Commit graph

  • ac482cb87c Update ginkgo to latest version Cosmin Cojocar 2023-09-20 10:11:07 +0200
  • e02e2f6d5b Redesign and reimplement the slice out of bounds check using SSA code representation Cosmin Cojocar 2023-09-20 10:04:32 +0200
  • 5a7c27763a
    Fix lint warnings Cosmin Cojocar 2023-09-20 10:14:33 +0200
  • 273a83260e
    Update ginkgo to latest version Cosmin Cojocar 2023-09-20 10:11:07 +0200
  • bc1b5a15df
    Redesign and reimplement the slice out of bounds check using SSA code representation Cosmin Cojocar 2023-09-20 10:04:32 +0200
  • e1278f9572 docs: add reMarkable to users list Audun Bjørnerud Mo 2023-09-19 15:52:11 +0200
  • 64eb6752e4 docs: add reMarkable to users list Audun Bjørnerud Mo 2023-09-19 15:52:11 +0200
  • f6a64969a3 chore(deps): update all dependencies renovate[bot] 2023-09-18 01:56:22 +0000
  • cab26d8e1e
    chore(deps): update all dependencies renovate[bot] 2023-09-18 01:56:22 +0000
  • aebe20cfba Drop support for go 1.19.x since go team doesn't ship anymore security fixes for it Cosmin Cojocar 2023-09-11 11:19:51 +0200
  • 7a98537c9a Update to latest go version Cosmin Cojocar 2023-09-11 11:01:10 +0200
  • 3bb57b2308
    Drop support for go 1.19.x since go team doesn't ship anymore security fixes for it Cosmin Cojocar 2023-09-11 11:19:51 +0200
  • 09e4601247
    Update to latest go version Cosmin Cojocar 2023-09-11 11:01:10 +0200
  • b192f06cca
    chore(deps): update all dependencies (#1011) renovate[bot] 2023-09-11 10:53:32 +0200
  • 9a9a72a673
    chore(deps): update all dependencies renovate[bot] 2023-09-11 00:40:18 +0000
  • 6c93653a29
    Fix hardcoded_credentials rule to only match on more specific patterns (#1009) Cosmin Cojocar 2023-09-05 18:00:02 +0200
  • 4578111d28
    Fix double escape in regexps Cosmin Cojocar 2023-09-05 17:49:50 +0200
  • 3a2924bdb6
    Fix lint warnings Cosmin Cojocar 2023-09-05 17:38:21 +0200
  • ba03f43406
    Fix hardcoded_credentials rule to only match on more specific patterns Cosmin Cojocar 2023-09-05 17:23:26 +0200
  • 325eb19a54
    chore(deps): update all dependencies (#1008) renovate[bot] 2023-09-04 09:12:42 +0200
  • 5f913600fe
    chore(deps): update all dependencies renovate[bot] 2023-09-02 14:09:08 +0000
  • beef1250a4
    Exclude maps from slince bounce check rule (#1006) Cosmin Cojocar 2023-08-23 17:17:14 +0200
  • 77e2dbb450
    Exclude maps from slince bounce check rule Cosmin Cojocar 2023-08-23 17:08:59 +0200
  • 21d13c9a9b
    Ignore struct pointers in G601 (#1003) Alexander Yastrebov 2023-08-18 17:05:17 +0200
  • 81cf57366a Ignore struct pointers in G601 Alexander Yastrebov 2023-08-18 12:55:03 +0200
  • 85005c43d9
    Update gosec image version to 2.17.0 in the Github action (#1002) Kevin Pita 2023-08-18 10:07:28 +0200
  • bc8ddb3048
    Update gosec image version to 2.17.0 in the Github action kevinpita 2023-08-17 23:53:29 +0200
  • 6a2c5e16a1
    Update cosign to version v2.1.1 (#1000) Cosmin Cojocar 2023-08-17 09:53:01 +0200
  • 2fb61b1a81
    Update cosign to version v2.1.1 Cosmin Cojocar 2023-08-17 09:45:27 +0200
  • a89e9d5a7a
    Enable go 1.21.0 in the CI build (#998) v2.17.0 Cosmin Cojocar 2023-08-14 09:59:18 +0200
  • cdef3fa5fa
    Enable go 1.21.0 in the CI build Cosmin Cojocar 2023-08-14 09:48:15 +0200
  • 4b458c4f59
    chore(deps): update all dependencies (#997) renovate[bot] 2023-08-14 09:36:16 +0200
  • 404fdf20ee
    chore(deps): update all dependencies renovate[bot] 2023-08-14 00:30:22 +0000
  • 7d51bfe004
    Update to go version 1.20.7 and 1.19.12 (#993) Cosmin Cojocar 2023-08-07 10:05:55 +0200
  • bfd7ebc7e1
    Update to go version 1.20.7 and 1.19.12 Cosmin Cojocar 2023-08-07 09:57:47 +0200
  • fc2f66bbbb
    chore(deps): update all dependencies (#992) renovate[bot] 2023-08-07 09:54:19 +0200
  • 43da0a4c4e
    chore(deps): update all dependencies renovate[bot] 2023-08-07 02:19:25 +0000
  • 2cf2f96697
    chore(deps): update module github.com/onsi/gomega to v1.27.10 (#991) renovate[bot] 2023-07-31 10:23:04 +0200
  • d8054e334e
    chore(deps): update module github.com/onsi/gomega to v1.27.10 renovate[bot] 2023-07-31 01:54:08 +0000
  • bf7feda2b9
    fix: correctly identify infixed concats as potential SQL injections (#987) Audun 2023-07-25 17:13:07 +0200
  • 4fc261186f fix(helpers): clean up error handling in recursive string getter Audun Bjørnerud Mo 2023-07-25 12:22:59 +0200
  • 7f6c568073 fixup! fixup! fixup! fix: correctly identify infixed concats as potential SQL injections Audun Bjørnerud Mo 2023-07-25 10:58:37 +0200
  • cfbeaa099b fixup! fixup! fix: correctly identify infixed concats as potential SQL injections Audun Bjørnerud Mo 2023-07-25 10:57:01 +0200
  • 37c92581fd fixup! fix: correctly identify infixed concats as potential SQL injections Audun Bjørnerud Mo 2023-07-24 19:55:39 +0200
  • 8654b273a1 fixup! fix: correctly identify infixed concats as potential SQL injections Audun Bjørnerud Mo 2023-07-24 16:13:05 +0200
  • 2292ed5e91
    chore(deps): update all dependencies (#989) renovate[bot] 2023-07-24 10:01:22 +0200
  • d90d7641b9
    chore(deps): update all dependencies renovate[bot] 2023-07-24 00:51:09 +0000
  • f091a61a80 fixup! fix: correctly identify infixed concats as potential SQL injections Audun Bjørnerud Mo 2023-07-21 17:32:34 +0200
  • 01b40ef9b9 fixup! fixup! fix: correctly identify infixed concats as potential SQL injections Audun Bjørnerud Mo 2023-07-21 17:05:44 +0200
  • 4518383a17 fixup! fix: correctly identify infixed concats as potential SQL injections Audun Bjørnerud Mo 2023-07-21 17:05:24 +0200
  • 918146879f fix: correctly identify infixed concats as potential SQL injections Audun Bjørnerud Mo 2023-07-21 15:03:17 +0200
  • fc570b6f1a
    Add a new flag terse to show only the results and summary (#986) Cosmin Cojocar 2023-07-18 16:21:22 +0200
  • c4c087c53d
    Add a new flag terse to show only the results and summary Cosmin Cojocar 2023-07-18 16:13:03 +0200
  • 36f69332a4
    Switch to a maintained fork of zxcvbn module (#984) Cosmin Cojocar 2023-07-17 12:47:26 +0200
  • 0a706545aa
    Switch to a maintained fork of zxcvbn module Cosmin Cojocar 2023-07-17 12:43:00 +0200
  • ed7b33420e
    Fix dependencies after bot update (#983) Cosmin Cojocar 2023-07-17 10:25:11 +0200
  • 80f73aaae3
    Fix dependencies after bot update Cosmin Cojocar 2023-07-17 10:17:11 +0200
  • e76ad70182
    chore(deps): update all dependencies (#982) renovate[bot] 2023-07-17 10:13:40 +0200
  • d512a868ff
    chore(deps): update all dependencies renovate[bot] 2023-07-17 00:44:43 +0000
  • 3a6fd99e54
    Update to Go version 1.19.11 and 1.20.6 (#981) Cosmin Cojocar 2023-07-13 09:53:11 +0200
  • fa45be2222
    Update to Go version 1.19.11 and 1.20.6 Cosmin Cojocar 2023-07-13 09:45:34 +0200
  • ea39309b36
    Fix and tidy the dependencies (#977) Cosmin Cojocar 2023-07-10 10:52:16 +0200
  • 94496f25b1
    Fix and tidy the dependencies Cosmin Cojocar 2023-07-10 10:44:30 +0200
  • ef8f560d84
    chore(deps): update all dependencies (#976) renovate[bot] 2023-07-10 10:37:30 +0200
  • 87026813fb
    chore(deps): update all dependencies renovate[bot] 2023-07-10 02:16:42 +0000
  • 17b7d31f41
    Update README file with new rule (#975) Cosmin Cojocar 2023-06-21 10:07:27 +0200
  • 1480bcfd98
    Update README file with new rule Cosmin Cojocar 2023-06-21 10:06:13 +0200
  • a018cf0fbb
    Feature: G602 Slice Bound Checking (#973) Morgen Malinoski 2023-06-21 02:56:36 -0500
  • a7356c2bc8
    Updated comments, wrapped error return, addressed other review concerns. Morgen Malinoski 2023-06-20 15:40:06 -0500
  • 6a86b77dce
    Replaced usage of nil in call arg map with dummy callexprs. Morgen Malinoski 2023-06-20 10:48:11 -0500
  • 0f74b06cf7
    Addressed nil cap runtime error. Morgen Malinoski 2023-06-20 07:35:35 -0500
  • 82364a710c
    chore(deps): update all dependencies (#974) renovate[bot] 2023-06-19 09:15:01 +0200
  • 6b2414dd23
    chore(deps): update all dependencies renovate[bot] 2023-06-19 00:56:37 +0000
  • 7a3cc6005a
    Added comment for NewSliceBoundCheck. Morgen Malinoski 2023-06-17 11:33:52 -0500
  • d3b0fa2d6b
    Updated rulelist with CWE mapping. Morgen Malinoski 2023-06-17 11:15:35 -0500
  • 7915743b8d
    Fixed linter errors. Morgen Malinoski 2023-06-17 10:57:26 -0500
  • 3491cdbf42
    Map CallExpr to check bounds when passing to functions. Morgen Malinoski 2023-06-17 03:03:07 -0500
  • 0d54b197e1
    Scope change clears map. Func name used to track slices. Morgen Malinoski 2023-06-16 20:39:08 -0500
  • a968dc3f53
    Store capacities on reslicing. Morgen Malinoski 2023-06-16 19:51:29 -0500
  • af7a2d9051
    Added test for reassigning slice. Morgen Malinoski 2023-06-16 15:44:09 -0500
  • e5f0e104a3
    Added checking slice index. Morgen Malinoski 2023-06-16 15:38:21 -0500
  • b7d3dd7302
    Added slice bounds testing for slice expressions. Morgen Malinoski 2023-06-16 15:14:32 -0500
  • abeab1092d
    Feature: G101 match variable values and names (#971) Morgen Malinoski 2023-06-15 03:18:03 -0500
  • fbaadcb5e2
    Gofmt'ed the test cases. Morgen Malinoski 2023-06-14 11:38:51 -0500
  • bd902b16a4
    Added new regex for Google API Key, GitHub PAT, and GoogleOAuth. Morgen Malinoski 2023-06-14 11:37:33 -0500
  • 3396497b46
    Added better comments. Morgen Malinoski 2023-06-14 10:50:26 -0500
  • 01e2b58e1f
    Flattened code to make it more readable. Morgen Malinoski 2023-06-14 10:06:03 -0500
  • b73a8cf916
    Resolved unhandled error and added more tests. Morgen Malinoski 2023-06-14 09:33:58 -0500
  • edff80d474
    Addressed short-circuit eval for isHighEntropy and non-standard ok variable. Morgen Malinoski 2023-06-14 08:22:13 -0500
  • 387c92c12d
    Added tests and updated regex to be more inclusive. Morgen Malinoski 2023-06-14 07:36:02 -0500
  • 06f66941ce
    Ran gci to fix linter error. Morgen Malinoski 2023-06-14 06:42:59 -0500
  • e6ab81a9b3
    Added patternValue matching for ValueSpec. Morgen Malinoski 2023-06-13 10:19:31 -0500
  • c623e0d48a
    Added matching string literals in equality check. Morgen Malinoski 2023-06-13 09:07:30 -0500
  • 084637b4ce
    G101 now checks LHS of ValueAssignments for patternValue. Morgen Malinoski 2023-06-12 23:08:58 -0500
  • b824c10eb4 Update build script to go version 1.20.5 Cosmin Cojocar 2023-06-07 08:45:53 +0200
  • 19a2e19f00
    Update build script to go version 1.20.5 Cosmin Cojocar 2023-06-07 08:45:53 +0200
  • 022584d770 chore(deps): update all dependencies renovate[bot] 2023-06-05 02:20:18 +0000
  • 6e066b1b86
    chore(deps): update all dependencies renovate[bot] 2023-06-05 02:20:18 +0000
  • bd58600acf Recognize struct field in G601 futuretea 2023-06-02 15:57:40 +0800
  • be2069ad6e Recognize struct field in G601 futuretea 2023-06-02 15:57:40 +0800