Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: Update dependency securego/gosec to v2.21.4 #534

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Sep 4, 2024

This PR contains the following updates:

Package Update Change
securego/gosec minor v2.20.0 -> v2.21.4

Release Notes

securego/gosec (securego/gosec)

v2.21.4

Compare Source

Changelog

v2.21.3

Compare Source

Changelog

v2.21.2

Compare Source

Changelog

v2.21.1

Compare Source

Changelog

v2.21.0

Compare Source

Changelog

  • b278b40 Update cosign version to v2.4.0 in release github workflow (#​1207)
  • eaedce9 Improvement the int conversion overflow logic to handle bound checks (#​1194)
  • ea5b276 fix: G602 support for nested conditionals with bounds check (#​1201)
  • 11d6903 Update go.mod to sue go 1.22.0 toolchain
  • 655527d chore(deps): update all dependencies
  • 0898560 Make variable name more clear
  • ac67231 Make variable names more explicity and reduce duplications
  • e0414c4 Fix formatting
  • c7003fc Refactor to reduce some fuctions and variable names
  • 2401936 Pass the value argument directly since is an interface
  • f5d3128 Added suggested changes
  • a14ca4a Added another test case in order to increase code coverage
  • a6dd589 Removed function parameter which is always the same
  • b4c7469 Formatting problems(CI was not passing)
  • 7f8f654 Updated analyzer to use new way of initialization
  • a26215c Migrated the rule to the analyzers folder
  • 3f6e1e7 Refractored code a little bit
  • 0eb8143 Added new rule G407(hardcoded IV/nonce)
  • 4ae73c8 Fix conversion overflow false positive when using ParseUint
  • c52dc0e Add a build step to measure the scan perfomance
  • bcec04e Fix conversion overflow false positives when they are checked or pre-determined
  • 71e397b Update go.mod
  • aec45b0 chore(deps): update all dependencies
  • ab3f6c1 Fix false positive in conversion overflow check from uint8/int8 type
  • a39ec5a Disable staticcheck SA1019 rule
  • a1b2ab8 Update the golangci linters
  • 8467f01 Add more test to cover more use cases for G115 rule
  • 81cda2f Allow excluding analyzers globally (#​1180)
  • 18135b4 Update to Go 1.23.0 (#​1183)
  • 91c708a chore(deps): update all dependencies (#​1182)
  • 92bac42 Read the AI API key also from an environment variable (#​1181)
  • 56f943b Add support to generate auto fixes using LLM (AI) (#​1177)
  • f33fd4b chore(deps): update all dependencies
  • 55a47f3 chore(deps): update all dependencies
  • a5d9ef6 chore(deps): update all dependencies
  • 6842444 chore(deps): update dependency babel-standalone to v7.24.10
  • 08b94f9 Resolve underlying type to detect overflows in type aliases
  • 4487a0c chore(deps): update dependency babel-standalone to v7.24.8
  • 0076267 Fix multifile ignores
  • 2f1b81b Add -enable-audit cli flag
  • 87fcb9b Update to go 1.22.5 and 1.21.12
  • 466992f chore(deps): update all dependencies
  • 9a4a741 Added more rules
  • 6382394 Fixed coverage workflow
  • 5666ea3 Fixed CI workflow
  • fc0957f Minor changes
  • 58e4fcc Split the G401 rule into two separate ones
  • 2e71f37 Updated G401 corresponding CWE
  • 3edc633 chore(deps): update docker/build-push-action action to v6
  • 2ae137a Update to go versions to 1.21.11 and 1.22.4
  • 30a8a9c chore(deps): update all dependencies
  • ac75d44 Fix nosec when applied to a block
  • ed3f51e Add more types to templates rule
  • c3209fc Map the G115 rule to an CWE ID
  • 45fbb27 chore(deps): update all dependencies
  • 43bef71 Update README with G115 rule description
  • 555fe44 Remove deprecated megacheck linter from golangci
  • 81b076f Format imports
  • f775eb1 Update .gitignore
  • 4bf5667 Add a new rule to detect integer overflow on integer types conversion
  • 5f0084e feat: add env var to override the Go version detection
  • 75dd9d6 Use the proper logic when disabling the go module version
  • 1e1fc91 Update the README with some details related to Go version used by the rules
  • 9a03665 Add an environment varialbe which disables the parsing of Go version from module file
  • b633c4c chore(deps): update module github.com/onsi/ginkgo/v2 to v2.17.3
  • 40f29c8 Update docker image in action to v2.20.0

Configuration

📅 Schedule: Branch creation - "* 0-4,22-23 * * 1-5,* * * * 0,6" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot changed the title chore: Update dependency securego/gosec to v2.21.1 chore: Update dependency securego/gosec to v2.21.2 Sep 9, 2024
@renovate renovate bot force-pushed the renovate_securego-gosec-2.x branch from 215b298 to 1125d48 Compare September 9, 2024 14:06
@renovate renovate bot force-pushed the renovate_securego-gosec-2.x branch from 1125d48 to 9f1f63f Compare September 18, 2024 14:02
@renovate renovate bot changed the title chore: Update dependency securego/gosec to v2.21.2 chore: Update dependency securego/gosec to v2.21.3 Sep 18, 2024
@renovate renovate bot changed the title chore: Update dependency securego/gosec to v2.21.3 chore: Update dependency securego/gosec to v2.21.4 Sep 26, 2024
@renovate renovate bot force-pushed the renovate_securego-gosec-2.x branch from 9f1f63f to d5acd9c Compare September 26, 2024 12:44
@renovate renovate bot force-pushed the renovate_securego-gosec-2.x branch from d5acd9c to 102b99c Compare October 28, 2024 12:26
@renovate renovate bot force-pushed the renovate_securego-gosec-2.x branch from 102b99c to a3cc620 Compare November 4, 2024 11:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant