 +10:00
Grant Murphy
aecbc873ef Use explicit packages in call lists 
By allowing partial matches of selectors there are chances of collisions
such as those in issue #145, this removes it to expect explicit packages
for each rule.

Closes #145
 2018-01-05 23:05:53 +10:00
Grant Murphy
9a2bec1cd0
Merge pull request #149 from GoASTScanner/experimental 
Fix nil pointer dereference in complit types
 2018-01-05 22:20:21 +10:00
Grant Murphy
b6f85d50da Fix nil pointer dereference in complit types 2018-01-05 22:19:08 +10:00
Grant Murphy
3520a5ae85
Merge pull request #146 from GoASTScanner/experimental 
Merge experimental / refactor
 2018-01-05 22:08:59 +10:00
Grant Murphy
867d3009e8 Fix lint issues 2018-01-05 21:56:42 +10:00
Grant Murphy
d452dcb20d Fix ginko invocation 
The tests are running extremely slow at the moment, and these extra
options add to the problem.
 2018-01-05 21:55:06 +10:00
Grant Murphy
4c49716f0e move utils to separate executable 2017-12-28 16:55:12 +10:00