Skip to content

issues Search Results · repo:securego/gosec language:Go

Filter by

482 results
 (97 ms)

482 results

insecurego/gosec (press backspace or delete to remove)

securego/gosec
G304: Issue when passing in perm or flag as variable to os.OpenFile()

For some reason gosec is happy with this code: package main import ( os path/filepath ) func open(fn string) { fh, err := os.OpenFile(filepath.Clean(fn), os.O_RDONLY, 0o600) if err != nil { ...
bug
help wanted
  • eest
  • Opened 
    2 days ago
  • #1318

securego/gosec
`golang.org/x/tools/go/packages: unexpected new packages during load` when running under go 1.24.1

(note: I also posted about this in golang-nuts as I m not convinced this is gosec s fault at all, but maybe y all have some insights) I ve been working on upgrading my company s code repository from 1.23.6 ...
  • toastwaffle
  • 1
  • Opened 
    2 days ago
  • #1317

securego/gosec
Add support for Go v1.24.1 and v1.23.7

https://groups.google.com/g/golang-announce/c/4t3lzH3I0eI
  • mjnowen
  • Opened 
    7 days ago
  • #1312

securego/gosec
Support official Go directive comments for rule suppression

Currently, gosec supports the #nosec annotation comment, but in Go, comments in the form of //toolname:directive are officially recognized as directive comments. A directive comment is a line matching ...
enhancement
help wanted
  • frozenbonito
  • 2
  • Opened 
    9 days ago
  • #1311

securego/gosec
The way of string concatenation cannot be detected correctly

 the code as following: package main import ( database/sql fmt _ github.com/lib/pq ) func main() { db, err := sql.Open( postgres , user=postgres password=password dbname=mydb ...
bug
help wanted
  • wxzkenny
  • Opened 
    14 days ago
  • #1309

securego/gosec
Update action.yml to use image 2.22.1

Hi, I have a problem with GitHub actions where I build apps with go 1.24 I suppose update action.yml to gosec image 2.22.1 will help [line 0 : column 0] - loading files from package internal/app : err: ...
  • sealbro
  • Opened 
    23 days ago
  • #1306

securego/gosec
babel-standalone 7.26.4 invalid SRI hash

html render fails with the following: Failed to find a valid digest in the integrity attribute for resource https://cdnjs.cloudflare.com/ajax/libs/babel-standalone/7.26.4/babel.min.js with computed SHA-512 ...
bug
  • efiacor
  • 3
  • Opened 
    26 days ago
  • #1304

securego/gosec
Add support for Go v1.24.0

  • mjnowen
  • Opened 
    28 days ago
  • #1301

securego/gosec
Add support for Go v1.23.6 & Go v1.22.12

https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k
  • mjnowen
  • Opened 
    on Feb 4
  • #1298

securego/gosec
suggest `os.Root` to avoid directory/symlink traversal

os.Root is an upcoming type in Go 1.24 aimed at solving directory traversal. (upstream proposal). Note: some methods won t be released until Go 1.25. Root may be used to only access files within a single ...
enhancement
help wanted
  • spencerschrock
  • Opened 
    on Feb 3
  • #1297
Issue origami icon

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues
ProTip! 
Press the
/
key to activate the search input again and adjust your query.
Issue origami icon

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues
ProTip! 
Press the
/
key to activate the search input again and adjust your query.
Issue search results · GitHub