Commit graph

  • ac4622d395
    Merge pull request #165 from cosmincojocar/fix_gas_warnings Grant Murphy 2018-02-08 11:54:16 +1000
  • a72a21bb2c
    Merge pull request #164 from cosmincojocar/ssh_rule Grant Murphy 2018-02-08 11:52:42 +1000
  • 6cd7a6d7fe Add Fprint, Fprintf, Fprintln to NoErrorCheck whitelist Cosmin Cojocar 2018-02-07 14:13:17 +0100
  • c2c21553a3 Fix some gas warnings Cosmin Cojocar 2018-02-07 14:07:24 +0100
  • a7cdd9cd8d Add ssh package to the build Cosmin Cojocar 2018-02-07 10:10:34 +0100
  • 179c178924 Add some review fixes Cosmin Cojocar 2018-02-07 09:23:52 +0100
  • f1b903f060 Update README Cosmin Cojocar 2018-02-06 16:59:00 +0100
  • d3c3cd6419 Add a rule to detect the usage of ssh InsecureIgnoreHostKey function Cosmin Cojocar 2018-02-06 16:56:26 +0100
  • 8b87505d97
    Merge pull request #163 from wongherlung/fix-junit-failure-text Grant Murphy 2018-02-02 16:07:21 +1000
  • 33fff9514f Excape html string for junit output. Delon Wong Her Laang 2018-02-01 12:30:47 +0800
  • e92170b49a
    Merge pull request #160 from wongherlung/junit-xml-output Grant Murphy 2018-01-30 12:12:30 +1000
  • 862295cb7d Return err instead of panic. Delon Wong Her Laang 2018-01-30 09:54:30 +0800
  • 187a71124e Unused import Grant Murphy 2018-01-30 09:35:35 +1000
  • 485bc31df8 Fix go vet errors in tests Grant Murphy 2018-01-30 09:32:04 +1000
  • f7c31f2439 Using godep not glide for dependency management Grant Murphy 2018-01-30 09:27:55 +1000
  • 846c9ffc7c [Issue 159] Allow loader errors so that processing continues if there's a package loading problem. Jon McClintock 2018-01-29 18:33:48 +0000
  • a2930983a1
    Merge pull request #161 from jonmcclintock/allow-loader-errors Grant Murphy 2018-01-30 09:58:21 +1000
  • 8125622cde
    Merge pull request #162 from gcmurphy/bugfix Grant Murphy 2018-01-30 09:42:24 +1000
  • a97a196160 Unused import Grant Murphy 2018-01-30 09:35:35 +1000
  • 7c7fe752b6 Fix go vet errors in tests Grant Murphy 2018-01-30 09:32:04 +1000
  • b49fef79a5 Using godep not glide for dependency management Grant Murphy 2018-01-30 09:27:55 +1000
  • f111d5de2c [Issue 159] Allow loader errors so that processing continues if there's a package loading problem. Jon McClintock 2018-01-29 18:33:48 +0000
  • 143df04ede Fixed typo. Wong Her Laang 2018-01-27 22:23:07 +0800
  • 5b91afec36 Unexport junit xml structs and some further refactoring. Wong Her Laang 2018-01-27 14:45:04 +0800
  • fdc78c0c47 Changed failure text from json to plaintext. Wong Her Laang 2018-01-27 12:43:08 +0800
  • 4059facfb9 Pretty print xml result for better viewing. Wong Her Laang 2018-01-27 12:25:54 +0800
  • 1346bd37ca Edited README and help text. Wong Her Laang 2018-01-27 12:19:38 +0800
  • 2c1a0b8732 Refactored code. Wong Her Laang 2018-01-27 12:14:35 +0800
  • 7539b3735f Added xml header format. Wong Her Laang 2018-01-27 11:49:58 +0800
  • b8cdc32174 Working version of xml result format. Delon Wong Her Laang 2018-01-26 11:16:49 +0800
  • 07a2eecabe
    Merge pull request #156 from gcmurphy/bugfix Grant Murphy 2018-01-23 10:17:07 +1000
  • 5361949a13 Sending log messages to multiple streams Grant Murphy 2018-01-23 10:02:20 +1000
  • 51b4a4ddc8
    Merge pull request #138 from jonmcclintock/sqli-format-whitelist Grant Murphy 2018-01-23 07:50:52 +1000
  • bc2a61bd17 Merge branch 'sqli-format-whitelist' of github.com:jonmcclintock/gas into sqli-format-whitelist Jon McClintock 2018-01-22 18:56:58 +0000
  • 1ca335016a Rebase to master Jon McClintock 2018-01-22 18:45:07 +0000
  • 8eb9cc02a4 Adjust SQL format-string rules to ignore inherently safe formats Jon McClintock 2017-10-05 16:24:29 +0000
  • a0fc08918b
    Merge pull request #154 from GoASTScanner/issue/153 Grant Murphy 2018-01-11 11:31:50 +1000
  • 806c1d081f
    Add install instructions Grant Murphy 2018-01-11 11:31:08 +1000
  • b0682841bb
    Merge pull request #152 from ashanbrown/one-build Grant Murphy 2018-01-08 09:23:10 +1000
  • 22dc89384d Do a single build for all packages. Andrew S. Brown 2018-01-07 15:02:33 -0800
  • 5c2e03ac57 Merge c39757b63e into 085e0f65af Andrew Shannon Brown 2018-01-07 21:49:18 +0000
  • c39757b63e Cache loaded packages in analyzer. Andrew S. Brown 2018-01-07 12:12:08 -0800
  • 085e0f65af
    Merge pull request #150 from GoASTScanner/experimental Grant Murphy 2018-01-05 23:14:24 +1000
  • aecbc873ef Use explicit packages in call lists Grant Murphy 2018-01-05 23:05:53 +1000
  • 9a2bec1cd0
    Merge pull request #149 from GoASTScanner/experimental Grant Murphy 2018-01-05 22:20:21 +1000
  • b6f85d50da Fix nil pointer dereference in complit types Grant Murphy 2018-01-05 22:19:08 +1000
  • 3520a5ae85
    Merge pull request #146 from GoASTScanner/experimental Grant Murphy 2018-01-05 22:08:59 +1000
  • 867d3009e8 Fix lint issues Grant Murphy 2018-01-05 21:56:42 +1000
  • d452dcb20d Fix ginko invocation Grant Murphy 2018-01-05 21:55:06 +1000
  • 4c49716f0e move utils to separate executable Grant Murphy 2017-12-28 16:55:12 +1000
  • e925d3c347 Migrated old test cases. Grant Murphy 2017-12-28 16:54:10 +1000
  • ebd08048d8 Merge c4fb8cf7c2 into 6de76c9261 Nuruddin Ashr 2017-12-17 14:58:31 +0000
  • c4fb8cf7c2 Add Fprint, Fprintf, Fprintln to NoErrorCheck whitelist Nuruddin Ashr 2017-12-17 21:54:54 +0700
  • 25d74c6b20 address review comments Grant Murphy 2017-12-14 10:04:22 +1000
  • af25ac1f6e fix golint errors picked up by hound-ci Grant Murphy 2017-12-13 22:35:47 +1000
  • cfa432729c fix hound-ci errors Grant Murphy 2017-12-13 17:39:00 +1000
  • 97cde35f32 update travis-ci to use ginkgo tests Grant Murphy 2017-12-13 16:38:15 +1000
  • e3b6fd94c2 update readme to provide info regarding package level scans Grant Murphy 2017-12-13 16:35:54 +1000
  • 02901b98fc actually skip tests until implementation exists Grant Murphy 2017-12-13 16:35:28 +1000
  • d4311c96e2 make it clear that these tests have not been implemented yet Grant Murphy 2017-12-13 16:32:53 +1000
  • 67dc43293c use godep instead of glide Grant Murphy 2017-12-13 16:32:12 +1000
  • 00f74c5290 Merge 23cfb6587a into 6de76c9261 Cosmin Cojocar 2017-10-06 14:15:18 +0000
  • 23cfb6587a Use regular expressions for file exclusions Cosmin Cojocar 2017-10-06 16:03:12 +0200
  • 2b2999b48d Add tests for excludes with comments Jon McClintock 2017-10-05 21:43:54 +0000
  • 37cada13f3 Add support for #excluding specific rules Jon McClintock 2017-10-05 21:32:03 +0000
  • 7dfebaf91e Adjust SQL format-string rules to ignore inherently safe formats Jon McClintock 2017-10-05 16:24:29 +0000
  • 2fb83ccd18 Merge 849abfc86f into 27b2fd9cd3 Adrian Lanzafame 2017-10-04 14:03:28 +0000
  • 27b2fd9cd3 Merge pull request #136 from lanzafame/experimental Grant Murphy 2017-10-05 00:02:19 +1000
  • 6de76c9261 Merge pull request #135 from cosmincojocar/update_mondern_tls_chipers Grant Murphy 2017-10-05 00:01:47 +1000
  • 849abfc86f add issue tests Adrian Lanzafame 2017-10-01 12:25:16 +1000
  • 5a1133682a remove commited binary Adrian Lanzafame 2017-10-01 10:31:51 +1000
  • 9c959ca0a9 Issue.Line is already a string Adrian Lanzafame 2017-10-01 10:31:39 +1000
  • 3caf7c3154 Add test cases Grant Murphy 2017-09-16 10:12:27 +1000
  • c36954f04a Add the CHACHA20 to good ciphers in modern tls check Cosmin Cojocar 2017-08-30 16:00:56 +0200
  • f22c701483 Merge pull request #133 from awiens/master Grant Murphy 2017-08-10 15:37:29 -0400
  • b120a3ec3f Updating Dockerfile with requested changes Amber Wiens 2017-08-09 13:00:19 -0600
  • 5f0f8f89a6 Adding Docker container and changing README Amber Wiens 2017-08-03 11:50:58 -0600
  • 6943f9e5e4 Major rework of codebase Grant Murphy 2017-07-19 15:17:00 -0600
  • f4b705a864 Use glide to manage vendored dependencies Grant Murphy 2017-05-09 21:59:12 -0700
  • 026fe4c534 Simplify analyzer and command line interface Grant Murphy 2017-05-09 21:26:53 -0700
  • 65b18da711 Hack to address circular dependency in rulelist Grant Murphy 2017-05-09 21:26:12 -0700
  • 5160048ba6 Move rule definitions into own file Grant Murphy 2017-05-09 21:24:43 -0700
  • 50bbc53a34 Isolate import tracking functionality Grant Murphy 2017-05-09 21:23:37 -0700
  • bf78d027a9 Restructure and introduce a standalone config Grant Murphy 2017-04-28 14:46:26 -0700
  • cacf21f3c0 Restructure to focus on lib rather than cli Grant Murphy 2017-04-26 08:08:46 -0700
  • 8df48f9769 Fix to reporting to use output formats Grant Murphy 2017-04-25 17:57:12 -0700
  • 9b081744c9 Process via packages instead of files Grant Murphy 2017-04-25 16:01:28 -0700
  • 18293b7a2c Merge 604a0ad449 into 1beec25f77 Cosmin Cojocar 2017-04-12 06:27:00 +0000
  • 1beec25f77 Merge pull request #128 from cosmincojocar/improve_skip Grant Murphy 2017-04-11 12:38:53 -0700
  • e94e23200a Merge pull request #129 from cosmincojocar/big_exp Grant Murphy 2017-04-11 12:36:57 -0700
  • 7dc4638db8 Update the README Cosmin Cojocar 2017-04-10 19:40:27 +0200
  • 5b71c2b05f Add a test for math/big.Int.Exp rule Cosmin Cojocar 2017-04-10 16:10:24 +0200
  • 65b8e74ecd Add a rule for big.Exp function call Cosmin Cojocar 2017-04-10 14:25:48 +0200
  • 3ae2762bb1 Add support for partial path match in the skip option Cosmin Cojocar 2017-04-10 11:18:02 +0200
  • 05738474a1 Merge pull request #125 from mockturtl/patch-1 Grant Murphy 2017-03-29 20:00:40 -0700
  • b74c83e7e7 BindsToAllNetworkInterfaces should check TLS also mockturtl 2017-03-28 13:24:22 -0400
  • 604a0ad449 Format the code by inserting some blank lines Cosmin Cojocar 2017-03-26 10:03:11 +0200
  • 6904ae69e7 Remove fixture file Cosmin Cojocar 2017-03-26 09:46:03 +0200
  • 5e495f6f73 Clean up the files slice before parsing the package Cosmin Cojocar 2017-03-26 09:33:40 +0200
  • d7fefc9cde Fix the package name parsing Cosmin Cojocar 2017-03-22 19:30:08 +0100