[CY-6443] The gosec version 1.07 isn't compatible with the go 1.18

codacy / codacy-analysis-cli-action

GitHub Action for the codacy-analysis-cli

https://github.com/codacy/codacy-analysis-cli

Apache License 2.0

56 stars 18 forks source link

[CY-6443] The gosec version 1.07 isn't compatible with the go 1.18 #84

Closed aujinj closed 1 year ago

aujinj commented 1 year ago

If you use the go with 1.18 and enable goSec, this will throw errors internal error: package "<...>" without types was imported from "command-line-arguments"

https://giters.com/securego/gosec/issues/797

The easy fix is to update the gosec from 1.7.0 to version v2.12.0 or later https://github.com/codacy/codacy-analysis-cli-action/blob/9cc325a3a85ab23467a7cf32b9e6223927c206f1/action.yml#L120

github-actions[bot] commented 1 year ago

Internal ticket created : CY-6443

prcr commented 1 year ago

Hello @aujinj, and thank you for submitting this issue.

Currently, the latest Go version that we support is 1.17.13, but we'll be looking into updating codacy/codacy-gosec so that it starts supporting Go 1.18.

We'll let you know when we have an update.

stefanvacareanu7 commented 1 year ago

Hi @aujinj,

I've updated the gosec version to v2.13.1.

Can you check if it fixes your issue?

Best, Stefan