SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for gosec-2.15.0-bp155.1.7.x86_64.rpm :

* Mon Feb 06 2023 Felix Niederwanger
* Update to version 2.15.0- Fix dependencies after renovate update- chore(deps): update all dependencies (#922)- Update to Go 1.20 and fix unit tests (#923)- Update Go to latest version (#920)- Update hardcoded_credentials.go fix: adaper equal expr which const value at left (#917)- Fix github latest URL (#918)- Fix github release url (#916)- chore(deps): update module github.com/onsi/ginkgo/v2 to v2.7.0 (#914)- Update Go version in CI script (#913)- Track back when a file path was sanitized with filepath.Clean (#912)- Fix the TLS config rule when parsing the settings from a variable (#911)- Fix build after updating the dependencies (#910)- chore(deps): update all dependencies (#909)- Fix dependencies after renovate update (#907)- chore(deps): update all dependencies (#906)- Update slack badge and link (#905)- Auto-detect TLS MinVersion integer base (#903)- Adding s390x support (#902)- chore(deps): update all dependencies (#904)- chore(deps): update all dependencies (#898)- Additional types for bad defer check (#897)- chore(deps): update all dependencies (#894)- chore(deps): update all dependencies (#892)- Update Go version in CI scripts (#889)- chore(deps): update all dependencies (#888)- Allow to override build date with SOURCE_DATE_EPOCH (#887)- chore(deps): update all dependencies (#886)- chore(deps): update all dependencies (#884)- fileperms: bitwise permission comparison (#883)
* Mon Dec 12 2022 Felix Niederwanger - Switch OBS source service from tar_scm to obs_scm.
* Embed version info with go build arg GIT_TAG=\"v%{version}\"
* _service obs_scm switch from tar_scm
* _service obs_scm switch param revision (branch) to version (tag)
* _service tar set to buildtime
* _service recompress set to buildtime
* _service recompress change tar compression from gz to xz
* Mon Oct 17 2022 Felix Niederwanger
* Update to versin 2.14.0- Pin release build to Go version 1.19.2 (#882)- Refactor to support duplicate imports with different aliases (#865)- chore(deps): update all dependencies (#881)- go.mod: ginkgo/v2 v2.3.1, golang.org/x/text v0.3.8, update go versions (#880)- Update Go version to 1.19 in the makefile (#876)- chore(deps): update all dependencies (#875)- Add CWE-676 to cwe mapping (#874)- chore(deps): update all dependencies (#872)- Add a way to use private repositories on GitHub (#869)- chore(deps): update all dependencies (#868)- Check go version when installing govulncheck- Check go version when running govulncheck- Add vulncheck to the test steps- chore(deps): update all dependencies- Fix false positives for G404 with aliased packages- chore(deps): update all dependencies- chore(deps): update all dependencies- fix: add a CWE ID mapping to rule G114- chore(deps): update golang.org/x/crypto digest to bc19a97
* Mon Aug 22 2022 Felix Niederwanger
* Update to version 2.13.1- fix: make sure that nil Cwe pointer is handled when getting the CWE ID- test: remove white spaces from template- fix: handle nil CWE pointer in text template
* Update to version 2.13.0- chore(deps): update dependency babel-standalone to v7- chore: update module go to 1.19- chore: fix lint warnings- chore: add support for Go 1.19- fix: parsing of the Go version (#844)- Detect use of net/http functions that have no support for setting timeouts (#842)- Refactor SQL rules for better extensibility (#841)- chore(deps): update module golang.org/x/tools to v0.1.12 (#840)- Fix lint warning- Check the suppressed issues when generating the exit code- Fix for G402. Check package path instead of package name (#838)- fix G204 bugs (#835)- Phase out support for Go 1.16 since is not supported anymore by Go team (#837)- chore(deps): update all dependencies (#836)- chore(deps): update dependency highlight.js to v11.6.0 (#830)- fix: filepaths with git anywhere in them being erroneously excluded (#828)- Fix wrong location for G109 (#829)- chore(deps): update golang.org/x/crypto digest to 0559593 (#826)- fix ReadTimeout for G112 rule- Pin cosign-installer to v2 (#824)
* Update to version 2.12.0- chore(deps): update all dependencies (#822)- Add check for usage of Rat.SetString in math/big with an overflow error (#819)- Remove additional --update for apk in Dockerfile (#818)- Update x/tools to pick up fix for golang/go#51629 (#817)- chore(deps): update all dependencies (#816)- chore(deps): update all dependencies (#812)- chore(deps): update all dependencies (#811)- Add new rule for Slowloris Attack- Fix the dependencies after renovate upate (#806)- chore(deps): update all dependencies (#805)- Update the description message of template rule (#803)- Fix typo in ReadMe (#802)- Fix build after renovate update (#800)- Fix use rule IDs to retrieve the rule config- chore(deps): update all dependencies (#796)
* Tue Mar 22 2022 Felix Niederwanger
* Update to version 2.11.0- Enable Go 1.18 in the ci and release workflows- Fix the lint action after upgrade (#790)- chore(deps): update all dependencies (#789)- Add a recursive flag -r to skip specifying ./... path- Adds directory traversal for Http.Dir(\"/\")
* Wed Mar 02 2022 Felix Niederwanger
* Update to version 2.10.0:- Extend the release action to sign the docker image and binary files with cosign (#781)- feat: add concurrency option to parallelize package loading (#778)- chore(deps): update all dependencies- Process the code snippet before adding it to the SARIF report- Updated sponsor link in README.md- chore(deps): update golang.org/x/crypto commit hash to 30dcbda- chore(deps): update all dependencies- Use the CWE name as a name in the SARIF report- chore(deps): update all dependencies (#771)- Resolve the TLS min version when is declarted in the same package but in a different file- Add a test for tls min version defined in a different file- chore(deps): update all dependencies (#765)
* Fri Jan 21 2022 Felix Niederwanger
* Update to version 2.9.6:- Add db.Exec and db.Prepare to the sql rule (#763)- chore(deps): update golang.org/x/crypto commit hash to 5e0467b (#764)- Add os.Create to the readfile rule (#761)- Fix false negative for SQL injection when using DB.QueryRow.Scan() (#759)- chore(deps): update dependency highlight.js to v11.4.0 (#758)- Fix false negatives for SQL injection in multi-line queries- Find G303 with filepath.Join\'d temp dirs (#754)- Find more tempdirs- build(fmt): use [ instead of [[ (#751)- Update to ginkgo v2 (#753)- Fix #743 (#748)- Handle nil when looking up a file by position into a package (#747)- Add in the config file settings for exclude and include options- chore(deps): update golang.org/x/crypto commit hash to e495a2d (#745)- Track both #nosec and #nosec rulelist for one violation (#741)- Add the sponsors section in the README file (#740)- Remove space between // and #nosec in examples and internal use
* Fri Jan 14 2022 Felix Niederwanger - Add position-independent executable to compiler flags
* Fri Jan 14 2022 Felix Niederwanger - Add version 2.9.5
  
ICM