Home
Projects
Resources
Alternatives
Blog
Sign In
Gosec Versions
Save
Go security checker
Overview
Versions
Reviews
Resources
v2.19.0
2 months ago
Changelog
26e57d6 Update CI to go version 1.22
e60b8d8 chore(deps): update all dependencies
1285eb7 chore(deps): update all dependencies
cf4ab3e chore(deps): update all dependencies
277553c chore(deps): update all dependencies
57ec76b chore(deps): update all dependencies
8fa46c1 chore(deps): update dependency babel-standalone to v7.23.7
53aa3f7 chore(deps): update module golang.org/x/crypto to v0.17.0 [security]
187adab chore(deps): update all dependencies
e1f27ba chore(deps): update actions/setup-go action to v5
2aad3f0 Fix lint warnings by properly formatting the files
0e2a618 chore: Refactor Sample Code to Separate Files
bc03d1c Update go version to 1.21.5 and 1.20.12 (#1084)
79a6b47 chore(deps): update all dependencies (#1080)
eb256a7 Ignore the issues from generated files when using the analysis framework (#1079)
43b7cbf Update README with upload-sarif v2 (#1078)
fece498 chore(deps): update dependency babel-standalone to v7.23.4
24c614b Added ppc64le support
c736581 chore(deps): update all dependencies
3188e3f Ensure ignores are handled properly for multi-line issues
6d56592 Update Go to version 1.21.4 and 1.20.11
870103b chore(deps): update module golang.org/x/text to v0.14.0
b50e493 chore(deps): update all dependencies
2f9965b Remove the hardcoded GOOS value when building the Linux binary to enable support for container image for ARM
fa1b74d Avoid allocations with
(*regexp.Regexp).MatchString
64bbe90 Fix some typos
d9071e3 Update local installation instructions by removing the details for Go 1.16
5d837bc Update gosec version to 2.18.2 in the action
v2.18.2
6 months ago
Changelog
55d7949 Disable dot-imports in revive linter
4656817 chore(deps): update module github.com/onsi/gomega to v1.28.1
5567ac4 Run the gosec with data race detector active during tests
a239758 Fix data race in the analyzer
c06903a Fix test that checks the overriden nosec directive
bde2619 Clean global state in flgs tests
e108c56 Format the file
e298388 Update README with details which describe the current behaviour of #nosec
d8a6d35 Ensure the ignores are parsed before analysing the package
7846db0 chore(deps): update all dependencies
8e0cf8c Update gosec to version 2.18.1 in the action
6b12a71 Update cosign version to v2.2.0
v2.18.1
6 months ago
Changelog
0ec6cd9 Refactor how ignored issues are tracked
f338a98 Restrict the maximum depth when tracking the slice bounds
7e2d8d3 Handle empty ssa results
074353a Handle gracefully any panic that occurs when building the SSA representation of a package
ec31a3a Fix typo
a11eb28 Handle new function when getting the call info in case is overriden
5b7867d Bump golang.org/x/net from 0.16.0 to 0.17.0 (#1037)
dd08f99 Update to Go 1.21.3 and 1.20.10 (#1035)
616520f Update the list of unsafe functions detected by the unsafe rule (#1033)
3952187 Update the action to use gosec version v2.18.0 (#1029)
2b62dd1 Use a step ID in github release action to get the digest of the image (#1028)
v2.18.0
6 months ago
Changelog
53fc0c3 Update to go version 1.21.2 and 1.20.9 (#1027)
7f7c47f chore(deps): update all dependencies (#1026)
d864a91 Enable gochecknoinits; fix lint issues; use consts for some vars (#1022)
09cf6ef Fix typos in struct fields, comments, and docs (#1023)
665e87b chore(deps): update all dependencies
4def3a4 Fix lint warning
0d332a1 Add a new rule which detects when a file is created with os.Create but the configured permissions are less than 0666
293d887 Fix lint warnings
ac482cb Update ginkgo to latest version
e02e2f6 Redesign and reimplement the slice out of bounds check using SSA code representation
e1278f9 docs: add reMarkable to users list
f6a6496 chore(deps): update all dependencies
aebe20c Drop support for go 1.19.x since go team doesn't ship anymore security fixes for it
7a98537 Update to latest go version
b192f06 chore(deps): update all dependencies (#1011)
6c93653 Fix hardcoded_credentials rule to only match on more specific patterns (#1009)
325eb19 chore(deps): update all dependencies (#1008)
beef125 Exclude maps from slince bounce check rule (#1006)
21d13c9 Ignore struct pointers in G601 (#1003)
85005c4 Update gosec image version to 2.17.0 in the Github action (#1002)
6a2c5e1 Update cosign to version v2.1.1 (#1000)
v2.17.0
8 months ago
Changelog
a89e9d5 Enable go 1.21.0 in the CI build (#998)
4b458c4 chore(deps): update all dependencies (#997)
7d51bfe Update to go version 1.20.7 and 1.19.12 (#993)
fc2f66b chore(deps): update all dependencies (#992)
2cf2f96 chore(deps): update module github.com/onsi/gomega to v1.27.10 (#991)
bf7feda fix: correctly identify infixed concats as potential SQL injections (#987)
2292ed5 chore(deps): update all dependencies (#989)
fc570b6 Add a new flag terse to show only the results and summary (#986)
36f6933 Switch to a maintained fork of zxcvbn module (#984)
ed7b334 Fix dependencies after bot update (#983)
e76ad70 chore(deps): update all dependencies (#982)
3a6fd99 Update to Go version 1.19.11 and 1.20.6 (#981)
ea39309 Fix and tidy the dependencies (#977)
ef8f560 chore(deps): update all dependencies (#976)
17b7d31 Update README file with new rule (#975)
a018cf0 Feature: G602 Slice Bound Checking (#973)
82364a7 chore(deps): update all dependencies (#974)
abeab10 Feature: G101 match variable values and names (#971)
b824c10 Update build script to go version 1.20.5
022584d chore(deps): update all dependencies
bd58600 Recognize struct field in G601
1457921 Remove the depguard from the list of enabled linters
1f68996 Fix typos in comments, vars and tests
e148465 chore(deps): update all dependencies
9120883 Fix no-sec alternative tag (#962)
87cc45e Use image digest instead of tag when signing the released image with cosign (#960)
6df05bd Update gosec image version to 2.16.0 in the Github action (#959)
v2.16.0
11 months ago
Changelog
c5ea1b7 Update cosign to latest version in release Github action (#958)
8632a8c chore(deps): update all dependencies (#956)
ae3c2f7 Update go version in build and release scripts (#957)
970cc29 chore(deps): update all dependencies (#955)
47bfd4e Update Go version to 1.20.3 (#953)
440141a chore(deps): update all dependencies (#952)
7df7baa Fix for Dockerfile smell DL3059 (#951)
2ee3213 README: upgrade GitHub action in examples (#950)
68b5201 enable ginkgolinter linter (#948)
780ebd0 chore(deps): update all dependencies (#947)
d6aeaad correct gci linter (#946)
73f0efc remove deprecated linters
aef69b3 increase timeout to 5m
6bad723 chore(deps): update all dependencies
96bb741 Use the latest version
6a73248 Fix some linting warnings
83fc5e6 Fix lint warning
8e7cf4b Bump the go versions and golanci
e7bfcd1 chore(deps): update all dependencies (#942)
f823a7e Check nil pointer when variable is declared in a different file
cdd3476 fix dead link to issue.go in README.md (#936)
d5a9c73 Remove rule G307 which checks when an error is not handled when a file or socket connection is closed (#935)
27bf0e4 Fix rule index reference into sarif report (#934)
e7b896f Bump golang.org/x/net from 0.6.0 to 0.7.0
4340efa Format file
f850069 Use the gosec issue in the go analysers
b1fd948 Fix file formatting
2071786 Update Go version in CI builds
1915717 Fix method name in the comment
de2c6a3 Extract the issue in its own package
31e6327 Add support for Go analysis framework and SSA code representation
e795d75 chore(deps): update all dependencies (#931)
8aa00db Remove the version form ci github action
392e53c Pin github action to latest release version 2.15.0
ffe254e Revert the image tag in github action until a working solution is found
a0eddfb Fix version interpolation in github action image
d22a7b6 Add gosec version as an input parameter to GitHub action (#927)
2d6b0a5 Update release build script (#924)
v2.15.0
1 year ago
Changelog
a459eb0 Fix dependencies after renovate update
54f56c7 chore(deps): update all dependencies (#922)
df14837 Update to Go 1.20 and fix unit tests (#923)
b4270dd Update Go to latest version (#920)
a624254 Update hardcoded_credentials.go fix: adaper equal expr which const value at left (#917)
9432e67 Fix github latest URL (#918)
e85e1a7 Fix github release url (#916)
7dcb8c7 chore(deps): update module github.com/onsi/ginkgo/v2 to v2.7.0 (#914)
c5d217d Update Go version in CI script (#913)
5874e63 Track back when a file path was sanitized with filepath.Clean (#912)
fd28036 Fix the TLS config rule when parsing the settings from a variable (#911)
a522ae6 Fix build after updating the dependencies (#910)
4cc97ad chore(deps): update all dependencies (#909)
05a7bc5 Fix dependencies after renovate update (#907)
11898d5 chore(deps): update all dependencies (#906)
f9a8bf0 Update slack badge and link (#905)
dabc7dc Auto-detect TLS MinVersion integer base (#903)
c39bcdb Adding s390x support (#902)
e06bbf9 chore(deps): update all dependencies (#904)
f79c584 chore(deps): update all dependencies (#898)
44f484f Additional types for bad defer check (#897)
2fe6c5b chore(deps): update all dependencies (#894)
a0b7ebb chore(deps): update all dependencies (#892)
0acfbb4 Update Go version in CI scripts (#889)
6a964b2 chore(deps): update all dependencies (#888)
a7ad827 Allow to override build date with SOURCE_DATE_EPOCH (#887)
26f0389 chore(deps): update all dependencies (#886)
7f91d85 chore(deps): update all dependencies (#884)
cf63541 fileperms: bitwise permission comparison (#883)
v2.14.0
1 year ago
Changelog
1af1d5b Pin release build to Go version 1.19.2 (#882)
0ae0174 Refactor to support duplicate imports with different aliases (#865)
a2719d3 chore(deps): update all dependencies (#881)
ed38681 go.mod: ginkgo/v2 v2.3.1, golang.org/x/text v0.3.8, update go versions (#880)
8466173 Update Go version to 1.19 in the makefile (#876)
f9ad0d8 chore(deps): update all dependencies (#875)
6cd9e62 Add CWE-676 to cwe mapping (#874)
bb4a1e3 chore(deps): update all dependencies (#872)
7ea37bb Add a way to use private repositories on GitHub (#869)
e244c81 chore(deps): update all dependencies (#868)
e9b2781 Check go version when installing govulncheck
88c23de Check go version when running govulncheck
84f6424 Add vulncheck to the test steps
180fc23 chore(deps): update all dependencies
dfde579 Fix false positives for G404 with aliased packages
aaaf80c chore(deps): update all dependencies
ae58325 chore(deps): update all dependencies
a892be9 fix: add a CWE ID mapping to rule G114
a319b66 chore(deps): update golang.org/x/crypto digest to bc19a97
v2.13.1
1 year ago
Changelog
19fa856 fix: make sure that nil Cwe pointer is handled when getting the CWE ID
62fa4b4 test: remove white spaces from template
074dc71 fix: handle nil CWE pointer in text template
v2.13.0
1 year ago
Changelog
79a5b13 chore(deps): update dependency babel-standalone to v7
97f03d9 chore: update module go to 1.19
0ba05e1 chore: fix lint warnings
d3933f9 chore: add support for Go 1.19
4e68fb5 fix: parsing of the Go version (#844)
0c8e63e Detect use of net/http functions that have no support for setting timeouts (#842)
6a26c23 Refactor SQL rules for better extensibility (#841)
1b0873a chore(deps): update module golang.org/x/tools to v0.1.12 (#840)
845483e Fix lint warning
45bf9a6 Check the suppressed issues when generating the exit code
a5982fb Fix for G402. Check package path instead of package name (#838)
ea6d49d fix G204 bugs (#835)
21fcd2f Phase out support for Go 1.16 since is not supported anymore by Go team (#837)
3cda47a chore(deps): update all dependencies (#836)
0212c83 chore(deps): update dependency highlight.js to v11.6.0 (#830)
9a25f4e fix: filepaths with git anywhere in them being erroneously excluded (#828)
602ced7 Fix wrong location for G109 (#829)
7dd9ddd chore(deps): update golang.org/x/crypto digest to 0559593 (#826)
b0f3e78 fix ReadTimeout for G112 rule
05f3ca8 Pin cosign-installer to
v2
(#824)
« Previous
Next »
Home
Projects
Resources
Alternatives
Blog
Sign In
Sign In to OSA
I agree with
Terms of Service
and
Privacy Policy
Sign In with Github