github securego/gosec v2.21.0
on GitHub

latest releases: v2.21.4, v2.21.3, v2.21.2...
2 months ago

Changelog

  • b278b40 Update cosign version to v2.4.0 in release github workflow (#1207)
  • eaedce9 Improvement the int conversion overflow logic to handle bound checks (#1194)
  • ea5b276 fix: G602 support for nested conditionals with bounds check (#1201)
  • 11d6903 Update go.mod to sue go 1.22.0 toolchain
  • 655527d chore(deps): update all dependencies
  • 0898560 Make variable name more clear
  • ac67231 Make variable names more explicity and reduce duplications
  • e0414c4 Fix formatting
  • c7003fc Refactor to reduce some fuctions and variable names
  • 2401936 Pass the value argument directly since is an interface
  • f5d3128 Added suggested changes
  • a14ca4a Added another test case in order to increase code coverage
  • a6dd589 Removed function parameter which is always the same
  • b4c7469 Formatting problems(CI was not passing)
  • 7f8f654 Updated analyzer to use new way of initialization
  • a26215c Migrated the rule to the analyzers folder
  • 3f6e1e7 Refractored code a little bit
  • 0eb8143 Added new rule G407(hardcoded IV/nonce)
  • 4ae73c8 Fix conversion overflow false positive when using ParseUint
  • c52dc0e Add a build step to measure the scan perfomance
  • bcec04e Fix conversion overflow false positives when they are checked or pre-determined
  • 71e397b Update go.mod
  • aec45b0 chore(deps): update all dependencies
  • ab3f6c1 Fix false positive in conversion overflow check from uint8/int8 type
  • a39ec5a Disable staticcheck SA1019 rule
  • a1b2ab8 Update the golangci linters
  • 8467f01 Add more test to cover more use cases for G115 rule
  • 81cda2f Allow excluding analyzers globally (#1180)
  • 18135b4 Update to Go 1.23.0 (#1183)
  • 91c708a chore(deps): update all dependencies (#1182)
  • 92bac42 Read the AI API key also from an environment variable (#1181)
  • 56f943b Add support to generate auto fixes using LLM (AI) (#1177)
  • f33fd4b chore(deps): update all dependencies
  • 55a47f3 chore(deps): update all dependencies
  • a5d9ef6 chore(deps): update all dependencies
  • 6842444 chore(deps): update dependency babel-standalone to v7.24.10
  • 08b94f9 Resolve underlying type to detect overflows in type aliases
  • 4487a0c chore(deps): update dependency babel-standalone to v7.24.8
  • 0076267 Fix multifile ignores
  • 2f1b81b Add -enable-audit cli flag
  • 87fcb9b Update to go 1.22.5 and 1.21.12
  • 466992f chore(deps): update all dependencies
  • 9a4a741 Added more rules
  • 6382394 Fixed coverage workflow
  • 5666ea3 Fixed CI workflow
  • fc0957f Minor changes
  • 58e4fcc Split the G401 rule into two separate ones
  • 2e71f37 Updated G401 corresponding CWE
  • 3edc633 chore(deps): update docker/build-push-action action to v6
  • 2ae137a Update to go versions to 1.21.11 and 1.22.4
  • 30a8a9c chore(deps): update all dependencies
  • ac75d44 Fix nosec when applied to a block
  • ed3f51e Add more types to templates rule
  • c3209fc Map the G115 rule to an CWE ID
  • 45fbb27 chore(deps): update all dependencies
  • 43bef71 Update README with G115 rule description
  • 555fe44 Remove deprecated megacheck linter from golangci
  • 81b076f Format imports
  • f775eb1 Update .gitignore
  • 4bf5667 Add a new rule to detect integer overflow on integer types conversion
  • 5f0084e feat: add env var to override the Go version detection
  • 75dd9d6 Use the proper logic when disabling the go module version
  • 1e1fc91 Update the README with some details related to Go version used by the rules
  • 9a03665 Add an environment varialbe which disables the parsing of Go version from module file
  • b633c4c chore(deps): update module github.com/onsi/ginkgo/v2 to v2.17.3
  • 40f29c8 Update docker image in action to v2.20.0
Check out latest releases or
releases around securego/gosec v2.21.0

Don't miss a new gosec release

NewReleases is sending notifications on new releases.

Get notifications