Releases: cosmos/gosec
Release v0.10.4 (twende)
What's Changed
Full Changelog: v0.10.3...v0.10.4
Contributors
Assets 2
Release v0.10.3 umkomboti
What's Changed
Full Changelog: v0.10.2...v0.10.3
Contributors
Assets 2
Release v0.10.2 baridi sana
What's Changed
Full Changelog: v0.10.1...v0.10.2
Contributors
Assets 2
Release v0.10.1 haraka
What's Changed
Full Changelog: v0.10.0...v0.10.1
Contributors
Assets 2
Release v0.10.0 kamata moto
Full Changelog: v0.0.9...v0.10.0
Release v0.0.9 shika moto
What's Changed
Full Changelog: v0.0.8...v0.0.9
Contributors
Assets 2
Release v0.0.8
What's Changed
- rules/sdk: more accurately determine overflow for int(len(...)) by type & 32/64-bit architectures by @odeke-em in #55
- rules/sdk: intelligently flag overflowing uint*->uint* + int*->int* conversions by @odeke-em in #58
Full Changelog: v0.0.7...v0.0.8
Contributors
Assets 2
Release v0.0.7: skip over */testutil/*
What's Changed
Full Changelog: v0.0.6...v0.0.7
Contributors
Assets 2
Release v0.0.6 (Revival)
This change features a couple of new changes that radically reduce false flags like:
What's Changed
- all: fix tests by migrating to github.com/onsi/ginkgo/v2 by @odeke-em in #47
- rules/sdk: sdk allow unsafe+*/rand in specific packages by @odeke-em in #46
- rules/errors: allow hash.Hash.Write to not return an error as its Go contract holds by @odeke-em in #49
- rules/sdk: exclude "testutil" from map ranging checks by @odeke-em in #51
Full Changelog: v0.0.5...v0.0.6
and that reduces the flagged errors for cosmos/cosmos-sdk from 1,142 down to 970!
Contributors
Assets 2
Release v0.0.5 (Fall collection)
With PR #40 by @odeke-em, implemented filtering out of checking code from generated go code. This was polluting reports such as in the cosmos-sdk where we were getting 5,000+ reports per https://github.com/cosmos/cosmos-sdk/security/code-scanning
We now skip over files with the standard generated Go header regex
^// Code generated .* DO NOT EDIT\.