Commit graph

  • 77304046be Change a little the format Martin Vrachev 2019-02-25 17:02:59 +0200
  • 9b01bbe517 Add comment for the map Martin Vrachev 2019-02-25 15:11:16 +0200
  • d92962cca3 Report for Golang errors Martin Vrachev 2019-02-25 14:13:56 +0200
  • 9cdfec40ca Change test Martin Vrachev 2019-02-13 10:52:12 +0200
  • 8048b15efa Add more badges in the README file Cosmin Cojocar 2019-02-13 11:27:11 +0100
  • 33b128c4dd Add more badges in the README file Cosmin Cojocar 2019-02-13 11:27:11 +0100
  • ed6c581c35 Change test Martin Vrachev 2019-02-13 10:52:12 +0200
  • e2752bc191 revert to default GOPATH if necessary (#279) Joaquin L. Pereyra 2019-02-06 20:34:52 -0300
  • 160cbe0715 fix fmt joaquinlpereyra-ml 2019-02-06 12:01:11 -0300
  • 0e29bd718b revert to default GOPATH if necessary joaquinlpereyra-ml 2019-02-05 14:04:09 -0300
  • 04ce7baf6c add a no-fail flag JulesDT 2019-01-25 12:04:43 -0500
  • 5da2ea6d1d add a no-fail flag JulesDT 2019-01-25 12:04:43 -0500
  • a966ff760c Fix -conf example in README.md Joaquin L. Pereyra 2019-01-22 11:25:14 -0300
  • da73684986
    Fix -conf example in README.md Joaquin L. Pereyra 2019-01-22 11:25:14 -0300
  • b6626154df Fix typo Cosmin Cojocar 2019-01-14 12:45:02 +0100
  • 5d33e6ebe1 Update the README with some details about the configuration file Cosmin Cojocar 2019-01-14 12:43:12 +0100
  • c615ba9622 Fix typo Cosmin Cojocar 2019-01-14 12:45:02 +0100
  • a372c31c36 Update the README with some details about the configuration file Cosmin Cojocar 2019-01-14 12:43:12 +0100
  • f87af5fa72 Detect the unhandled errors even though they are explicitly ignored if the 'audit: enabled' setting is defined in the global configuration (#274) Cosmin Cojocar 2019-01-14 12:37:40 +0100
  • 6a578a7f96 Detect in audit mode the unhandled errors even thought they are explicitly ignored Cosmin Cojocar 2019-01-14 12:19:12 +0100
  • ec4692360b Define more explicit the global options in the configuration Cosmin Cojocar 2019-01-14 11:47:15 +0100
  • 14ed63d558 Do not flag the unhandled errors which are explicitly ignored Cosmin Cojocar 2019-01-14 09:50:19 +0100
  • a0d0e17240 Do not flag the unhandled errors which are explicitly ignored Cosmin Cojocar 2019-01-14 09:50:19 +0100
  • 12400f9a1c Update README with the code coverage batch Cosmin Cojocar 2018-12-11 18:15:58 +0100
  • 72e95e88ac Geneate and upload the test coverage report to codecove.io Cosmin Cojocar 2018-12-11 17:08:31 +0100
  • 24e3094d2a Extend the bind rule to handle the case when the net.Listen address in provided from a const Cosmin Cojocar 2018-12-02 16:28:51 +0100
  • 9b32fcac16 Fix the bind rule to handle the case when the arguments of the net.Listen are returned by a function call Cosmin Cojocar 2018-12-02 15:37:42 +0100
  • f14f17fb1d Add a helper function which extracts the string parameters values of a call expression Cosmin Cojocar 2018-12-02 15:36:02 +0100
  • b55084df1f Extend the bind rule to handle the case when the net.Listen address in provided from a const Cosmin Cojocar 2018-12-02 16:28:51 +0100
  • 4f346fdf93 Fix the bind rule to handle the case when the arguments of the net.Listen are returned by a function call Cosmin Cojocar 2018-12-02 15:37:42 +0100
  • 2205192057 Add a helper function which extracts the string parameters values of a call expression Cosmin Cojocar 2018-12-02 15:36:02 +0100
  • 2695567487 Build the code sample for string builder only fron Go 1.10 onwards 1.2.0 Cosmin Cojocar 2018-11-11 09:41:40 +0100
  • ae82798b9c Fix the WriteSring test by handling the error Cosmin Cojocar 2018-11-10 16:39:44 +0100
  • adb42220da whitelist strings.Builder method in rule G104 Edoardo Tenani 2018-10-18 01:14:25 +0200
  • 9b966a447e add test case for strings.Builder G104 whitelist inclusion Edoardo Tenani 2018-10-18 01:13:56 +0200
  • e99dc5eb8d Build the code sample for string builder only fron Go 1.10 onwards Cosmin Cojocar 2018-11-11 09:41:40 +0100
  • a5da2c79d1 Fix the WriteSring test by handling the error Cosmin Cojocar 2018-11-10 16:39:44 +0100
  • d82b356399 whitelist strings.Builder method in rule G104 Edoardo Tenani 2018-10-18 01:14:25 +0200
  • 8de2bd8815 add test case for strings.Builder G104 whitelist inclusion Edoardo Tenani 2018-10-18 01:13:56 +0200
  • 41809946d4 Make G201 ignore CallExpr with no args (#262) Yuki Ito 2018-11-05 17:28:47 +0900
  • 443f84fd4d Fix golint link (#263) Yuki Ito 2018-11-05 17:13:26 +0900
  • 4d607498c0 Fix golint link Yuki Ito 2018-11-05 02:12:39 +0900
  • 901e7e31db Make G201 ignore CallExpr with no args Yuki Ito 2018-11-05 01:34:46 +0900
  • 3116b07de4 Fix typos in comments and rulelist (#256) Oleksandr Redko 2018-10-11 15:45:31 +0300
  • 9093cc4a77 Fix typos in comments and rulelist Oleksandr Redko 2018-10-11 15:28:39 +0300
  • e0a150bfa3
    Merge pull request #254 from kishaningithub/253 Cosmin Cojocar 2018-10-05 13:12:28 +0200
  • 97bc137c5b Add CI Installation steps and correct markdown lint errors Kishan B 2018-10-05 15:27:14 +0530
  • 8c09a83248 Add install.sh script Kishan B 2018-10-05 15:26:13 +0530
  • d032909e3f
    Merge pull request #251 from NeverOddOrEven/fix-html-template Cosmin Cojocar 2018-10-04 09:39:56 +0200
  • 027dc2b8a7 This fixes the html template when using '-fmt=html' - resolves HTML escaping issues within the template - resolves reference issues to reportInfo struct i.e. issues -> Issues, metrics -> Stats NeverOddOrEven 2018-10-03 13:17:25 -0500
  • f9b41874b1
    Merge pull request #249 from andrewhsu/go Cosmin Cojocar 2018-10-03 08:35:47 +0200
  • 1ecd47e007 bump Dockerfile golang from 1.10 to 1.11 Andrew Hsu 2018-10-03 00:28:39 +0000
  • 2cc6838ca3
    Merge pull request #248 from ccojocar/code-samples-multiple-files Cosmin Cojocar 2018-09-28 11:52:04 +0300
  • 64d58c2e51 Refactor the test code sample to support multiple files per sample Cosmin Cojocar 2018-09-28 11:42:25 +0300
  • d3f1980e7a Fix false positives for SQL string concatenation with constants from another file (#247) Delon Wong Her Laang 2018-09-28 15:46:59 +0800
  • bd870b91b5 Resolve merge conflict changes. Delon Wong Her Laang 2018-09-28 12:32:45 +0800
  • 6970dac5ec
    Merge branch 'master' into sql-string-concatenation Delon Wong Her Laang 2018-09-28 11:23:45 +0800
  • 04e1c2af68 Allow for supporting code for test cases. Delon Wong Her Laang 2018-09-28 11:15:25 +0800
  • 13e2cbfd87 Changed checking to not var or func. Delon Wong Her Laang 2018-09-26 21:36:00 +0800
  • 8dc54e5772 Refactor code and added comments. Delon Wong Her Laang 2018-09-26 21:10:11 +0800
  • 3cd750d1ec Go through all files in package to resolve that identifier Delon Wong Her Laang 2018-09-26 18:01:14 +0800
  • 5f98926a7b Refactor Dockerfile (#245) Andrew Hsu 2018-09-25 22:09:20 -0700
  • b24e3ef56b fix the image execution example in README.md Andrew Hsu 2018-09-25 04:03:40 +0000
  • 74bad7b572 Fix typo in comment. Delon Wong Her Laang 2018-09-25 19:51:28 +0800
  • 35bbb9702e Allow for SQL concatenation of nodes that resolve to literals Delon Wong Her Laang 2018-09-25 19:51:18 +0800
  • 7f6509a916
    Update README.md (#246) Grant Murphy 2018-09-25 19:44:53 +1000
  • 850e5f047a
    Update README.md Grant Murphy 2018-09-25 19:31:30 +1000
  • 762ff3a709 Allow quoted strings to be used to format SQL queries (#240) Dale Hui 2018-09-25 00:40:05 -0700
  • f859701019 refactor Dockerfile into multi-stage Andrew Hsu 2018-09-25 03:54:39 +0000
  • 2c7e0a4e01 replace docker-entrypoint.sh with the gosec binary Andrew Hsu 2018-09-25 02:40:07 +0000
  • d12f53c443 bump Dockerfile golang to 1.10.4 Andrew Hsu 2018-09-25 01:45:28 +0000
  • a81f33848d no need for GOROOT in Dockerfile Andrew Hsu 2018-09-25 01:43:51 +0000
  • 291a6e7adf no need for GOPATH in the Dockerfile Andrew Hsu 2018-09-25 01:41:02 +0000
  • e1c54951ff git ignore gosec binary Andrew Hsu 2018-09-25 02:43:31 +0000
  • b193fc69ec ignore the temporary image file used for builds Andrew Hsu 2018-09-25 01:40:22 +0000
  • aae944e2d1 Install the pq package for tests to pass Dale Hui 2018-09-10 02:27:18 -0700
  • 09dec36b57 Add test for allowing quoted strings with string formatters Dale Hui 2018-09-10 02:09:25 -0700
  • ec32ce68d8 Support Go 1.11 (#239) Dale Hui 2018-09-10 00:09:12 -0700
  • 049746dff3 Quoted strings are safe to use with SQL str formatted strings Dale Hui 2018-09-09 18:31:25 -0700
  • 7771419f85 Factor out matching of formatter string Dale Hui 2018-09-09 18:29:53 -0700
  • 8e8e1531e1 Support stripping vendor paths when matching calls Dale Hui 2018-09-09 18:25:52 -0700
  • d939773903 Support Go 1.11 and modules Dale Hui 2018-09-09 16:40:23 -0700
  • ca66c17c41 Test with the latest minor version of each major Go version Dale Hui 2018-09-09 18:35:51 -0700
  • 145f1a0bf4 Removed wrapping feature (#238) cschoenduve-splunk 2018-09-04 09:08:37 -0700
  • 821f7437bc Removed wrapping feature Conner Schoenduve 2018-09-04 08:44:37 -0700
  • 419c9292c8 G107 - SSRF (#236) cschoenduve-splunk 2018-09-03 23:55:03 -0700
  • 1d0e061523 Removed resty test Conner Schoenduve 2018-09-03 14:59:43 -0700
  • 63b25c147f Fix typo in README (#235) Dom Udall 改善 2018-09-03 08:39:31 +0100
  • 1c74651f17 Fixed Spacingv2 Conner Schoenduve 2018-08-31 16:50:10 -0700
  • be77c083ce Fixed spacing issues Conner Schoenduve 2018-08-31 16:42:31 -0700
  • 462e36ec6f Added source code tests Conner Schoenduve 2018-08-31 16:26:12 -0700
  • 43b5445e37 Added Selector evaluation Conner Schoenduve 2018-08-31 10:39:54 -0700
  • 40bbcbe519
    Fix typo in README Dom Udall 改善 2018-08-30 12:53:42 +0100
  • 8bad224bfe Initial SSRF Rule Conner Schoenduve 2018-08-29 17:08:52 -0700
  • 9d1a988a23
    Merge 3f4f11a2f9 into 7fd94463ed coredefend 2018-08-29 16:07:54 +0000
  • 7fd94463ed update to G304 which adds binary expressions and file joining (#233) cschoenduve-splunk 2018-08-27 21:34:07 -0700
  • 72bbadb305 fixed a spacing change Conner Schoenduve 2018-08-27 11:02:53 -0700
  • 226a2e2504 Added test code Conner Schoenduve 2018-08-27 10:30:55 -0700
  • 7da5875ebc fixed comments Conner Schoenduve 2018-08-25 15:44:44 -0700
  • 3065ca3ded removed debugging lines Conner Schoenduve 2018-08-25 15:42:58 -0700