Update dependency gosec to v2.9.6 #2

Merged

volker.raschek merged 1 commits from renovate/gosec-2.x into master 2022-01-31 18:18:20 +00:00

Conversation 0 Commits 1 Files Changed 1 +1 -1

CSRBot commented 2022-01-30 21:50:23 +00:00

Collaborator

Copy Link

This PR contains the following updates:

Package	Update	Change
gosec	patch	v2.9.4 -> v2.9.6

---

Release Notes

securego/gosec

v2.9.6

Compare Source

Changelog

• 1d909e2 Add db.Exec and db.Prepare to the sql rule (#​763)
• 742aa84 chore(deps): update golang.org/x/crypto commit hash to 5e0467b (#​764)
• 7be6d4e Add os.Create to the readfile rule (#​761)
• 75cc7dc Fix false negative for SQL injection when using DB.QueryRow.Scan() (#​759)
• 58058af chore(deps): update dependency highlight.js to v11.4.0 (#​758)
• 9d66b0d Fix false negatives for SQL injection in multi-line queries
• 4c1afaa Find G303 with filepath.Join'd temp dirs (#​754)
• 19bda8d Find more tempdirs
• 827fca9 build(fmt): use [ instead of [[ (#​751)
• ad5d74d Update to ginkgo v2 (#​753)
• 72f1145 Fix #​743 (#​748)
• 63a8e78 Handle nil when looking up a file by position into a package (#​747)
• 3038a30 Add in the config file settings for exclude and include options
• bf0dd2f chore(deps): update golang.org/x/crypto commit hash to e495a2d (#​745)
• 2d1c1a6 Track both #nosec and #nosec rulelist for one violation (#​741)
• e0f354a Add the sponsors section in the README file (#​740)
• d23ab2d Remove space between // and #nosec in examples and internal use

v2.9.5

Compare Source

Changelog

• 35af340 Fix #​736 (#​738)
• 6c0b344 chore(deps): update golang.org/x/crypto commit hash to 4570a08 (#​737)

---

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [gosec](https://github.com/securego/gosec) | patch | `v2.9.4` -> `v2.9.6` | --- ### Release Notes <details> <summary>securego/gosec</summary> ### [`v2.9.6`](https://github.com/securego/gosec/releases/v2.9.6) [Compare Source](https://github.com/securego/gosec/compare/v2.9.5...v2.9.6) #### Changelog - [`1d909e2`](https://github.com/securego/gosec/commit/1d909e2) Add db.Exec and db.Prepare to the sql rule ([#&#8203;763](https://github.com/securego/gosec/issues/763)) - [`742aa84`](https://github.com/securego/gosec/commit/742aa84) chore(deps): update golang.org/x/crypto commit hash to [`5e0467b`](https://github.com/securego/gosec/commit/5e0467b) ([#&#8203;764](https://github.com/securego/gosec/issues/764)) - [`7be6d4e`](https://github.com/securego/gosec/commit/7be6d4e) Add os.Create to the readfile rule ([#&#8203;761](https://github.com/securego/gosec/issues/761)) - [`75cc7dc`](https://github.com/securego/gosec/commit/75cc7dc) Fix false negative for SQL injection when using DB.QueryRow.Scan() ([#&#8203;759](https://github.com/securego/gosec/issues/759)) - [`58058af`](https://github.com/securego/gosec/commit/58058af) chore(deps): update dependency highlight.js to v11.4.0 ([#&#8203;758](https://github.com/securego/gosec/issues/758)) - [`9d66b0d`](https://github.com/securego/gosec/commit/9d66b0d) Fix false negatives for SQL injection in multi-line queries - [`4c1afaa`](https://github.com/securego/gosec/commit/4c1afaa) Find G303 with filepath.Join'd temp dirs ([#&#8203;754](https://github.com/securego/gosec/issues/754)) - [`19bda8d`](https://github.com/securego/gosec/commit/19bda8d) Find more tempdirs - [`827fca9`](https://github.com/securego/gosec/commit/827fca9) build(fmt): use `[` instead of `[[` ([#&#8203;751](https://github.com/securego/gosec/issues/751)) - [`ad5d74d`](https://github.com/securego/gosec/commit/ad5d74d) Update to ginkgo v2 ([#&#8203;753](https://github.com/securego/gosec/issues/753)) - [`72f1145`](https://github.com/securego/gosec/commit/72f1145) Fix [#&#8203;743](https://github.com/securego/gosec/issues/743) ([#&#8203;748](https://github.com/securego/gosec/issues/748)) - [`63a8e78`](https://github.com/securego/gosec/commit/63a8e78) Handle nil when looking up a file by position into a package ([#&#8203;747](https://github.com/securego/gosec/issues/747)) - [`3038a30`](https://github.com/securego/gosec/commit/3038a30) Add in the config file settings for exclude and include options - [`bf0dd2f`](https://github.com/securego/gosec/commit/bf0dd2f) chore(deps): update golang.org/x/crypto commit hash to [`e495a2d`](https://github.com/securego/gosec/commit/e495a2d) ([#&#8203;745](https://github.com/securego/gosec/issues/745)) - [`2d1c1a6`](https://github.com/securego/gosec/commit/2d1c1a6) Track both #nosec and #nosec rulelist for one violation ([#&#8203;741](https://github.com/securego/gosec/issues/741)) - [`e0f354a`](https://github.com/securego/gosec/commit/e0f354a) Add the sponsors section in the README file ([#&#8203;740](https://github.com/securego/gosec/issues/740)) - [`d23ab2d`](https://github.com/securego/gosec/commit/d23ab2d) Remove space between `//` and `#nosec` in examples and internal use ### [`v2.9.5`](https://github.com/securego/gosec/releases/v2.9.5) [Compare Source](https://github.com/securego/gosec/compare/v2.9.4...v2.9.5) #### Changelog - [`35af340`](https://github.com/securego/gosec/commit/35af340) Fix [#&#8203;736](https://github.com/securego/gosec/issues/736) ([#&#8203;738](https://github.com/securego/gosec/issues/738)) - [`6c0b344`](https://github.com/securego/gosec/commit/6c0b344) chore(deps): update golang.org/x/crypto commit hash to [`4570a08`](https://github.com/securego/gosec/commit/4570a08) ([#&#8203;737](https://github.com/securego/gosec/issues/737)) </details> --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

CSRBot added 1 commit 2022-01-30 21:50:26 +00:00

0a0c004101 Update dependency gosec to v2.9.6

volker.raschek was assigned by CSRBot 2022-01-30 21:50:27 +00:00

CSRBot force-pushed renovate/gosec-2.x from 0a0c004101 to f3aee7190a 2022-01-30 22:01:15 +00:00 Compare

volker.raschek merged commit f708f781eb into master 2022-01-31 18:18:20 +00:00

volker.raschek referenced this issue from a commit 2022-01-31 18:18:20 +00:00

Merge pull request 'Update dependency gosec to v2.9.6' (#2) from renovate/gosec-2.x into master

volker.raschek deleted branch renovate/gosec-2.x 2022-01-31 18:18:21 +00:00

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels   

bug

Something is not working

  

duplicate

This issue or pull request already exists

  

enhancement

New feature

  

help wanted

Need some help

  

invalid

Something is wrong

  

question

More information is needed

  

wontfix

This won't be fixed

No Label

bug

duplicate

enhancement

help wanted

invalid

question

wontfix

Milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

volker.raschek

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: volker.raschek/gosec-docker#2

No description provided.