Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump github.com/securego/gosec/v2 from 2.5.0 to 2.16.0 in /internal/tools #234

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 17, 2023

Bumps github.com/securego/gosec/v2 from 2.5.0 to 2.16.0.

Release notes

Sourced from github.com/securego/gosec/v2's releases.

v2.16.0

Changelog

  • c5ea1b7 Update cosign to latest version in release Github action (#958)
  • 8632a8c chore(deps): update all dependencies (#956)
  • ae3c2f7 Update go version in build and release scripts (#957)
  • 970cc29 chore(deps): update all dependencies (#955)
  • 47bfd4e Update Go version to 1.20.3 (#953)
  • 440141a chore(deps): update all dependencies (#952)
  • 7df7baa Fix for Dockerfile smell DL3059 (#951)
  • 2ee3213 README: upgrade GitHub action in examples (#950)
  • 68b5201 enable ginkgolinter linter (#948)
  • 780ebd0 chore(deps): update all dependencies (#947)
  • d6aeaad correct gci linter (#946)
  • 73f0efc remove deprecated linters
  • aef69b3 increase timeout to 5m
  • 6bad723 chore(deps): update all dependencies
  • 96bb741 Use the latest version
  • 6a73248 Fix some linting warnings
  • 83fc5e6 Fix lint warning
  • 8e7cf4b Bump the go versions and golanci
  • e7bfcd1 chore(deps): update all dependencies (#942)
  • f823a7e Check nil pointer when variable is declared in a different file
  • cdd3476 fix dead link to issue.go in README.md (#936)
  • d5a9c73 Remove rule G307 which checks when an error is not handled when a file or socket connection is closed (#935)
  • 27bf0e4 Fix rule index reference into sarif report (#934)
  • e7b896f Bump golang.org/x/net from 0.6.0 to 0.7.0
  • 4340efa Format file
  • f850069 Use the gosec issue in the go analysers
  • b1fd948 Fix file formatting
  • 2071786 Update Go version in CI builds
  • 1915717 Fix method name in the comment
  • de2c6a3 Extract the issue in its own package
  • 31e6327 Add support for Go analysis framework and SSA code representation
  • e795d75 chore(deps): update all dependencies (#931)
  • 8aa00db Remove the version form ci github action
  • 392e53c Pin github action to latest release version 2.15.0
  • ffe254e Revert the image tag in github action until a working solution is found
  • a0eddfb Fix version interpolation in github action image
  • d22a7b6 Add gosec version as an input parameter to GitHub action (#927)
  • 2d6b0a5 Update release build script (#924)

v2.15.0

Changelog

  • a459eb0 Fix dependencies after renovate update
  • 54f56c7 chore(deps): update all dependencies (#922)
  • df14837 Update to Go 1.20 and fix unit tests (#923)
  • b4270dd Update Go to latest version (#920)
  • a624254 Update hardcoded_credentials.go fix: adaper equal expr which const value at left (#917)
  • 9432e67 Fix github latest URL (#918)
  • e85e1a7 Fix github release url (#916)

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/securego/gosec/v2](https://github.com/securego/gosec) from 2.5.0 to 2.16.0.
- [Release notes](https://github.com/securego/gosec/releases)
- [Changelog](https://github.com/securego/gosec/blob/master/.goreleaser.yml)
- [Commits](securego/gosec@v2.5.0...v2.16.0)

---
updated-dependencies:
- dependency-name: github.com/securego/gosec/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label May 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants