Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / securego/gosec issues and pull requests

#1251 - chore(deps): update all dependencies

Pull Request - State: closed - Opened by renovate[bot] 7 days ago - 1 comment

#1250 - False Positive for G602 with bounds check using switch

Issue - State: open - Opened by theory 7 days ago
Labels: bug

#1249 - chore(deps): update all dependencies

Pull Request - State: closed - Opened by renovate[bot] 14 days ago - 1 comment

#1248 - chore(deps): update all dependencies

Pull Request - State: closed - Opened by renovate[bot] 21 days ago - 1 comment

#1247 - Some Issues Observed in Gosec Output

Issue - State: closed - Opened by ddbabde1011 24 days ago

#1246 - Update go version to 1.23.2 and 1.22.8

Pull Request - State: closed - Opened by ccojocar 26 days ago

#1245 - chore(deps): update module google.golang.org/api to v0.201.0

Pull Request - State: closed - Opened by renovate[bot] 28 days ago - 1 comment

#1244 - Weird Behavior with C-Go projects

Issue - State: open - Opened by chheda-deshaw about 1 month ago - 3 comments
Labels: enhancement, help wanted

#1243 - Docker execution failing without errors or results

Issue - State: closed - Opened by brandtkeller about 1 month ago - 1 comment

#1242 - chore(deps): update all dependencies

Pull Request - State: closed - Opened by renovate[bot] about 1 month ago - 1 comment

#1241 - G404 while using math/rand/v2

Issue - State: closed - Opened by ldemailly about 1 month ago - 6 comments
Labels: enhancement, help wanted

#1240 - #nosec G115 doesn't work in particular cases if it's preceded by an open bracket {

Issue - State: open - Opened by paul-at-cybr about 1 month ago - 3 comments
Labels: bug, help wanted

#1239 - chore(deps): update all dependencies

Pull Request - State: closed - Opened by renovate[bot] about 1 month ago - 1 comment

#1238 - Fix the cosign step to authenticate with the container registry

Pull Request - State: closed - Opened by ccojocar about 2 months ago - 1 comment

#1237 - G201/G202 only works with the stdlib sql pkg

Issue - State: closed - Opened by adrianlungu about 2 months ago - 3 comments

#1236 - chore(deps): update module google.golang.org/api to v0.199.0

Pull Request - State: closed - Opened by renovate[bot] about 2 months ago - 2 comments

#1235 - Update gosec to v1.21.4 in GitHub action

Pull Request - State: closed - Opened by ccojocar about 2 months ago - 1 comment

#1234 - Error: Unable to upload "gosec-results.sarif" as it is not valid SARIF

Issue - State: closed - Opened by maryamtahhan about 2 months ago - 5 comments

#1233 - chore(deps): update module google.golang.org/api to v0.198.0

Pull Request - State: closed - Opened by renovate[bot] about 2 months ago - 2 comments

#1232 - Prevent panic: unexpected constant value: <nil>

Pull Request - State: closed - Opened by ldemailly about 2 months ago - 1 comment

#1231 - Fix running single analyzer which isn't a rule bug

Pull Request - State: closed - Opened by ldemailly about 2 months ago - 1 comment

#1230 - standalone run, can't run a single rule ?

Issue - State: closed - Opened by ldemailly about 2 months ago

#1229 - Panic in gosec 2.21.3 conversion overflow analyzer

Issue - State: closed - Opened by gmwiz about 2 months ago - 10 comments

#1228 - Remove nosec directive to test the sarif report upload

Pull Request - State: closed - Opened by ccojocar 2 months ago

#1227 - Update gosec version to v2.21.3 in github action

Pull Request - State: closed - Opened by ccojocar 2 months ago - 1 comment

#1226 - Populate the fixes only when autofix is not empty

Pull Request - State: closed - Opened by ccojocar 2 months ago

#1225 - Test sarif upload when there is an issue

Pull Request - State: closed - Opened by ccojocar 2 months ago

#1224 - Invalid SARIF format reported by CodeQL upload-sarif

Issue - State: closed - Opened by komish 2 months ago - 4 comments

#1223 - chore(deps): update all dependencies

Pull Request - State: closed - Opened by renovate[bot] 2 months ago - 3 comments

#1222 - G110 False Positive?

Issue - State: closed - Opened by geofffranks 2 months ago - 2 comments
Labels: enhancement, help wanted

#1221 - G115 Struct Attribute Checks

Pull Request - State: closed - Opened by czechbol 2 months ago - 3 comments

#1218 - Update the github action to v2.21.2

Pull Request - State: closed - Opened by ccojocar 2 months ago - 1 comment

#1217 - Update the SARIF schema URL

Pull Request - State: closed - Opened by ccojocar 2 months ago

#1216 - Update go version to 1.23.1 and 1.22.7

Pull Request - State: closed - Opened by ccojocar 2 months ago - 1 comment

#1215 - chore(deps): update all dependencies

Pull Request - State: closed - Opened by renovate[bot] 2 months ago - 2 comments

#1213 - Update gosec version to v2.21.1 in github action

Pull Request - State: closed - Opened by ccojocar 2 months ago - 1 comment

#1212 - G115 is reporting false positives (a summary)

Issue - State: open - Opened by czechbol 2 months ago - 18 comments
Labels: enhancement, help wanted

#1211 - G407: Incorrect detection of fixed iv

Issue - State: open - Opened by imirkin 2 months ago - 17 comments
Labels: bug

#1210 - Rollback the SARIF version to 2.1 since github doesn't support 2.2

Pull Request - State: closed - Opened by ccojocar 2 months ago - 2 comments

#1209 - G407: requires unique nonce for Open?

Issue - State: open - Opened by imirkin 2 months ago - 9 comments
Labels: bug

#1208 - Update gosec in github action to v2.21.0

Pull Request - State: closed - Opened by ccojocar 2 months ago - 1 comment

#1207 - Update cosign version to v2.4.0 in release github workflow

Pull Request - State: closed - Opened by ccojocar 2 months ago - 1 comment

#1206 - Sonar format reports deprecated fields

Issue - State: open - Opened by CameronGo 2 months ago - 2 comments
Labels: enhancement, help wanted

#1205 - Results always empty

Issue - State: closed - Opened by antoninoLorenzo 2 months ago - 1 comment

#1204 - G115: False positive int->uint16 with guard

Issue - State: closed - Opened by stephenc 3 months ago - 2 comments

#1203 - chore(deps): update all dependencies

Pull Request - State: closed - Opened by renovate[bot] 3 months ago - 3 comments

#1202 - G115: false positive for uintptr -> unsafe.Pointer

Issue - State: closed - Opened by abemedia 3 months ago - 1 comment

#1201 - fix: G602 support for nested conditionals with bounds check

Pull Request - State: closed - Opened by xWiiLLz 3 months ago - 1 comment

#1199 - G204: False positive when variable is a value from a hard-coded locally-scoped map

Issue - State: open - Opened by mholt 3 months ago
Labels: enhancement, help wanted

#1198 - G304 false positive: filepath.Join calls Clean on the result

Issue - State: closed - Opened by mholt 3 months ago - 1 comment

#1195 - G115 should be architecture-agnostic for int and uint

Issue - State: closed - Opened by rittneje 3 months ago - 1 comment

#1194 - Improvement the int conversion overflow logic to handle bound checks

Pull Request - State: closed - Opened by czechbol 3 months ago - 41 comments

#1193 - Fix conversion overflow false positive when value is explicitly checked

Pull Request - State: closed - Opened by ben-krieger 3 months ago - 1 comment

#1192 - Fix conversion overflow false positive when using ParseUint

Pull Request - State: closed - Opened by ben-krieger 3 months ago - 1 comment

#1191 - Add a build step to measure the scan perfomance

Pull Request - State: closed - Opened by ccojocar 3 months ago - 1 comment

#1190 - chore(deps): update all dependencies

Pull Request - State: closed - Opened by renovate[bot] 3 months ago - 3 comments

#1189 - Fix conversion overflow false positives

Pull Request - State: closed - Opened by czechbol 3 months ago - 2 comments

#1188 - Fix false positive in conversion overflow check from uint8/int8 type

Pull Request - State: closed - Opened by ccojocar 3 months ago - 1 comment

#1187 - G115 ignores bounds checks

Issue - State: closed - Opened by rittneje 3 months ago - 7 comments
Labels: enhancement, help wanted

#1186 - Add more test to cover more use cases for G115 rule

Pull Request - State: closed - Opened by ccojocar 3 months ago - 1 comment

#1185 - G115: integer overflow conversion uint8 -> int64

Issue - State: closed - Opened by ldemailly 3 months ago - 21 comments

#1184 - GoSec pulling the image before docker hub login

Issue - State: closed - Opened by majidlun3x 3 months ago - 1 comment

#1183 - Update to Go 1.23.0

Pull Request - State: closed - Opened by ccojocar 3 months ago - 1 comment

#1182 - chore(deps): update all dependencies

Pull Request - State: closed - Opened by renovate[bot] 3 months ago - 1 comment

#1181 - Read the AI API key also from an environment variable

Pull Request - State: closed - Opened by ccojocar 3 months ago - 1 comment

#1180 - Allow excluding analyzers globally

Pull Request - State: closed - Opened by Rgvs 3 months ago - 7 comments

#1179 - chore(deps): update all dependencies

Pull Request - State: closed - Opened by renovate[bot] 3 months ago - 2 comments

#1178 - chore(deps): update all dependencies

Pull Request - State: closed - Opened by renovate[bot] 3 months ago - 1 comment

#1177 - Add support to generate auto fixes using LLM (AI)

Pull Request - State: closed - Opened by tran-the-lam 4 months ago - 8 comments

#1176 - chore(deps): update all dependencies

Pull Request - State: closed - Opened by renovate[bot] 4 months ago - 2 comments

#1175 - CheckAnalyzers doesn't seem to respect exclude or nosec (e.g. G602)

Issue - State: closed - Opened by imirkin 4 months ago - 2 comments
Labels: bug, help wanted

#1174 - Gosec does not detect G204 if user input is from a function parameter

Issue - State: open - Opened by BinaryFissionGames 4 months ago
Labels: bug, help wanted

#1173 - can we get a patch release out to support go 1.22 fixes?

Issue - State: closed - Opened by omercnet 4 months ago - 2 comments

#1172 - chore(deps): update dependency babel-standalone to v7.24.10

Pull Request - State: closed - Opened by renovate[bot] 4 months ago - 1 comment

#1171 - Update action.yml

Pull Request - State: closed - Opened by orius123 4 months ago

#1170 - Resolve underlying type to detect overflows in type aliases

Pull Request - State: closed - Opened by gartnera 4 months ago - 1 comment

#1169 - chore(deps): update dependency babel-standalone to v7.24.8

Pull Request - State: closed - Opened by renovate[bot] 4 months ago - 1 comment

#1168 - Add -enable-audit cli flag

Pull Request - State: closed - Opened by gartnera 4 months ago - 1 comment

#1167 - Fix multifile analyzer ignores

Pull Request - State: closed - Opened by gartnera 4 months ago - 2 comments

#1166 - Go version issues when running in CI (Github Actions)

Issue - State: closed - Opened by saurori 4 months ago - 5 comments

#1165 - Update to go 1.22.5 and 1.21.12

Pull Request - State: closed - Opened by ccojocar 4 months ago

#1164 - chore(deps): update all dependencies

Pull Request - State: closed - Opened by renovate[bot] 4 months ago - 1 comment

#1163 - Added rules for MD4 and RIPEMD160

Pull Request - State: closed - Opened by expp121 5 months ago - 3 comments

#1162 - Add rules for deprecated hashing algorithms

Issue - State: closed - Opened by expp121 5 months ago

#1161 - chore(deps): update docker/build-push-action action to v6

Pull Request - State: closed - Opened by renovate[bot] 5 months ago - 1 comment

#1160 - Create a taint analysis engine

Issue - State: open - Opened by ccojocar 5 months ago - 2 comments
Labels: enhancement

#1159 - Feature: Rule G401 split into two different rules

Pull Request - State: closed - Opened by expp121 5 months ago - 4 comments

#1158 - Rule G401 covers multiple different CWEs.

Issue - State: closed - Opened by expp121 5 months ago

#1157 - possible regression on first g104 sample

Issue - State: closed - Opened by kristovatlas 5 months ago - 1 comment

#1156 - New release for the github action of gosec to include #1153

Issue - State: closed - Opened by magodo 5 months ago - 1 comment

#1155 - Update to go versions to 1.21.11 and 1.22.4

Pull Request - State: closed - Opened by ccojocar 5 months ago - 1 comment

#1154 - chore(deps): update all dependencies

Pull Request - State: closed - Opened by renovate[bot] 5 months ago - 1 comment

#1153 - Fix nosec directive when applied to a block

Pull Request - State: closed - Opened by ccojocar 6 months ago - 1 comment

#1152 - Add more types to templates rule

Pull Request - State: closed - Opened by ccojocar 6 months ago