actions/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2024-11-06 12:05:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
897 commits 2 branches 41 tags 20 MiB
Commit graph

897 commits

This branch
This branch
All branches
Author SHA1 Message Date
Cosmin Cojocar
30e93bf865 Improve the SQL strings concat rules to handle multiple string concatenation 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-05-27 10:16:56 +02:00
Cosmin Cojocar
68bce94323 Improve the SQL concatenation and string formatting rules to be applied only in the database/sql context 
In addition makes pattern matching used by the rules cases insensitive.
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-05-27 10:16:56 +02:00
Cosmin Cojocar
32be4a5cc6 Make sure all rules are mapped to CWE numbers 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-05-26 08:59:14 +02:00
Grant Murphy
8630c43b66 Add null pointer check in G601 
fixes: #475
 2020-05-21 05:51:45 +02:00
Lukas Aron
1418b856ea ondisk -> onDisk 2020-05-19 11:34:34 +02:00
Lukas Aron
b2cfc5d638 USERS.md type in the title fixed. 2020-05-19 11:34:34 +02:00
Cosmin Cojocar
425b8f9531 Display a sponsor button in the repository 
Enable the funding button in the project following https://help.github.com/en/github/administering-a-repository/displaying-a-sponsor-button-in-your-repository
 2020-05-14 09:33:18 +02:00
Cosmin Cojocar
0714a1e62a Update the users file with some more projects and companies 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-05-12 08:51:13 +02:00
Cosmin Cojocar
1b915ddad7 Set up a gosec's users list 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-05-12 08:51:13 +02:00
Vitaly Velikodny
668512fc5c Update bad_defer.go 
Fix a mistake in the message:
> G307: Deferring unsafe method "*os.File" on type "Close" (gosec)

type and method changed
 2020-05-06 16:23:04 +02:00
Caccavale
ee3146e637 Rule which detects aliasing of values in RangeStmt 2020-04-24 07:46:25 -07:00
Cosmin Cojocar
8662624e28 Update the build badge to ge the status from GitHub workflow 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-04-20 03:20:30 -07:00
Cosmin Cojocar
a5db4e1f04 Run mod tidy to clean up the dependencies 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-04-20 03:08:39 -07:00
Cosmin Cojocar
fb44007c6e Enhance the hardcoded credentials rule to check the equality and non-equality of strings 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-04-20 03:08:39 -07:00
Cosmin Cojocar
a2a40de847 Update the README with an example to configure the hard-coded credentials rule 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-04-15 07:21:19 -07:00
Cosmin Cojocar
802292c54f Fix the configuration parsing for hardcoded credentials 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-04-15 07:21:19 -07:00
Cosmin Cojocar
c58f3563d3 Set the default color on only for text format 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-04-14 09:33:44 -07:00
Cosmin Cojocar
1a113d6da9 Turn the color always on when the text format is set 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-04-14 02:21:37 -07:00
Cosmin Cojocar
c4417de46d Use the latest color package to get the color working with tmux 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-04-14 02:21:37 -07:00
Marco Antônio Singer
656691b387
feature(formatter/text): Add color option on text format (#460) 
* feature(issue): Add function to return file path and line number

* docs(formatter/CreateReport): Update formats accepted

* feature(formatter): Add color output for text format

Basic color support for text format. For now, only the "Summary" title
and "Issues" section has color

* feature(formatter): Highlight issues based on severity

Given an issue, the file path is painted based on its severity.
We're using the following rules: high is red, medium is yellow and
low is simple black & white

* feature(main): Add color flag

It's only valid for text format

* refactor(formatter): Passing color flag forward
 2020-04-14 09:50:02 +02:00
Cosmin Cojocar
51e4317f09 Automate the release process using a GitHub workflow 
The release will trigger when a new tag is pushed.

Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-04-14 00:41:56 -07:00
Cosmin Cojocar
341059e11a Update the GitHub action name to be more desriptive 2020-04-08 09:40:50 +02:00
Cosmin Cojocar
3b6c3f13f1 Update README with some instruction how to run gosec as a GitHub action 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-04-08 00:39:01 -07:00
Cosmin Cojocar
08202fee80 Add a GitHub action to run gosec 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-04-08 00:39:01 -07:00
Cosmin Cojocar
c6e10af40f Handle properly the gosec module version v2 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-04-06 09:06:23 -07:00
Renovate Bot
e946c8c399 Update all dependencies 2020-04-01 01:20:31 -07:00
Cosmin Cojocar
e030aa4f76 Remove the go 1.14 version from github action 
It seems to fail when starting the action.

Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-03-30 13:20:59 +02:00
Cosmin Cojocar
ee176ff8fc Fix the job names in the Github workflow 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-03-30 13:16:53 +02:00
Cosmin Cojocar
cabccc75ef Add to GitHub workflow some jobs for go1.13 and go1.12 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-03-30 13:15:21 +02:00
Cosmin Cojocar
a111777041 Change the GitHub workflow to use only the latest Go version 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-03-30 13:06:29 +02:00
Cosmin Cojocar
722acb64cb Change the GitHub workflow to run the builds only on ubuntu-latest platform 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-03-30 12:59:02 +02:00
Cosmin Cojocar
5284f34b6f Change the GitHub workflow to use an action which install Go using a Go version from the matrix 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-03-30 12:52:42 +02:00
Cosmin Cojocar
8de5fb6eb2 Migrate the build to GitHub Actions 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-03-30 03:32:24 -07:00
Cosmin Cojocar
7da9f46445 Fix the call list info to handle selector expressions 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-03-16 09:44:57 +01:00
Cosmin Cojocar
cf2590442c Fix the subproc rule to handle correctly the CommandContext check 
In this case, we need to skip the first argument because it is the context.

Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-03-13 13:25:35 +01:00
Cosmin Cojocar
f97f86103c Update the subproc rule to detect the syscall.ForkExec and syscall.StartProces calls 
Also add the corresponding tests for this.

Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-03-13 13:25:35 +01:00
Tomas Kral
c998389da2
re-generate install.sh with latest godownloader (#446) 2020-03-02 14:48:48 +01:00
Sam Caccavale
7525fe4bb7
Rule for defering methods which return errors (#441) 2020-03-01 21:45:37 +01:00
renovate[bot]
a2ac0bf32b
Update all dependencies (#445) 
Co-authored-by: WhiteSource Renovate <renovatebot@gmail.com>
 2020-03-01 21:44:28 +01:00
Sam Caccavale
a305f10eb9
Fileperms (#442) 2020-02-28 12:48:18 +01:00
Lars Lehtonen
00363edac5
remove support for go 1.11 (#444) 2020-02-28 12:47:01 +01:00
Renovate Bot
d13bb6d242 Update all dependencies 2020-02-03 10:45:20 +01:00
Cosmin Cojocar
17df5b3702 Fix typos 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-01-29 09:41:46 +01:00
Cosmin Cojocar
3e069e7756 Fix the errors rule whitelist to work on types methods 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-01-29 09:41:46 +01:00
Hiroki Suezawa
459e2d3e91 Modify rule for integer overflow to have more acurate results (#434) 
Signed-off-by: Hiroki Suezawa <suezawa@gmail.com>
 2020-01-21 10:13:11 +01:00
Hiroki Suezawa
a4d7b3628b Add G110(Potential DoS vulnerability via decompression bomb) 
Signed-off-by: Hiroki Suezawa <suezawa@gmail.com>
 2020-01-20 10:37:56 +01:00
Cosmin Cojocar
3d5c97b418 Add a test sample for Cgo files 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-01-16 09:06:23 +01:00
Cosmin Cojocar
81e8278164 Add the Cgo files to the analysed files and ingonre all non-Go files 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-01-16 09:06:23 +01:00
Cosmin Cojocar
a1969e208c
Handle all errors in the formatter tests (#431) 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
 2020-01-16 09:05:38 +01:00
Hiroki Suezawa
9cb83e10af Add a rule which detects when there is potential integer overflow (#422) 
* Add G109(Potential Integer OverFlow Detection)

Signed-off-by: Hiroki Suezawa <suezawa@gmail.com>

* add CWE to G109(Potential Integer Overflow)

Signed-off-by: Hiroki Suezawa <suezawa@gmail.com>

* Modify G109 to use gosec.Context

Signed-off-by: Hiroki Suezawa <suezawa@gmail.com>
 2020-01-06 09:55:52 +01:00