Update to go 1.17 (#8)

.github/workflows/ci.yml

@@ -26,7 +26,7 @@ jobs:
       - name: Checkout Source 
         uses: actions/checkout@v2
       - name: Run Tests
-        uses: cedrickring/golang-action/go1.14@1.6.0
+        uses: cedrickring/golang-action/go1.17@1.6.0
         with:
           args: make test
   tests-go-1-13:
@@ -37,11 +37,11 @@ jobs:
       - name: Checkout Source 
         uses: actions/checkout@v2
       - name: Run Tests
-        uses: cedrickring/golang-action/go1.13@1.6.0
+        uses: cedrickring/golang-action/go1.17@1.6.0
         with:
           args: make test
   coverage:
-    needs: [tests-go-1-15, tests-go-1-14, tests-go-1-13]
+    needs: [tests-go-1-17]
     runs-on: ubuntu-latest
     env:
       GO111MODULE: on

.github/workflows/release.yml

@@ -16,7 +16,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v2
         with:
-          go-version: 1.15.x
+          go-version: 1.17.x
       - name : Get release version
         id: get_version
         run: echo ::set-env name=RELEASE_VERSION::$(echo ${GITHUB_REF:10})
@@ -33,6 +33,6 @@ jobs:
             name: securego/gosec
             username: ${{ secrets.DOCKER_USERNAME }}
             password: ${{ secrets.DOCKER_PASSWORD }}
-            buildargs: GO_VERSION=1.15
+            buildargs: GO_VERSION=1.17
             tags: "latest,${{ env.RELEASE_VERSION }}"
             tag_names: true

README.md

@@ -18,13 +18,13 @@ You may obtain a copy of the License [here](http://www.apache.org/licenses/LICEN
 ## Project status
 
 [![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/3218/badge)](https://bestpractices.coreinfrastructure.org/projects/3218)
-[![Build Status](https://github.com/securego/gosec/workflows/CI/badge.svg)](https://github.com/securego/gosec/actions?query=workflows%3ACI)
-[![Coverage Status](https://codecov.io/gh/securego/gosec/branch/master/graph/badge.svg)](https://codecov.io/gh/securego/gosec)
-[![GoReport](https://goreportcard.com/badge/github.com/securego/gosec)](https://goreportcard.com/badge/github.com/securego/gosec)
-[![GoDoc](https://godoc.org/github.com/securego/gosec?status.svg)](https://godoc.org/github.com/securego/gosec)
+[![Build Status](https://github.com/informalsystems/gosec/workflows/CI/badge.svg)](https://github.com/informalsystems/gosec/actions?query=workflows%3ACI)
+[![Coverage Status](https://codecov.io/gh/informalsystems/gosec/branch/master/graph/badge.svg)](https://codecov.io/gh/informalsystems/gosec)
+[![GoReport](https://goreportcard.com/badge/github.com/informalsystems/gosec)](https://goreportcard.com/badge/github.com/informalsystems/gosec)
+[![GoDoc](https://godoc.org/github.com/informalsystems/gosec?status.svg)](https://godoc.org/github.com/informalsystems/gosec)
 [![Docs](https://readthedocs.org/projects/docs/badge/?version=latest)](https://securego.io/)
-[![Downloads](https://img.shields.io/github/downloads/securego/gosec/total.svg)](https://github.com/securego/gosec/releases)
-[![Docker Pulls](https://img.shields.io/docker/pulls/securego/gosec.svg)](https://hub.docker.com/r/securego/gosec/tags)
+[![Downloads](https://img.shields.io/github/downloads/informalsystems/gosec/total.svg)](https://github.com/informalsystems/gosec/releases)
+[![Docker Pulls](https://img.shields.io/docker/pulls/informalsystems/gosec.svg)](https://hub.docker.com/r/informalsystems/gosec/tags)
 [![Slack](http://securego.herokuapp.com/badge.svg)](http://securego.herokuapp.com)
 
 ## Install
@@ -33,17 +33,17 @@ You may obtain a copy of the License [here](http://www.apache.org/licenses/LICEN
 
 ```bash
 # binary will be $(go env GOPATH)/bin/gosec
-curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s -- -b $(go env GOPATH)/bin vX.Y.Z
+curl -sfL https://raw.githubusercontent.com/informalsystems/gosec/master/install.sh | sh -s -- -b $(go env GOPATH)/bin vX.Y.Z
 
 # or install it into ./bin/
-curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s vX.Y.Z
+curl -sfL https://raw.githubusercontent.com/informalsystems/gosec/master/install.sh | sh -s vX.Y.Z
 
 # In alpine linux (as it does not come with curl by default)
-wget -O - -q https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s vX.Y.Z
+wget -O - -q https://raw.githubusercontent.com/informalsystems/gosec/master/install.sh | sh -s vX.Y.Z
 
 # If you want to use the checksums provided on the "Releases" page
 # then you will have to download a tar.gz file for your operating system instead of a binary file
-wget https://github.com/securego/gosec/releases/download/vX.Y.Z/gosec_vX.Y.Z_OS.tar.gz
+wget https://github.com/informalsystems/gosec/releases/download/vX.Y.Z/gosec_vX.Y.Z_OS.tar.gz
 
 # The file will be in the current folder where you run the command
 # and you can check the checksum like this
@@ -73,15 +73,15 @@ jobs:
       - name: Checkout Source
         uses: actions/checkout@v2
       - name: Run Gosec Security Scanner
-        uses: securego/gosec@master
+        uses: informalsystems/gosec@master
         with:
           args: ./...
 ```
 
 ### Local Installation
 
 ```bash
-go get github.com/securego/gosec/v2/cmd/gosec
+go get github.com/informalsystems/gosec/v2/cmd/gosec
 ```
 
 ## Usage
@@ -143,7 +143,7 @@ $ gosec -exclude=G303 ./...
 ```
 ### CWE Mapping
 
-Every issue detected by `gosec` is mapped to a [CWE (Common Weakness Enumeration)](http://cwe.mitre.org/data/index.html) which describes in more generic terms the vulnerability. The exact mapping can be found  [here](https://github.com/securego/gosec/blob/master/issue.go#L49).
+Every issue detected by `gosec` is mapped to a [CWE (Common Weakness Enumeration)](http://cwe.mitre.org/data/index.html) which describes in more generic terms the vulnerability. The exact mapping can be found  [here](https://github.com/informalsystems/gosec/blob/master/issue.go#L49).
 
 ### Configuration
 
@@ -308,7 +308,7 @@ You can run the `gosec` tool in a container against your local Go project. You o
 into a volume as follows:
 
 ```bash
-docker run --rm -it -w /<PROJECT>/ -v <YOUR PROJECT PATH>/<PROJECT>:/<PROJECT> securego/gosec /<PROJECT>/...
+docker run --rm -it -w /<PROJECT>/ -v <YOUR PROJECT PATH>/<PROJECT>:/<PROJECT> informalsystems/gosec /<PROJECT>/...
 ```
 **Note:** the current working directory needs to be set with `-w` option in order to get successfully resolved the dependencies from go module file 
 
@@ -319,7 +319,7 @@ The configuration of TLS rule can be generated from [Mozilla's TLS ciphers recom
 First you need to install the generator tool:
 
 ```bash
-go get github.com/securego/gosec/v2/cmd/tlsconfig/...
+go get github.com/informalsystems/gosec/v2/cmd/tlsconfig/...
 ```
 
 You can invoke now the `go generate` in the root of the project:

go.mod

@@ -1,18 +1,28 @@
 module github.com/securego/gosec/v2
 
 require (
-	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/gookit/color v1.3.1
-	github.com/kr/pretty v0.1.0 // indirect
 	github.com/mozilla/tls-observatory v0.0.0-20201026203728-66af64cf6cee
 	github.com/nbutton23/zxcvbn-go v0.0.0-20180912185939-ae427f1e4c1d
 	github.com/onsi/ginkgo v1.14.2
 	github.com/onsi/gomega v1.10.3
-	github.com/securego/gosec v0.0.0-20200401082031-e946c8c39989
-	github.com/stretchr/testify v1.4.0 // indirect
 	golang.org/x/tools v0.0.0-20201102043006-b53d4cbd60a6
-	gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect
 	gopkg.in/yaml.v2 v2.3.0
 )
 
-go 1.14
+require (
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/fsnotify/fsnotify v1.4.9 // indirect
+	github.com/kr/pretty v0.1.0 // indirect
+	github.com/nxadm/tail v1.4.4 // indirect
+	github.com/stretchr/testify v1.4.0 // indirect
+	golang.org/x/mod v0.3.0 // indirect
+	golang.org/x/net v0.0.0-20201021035429-f5854403a974 // indirect
+	golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f // indirect
+	golang.org/x/text v0.3.3 // indirect
+	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
+	gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect
+	gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
+)
+
+go 1.17