Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: securego/gosec
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v2.22.8
Choose a base ref
...
head repository: securego/gosec
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v2.22.9
Choose a head ref
  • 14 commits
  • 16 files changed
  • 4 contributors

Commits on Aug 14, 2025

  1. Update gosec version to v2.22.8 in the Github action 

    Change-Id: Ifc3c472f6c6aa08bda00ab57298fd7d383ab8325
Signed-off-by: Cosmin Cojocar <[email protected]>
    @ccojocar
    ccojocar committed Aug 14, 2025
    Configuration menu
    Copy the full SHA
    cee0aea View commit details
    Browse the repository at this point in the history

Commits on Aug 18, 2025

  1. chore(deps): update all dependencies

    @renovate @ccojocar
    renovate[bot] authored and ccojocar committed Aug 18, 2025
    Configuration menu
    Copy the full SHA
    287b46c View commit details
    Browse the repository at this point in the history

Commits on Aug 25, 2025

  1. chore(deps): update all dependencies

    @renovate @ccojocar
    renovate[bot] authored and ccojocar committed Aug 25, 2025
    Configuration menu
    Copy the full SHA
    5af1117 View commit details
    Browse the repository at this point in the history

Commits on Sep 8, 2025

  1. chore(deps): update all dependencies

    @renovate @ccojocar
    renovate[bot] authored and ccojocar committed Sep 8, 2025
    Configuration menu
    Copy the full SHA
    4be6b11 View commit details
    Browse the repository at this point in the history

Commits on Sep 12, 2025

  1. rules(G202): detect SQL concat in ValueSpec declarations; add test sa… 

    …mple\n\n- Handle var query string = 'SELECT ...' + user style declarations\n- Reuse existing binary expr detection on ValueSpec.Values\n- Add postgres sample mirroring issue #1309 report\n- Rules tests: 42 passed
    @ccojocar
    Eshani Parulekar authored and ccojocar committed Sep 12, 2025
    Configuration menu
    Copy the full SHA
    40ac530 View commit details
    Browse the repository at this point in the history

  2. rules(G304): analyze only path arg; ignore flag/perm vars; track Clea… 

    …n and safe Join; fix nil-context panic\n\n- Limit G304 checks to first arg (path) for os.Open/OpenFile/ReadFile, avoiding false positives when flag/perm are variables\n- Track filepath.Clean so cleaned identifiers are treated as safe\n- Consider safe joins: filepath.Join(const|resolvedBase, Clean(var)|cleanedIdent)\n- Record Join(...) assigned to identifiers and allow if later cleaned\n- Fix panic by passing non-nil context in trackJoinAssignStmt\n- All rules tests: 42 passed
    @ccojocar
    Eshani Parulekar authored and ccojocar committed Sep 12, 2025
    Configuration menu
    Copy the full SHA
    79f835d View commit details
    Browse the repository at this point in the history

  3. test(g304): add samples for var perm and var flag with cleaned path\n… 

    …\n- Ensure G304 does not fire when only non-path args (flag/perm) are variables\n- Both samples use filepath.Clean on the path arg\n- Rules suite remains green (42 passed)
    @ccojocar
    Eshani Parulekar authored and ccojocar committed Sep 12, 2025
    Configuration menu
    Copy the full SHA
    e6218c8 View commit details
    Browse the repository at this point in the history

  4. style: gofmt rules/readfile.go

    @ccojocar
    Eshani Parulekar authored and ccojocar committed Sep 12, 2025
    Configuration menu
    Copy the full SHA
    ab078db View commit details
    Browse the repository at this point in the history

  5. refactor(G304): remove unused trackJoin helper; no functional change

    @ccojocar
    Eshani Parulekar authored and ccojocar committed Sep 12, 2025
    Configuration menu
    Copy the full SHA
    e81fba3 View commit details
    Browse the repository at this point in the history

Commits on Sep 15, 2025

  1. chore(deps): update all dependencies

    @renovate @ccojocar
    renovate[bot] authored and ccojocar committed Sep 15, 2025
    Configuration menu
    Copy the full SHA
    3ead143 View commit details
    Browse the repository at this point in the history

Commits on Sep 16, 2025

  1. feat(G304): add os.Root remediation hint (Autofix) when Go >= 1.24

    @ccojocar
    Eshani Parulekar authored and ccojocar committed Sep 16, 2025
    Configuration menu
    Copy the full SHA
    506407e View commit details
    Browse the repository at this point in the history

Commits on Sep 22, 2025

  1. feat(autofix): update gemini sdk and add anthropic claude 

    * upgrade gemini sdk to google.golang.org/genai v1.25.0
* support newer gemini models
* add anthropic claude
    @MatteoCalabro-TomTom @ccojocar
    MatteoCalabro-TomTom authored and ccojocar committed Sep 22, 2025
    Configuration menu
    Copy the full SHA
    64ebfc0 View commit details
    Browse the repository at this point in the history

  2. fix(autofix): unnecessary conversion

    @MatteoCalabro-TomTom @ccojocar
    MatteoCalabro-TomTom authored and ccojocar committed Sep 22, 2025
    Configuration menu
    Copy the full SHA
    7b8713e View commit details
    Browse the repository at this point in the history

  3. Update cosign to v2.6.0 and go in the CI to latest version 

    Change-Id: I1754871a875f82fa1177793e74a41cc88ef4059f
Signed-off-by: Cosmin Cojocar <[email protected]>
    @ccojocar
    ccojocar committed Sep 22, 2025
    Configuration menu
    Copy the full SHA
    15d5c61 View commit details
    Browse the repository at this point in the history
Loading