Skip to content

v2.1.0
Compare
Choose a tag to compare
@ccojocar ccojocar released this 09 Oct 14:09
· 639 commits to master since this release
v2.1.0
28c1128

Changelog

28c1128 Add more tests to improve the coverage of resolve
d78f026 Format import to make codecov happy
50e1fe2 Improve the SSRF rule to report an issue for package scoped variables
07770ae Add a test for composite literals when trying to resolve an AST tree node
f413f14 Handle the ValueSpec when trying to resolve an AST tree node
c1970ff Handle the ValueSpec when trying to resolve an AST tree node
ea9faae Update the Go version to 1.13 in the Dockerfile (#403)
186dec7 Convert the global settings to correct type when reading them from file (#399)
e680875 Replace the deprecated load mode with more specific flags are recommended in the packages docs (#400)
ad375d3 Update golang.org/x/tools commit hash to 7c411de (#389)
607f240 reconfigure rennoavate bot (#395)
832d7bb Update README with CII Best Practicies badge
29341f6 Fix the rule G108/pporf to handle the case when the pporf import has not name
b504783 Change unit tests to check for one thing (#381)
7dbc65b Update golang.org/x/tools commit hash to 3ac2a5b (#387)
f3bd9fb Update golang.org/x/tools commit hash to 0f9bb8f
c6ac709 Update golang.org/x/net commit hash to aa69164
7a6460d Update golang.org/x/crypto commit hash to 9ee001b
d8f249a Update README with rule G108
9cee24c Add a rule which detects when pprof endpoint is automatically exposed
73fbc9b Update golang.org/x/net commit hash to 1a5e07d
124da07 Update golang.org/x/tools commit hash to 5eefd05 (#378)
915e9ee Update golang.org/x/sys commit hash to b4ddaad (#374)
e7b3ae9 Clarify and add new unit tests for rule G107 (#376)
f90efff Update golang.org/x/tools commit hash to 2dc213d (#375)
90e9759 Update golang.org/x/net commit hash to c858923 (#373)
709ed1b Change rule G204 to be less restrictive (#339)
98749b7 Update golang.org/x/net commit hash to 24e19bd (#372)
d8f6c4f Update golang.org/x/sys commit hash to c3b328c (#371)
3204194 Update golang.org/x/tools commit hash to 92af9d6 (#370)
140048b Update golang.org/x/sys commit hash to 7ad0cfa
a65402b Update golang.org/x/tools commit hash to 6bfd74c (#365)
b9c4c66 Expose analyzer API (#366)
29fddff turn on automerge for rennovate bot
bee7b5a Update golang.org/x/crypto commit hash to 227b76d (#363)
069c31f Update golang.org/x/tools commit hash to 16c5e0f (#362)
3e65f8f Update golang.org/x/sys commit hash to bbd1755 (#361)
f5d5e20 Update golang.org/x/tools commit hash to dd2b5c8 (#360)
a1c9c76 Remove the unused code to increase the test coverage
338b50d Remove rule G105 which detects the use of math/big#Int.Exp
43e3664 Build the tls config generator only with Go versions compatible with Go 1.12
81b6dc8 Regenerate the TLS configuration based on latest Mozilla's recommended ciphers
76ce9f0 Update to config struct to unmarshal the mozilla server-side TLS conf version 5
e050355 Update the TLS config generator to handle TLS version 1.3
c0510fc Update golang.org/x/tools commit hash to 0673112 (#359)
a57a033 Update golang.org/x/sys commit hash to f460065 (#356)
8063751 Update golang.org/x/crypto commit hash to 094676d (#355)
7851918 Add support to exclude arbitrary folders from scanning (#353)
1c35be8 Add renovate.json (#354)
fde1f82 Update the tag format in the release steps (#348)
992f173 Update README file with a note on dependencies (#351)
e442cf3 Add Go 1.13 to the tested version in the travis build file (#350)
4ecbe32 Update go modules to latest compatible version and removed unused dependencies (#349)
8932f70 Add flag to handle '#nosec' alternative (#346)
4b59c94 Prevent null pointer exception in Sonarqube (#334)
39f7e7b Display filtered number of issues instead of total in stats
e28a56a Merge pull request #330 from ccojocar/fix-whitelist-G104
63b44b6 Add some more tests to make codecov happy
1412357 Add some documentation for G104 whitelist configuration Signed-off-by: Cosmin Cojocar [email protected]
f344524 Fix the whitelist on G104 rule and add a test
78a4949 Load rules on each code sample in order to reconfigure them
ed9934f Refactor the rules tests to be able to configure the analyzer config per test sample
36a82ea Merge pull request #328 from ccojocar/fix-sonarqute-report
020479a Support multiple root paths when generating the Sonarqube report
46e55b9 Fix the file path in the Sonarqube report
04dc713 One approach for fixing the false positive identified in #325.
196edd3 Add checksum clarification in README
0ebfa2f Rework analyzer unit test to pass the go tip version (#318)
9d9098f print version string (#317)
ee80733 Add a flag to filter issues by confidence (#316)

Assets 6
Loading