search

codenotary / immudb

immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history
https://immudb.io
Other
8.54k stars 341 forks source link

chore(deps): bump securego/gosec from 2.17.0 to 2.19.0 #1924

Open dependabot[bot] opened 6 months ago

dependabot[bot] commented 6 months ago

Bumps securego/gosec from 2.17.0 to 2.19.0.

Release notes

Sourced from securego/gosec's releases.

v2.19.0

Changelog

  • 26e57d6 Update CI to go version 1.22
  • e60b8d8 chore(deps): update all dependencies
  • 1285eb7 chore(deps): update all dependencies
  • cf4ab3e chore(deps): update all dependencies
  • 277553c chore(deps): update all dependencies
  • 57ec76b chore(deps): update all dependencies
  • 8fa46c1 chore(deps): update dependency babel-standalone to v7.23.7
  • 53aa3f7 chore(deps): update module golang.org/x/crypto to v0.17.0 [security]
  • 187adab chore(deps): update all dependencies
  • e1f27ba chore(deps): update actions/setup-go action to v5
  • 2aad3f0 Fix lint warnings by properly formatting the files
  • 0e2a618 chore: Refactor Sample Code to Separate Files
  • bc03d1c Update go version to 1.21.5 and 1.20.12 (#1084)
  • 79a6b47 chore(deps): update all dependencies (#1080)
  • eb256a7 Ignore the issues from generated files when using the analysis framework (#1079)
  • 43b7cbf Update README with upload-sarif v2 (#1078)
  • fece498 chore(deps): update dependency babel-standalone to v7.23.4
  • 24c614b Added ppc64le support
  • c736581 chore(deps): update all dependencies
  • 3188e3f Ensure ignores are handled properly for multi-line issues
  • 6d56592 Update Go to version 1.21.4 and 1.20.11
  • 870103b chore(deps): update module golang.org/x/text to v0.14.0
  • b50e493 chore(deps): update all dependencies
  • 2f9965b Remove the hardcoded GOOS value when building the Linux binary to enable support for container image for ARM
  • fa1b74d Avoid allocations with (*regexp.Regexp).MatchString
  • 64bbe90 Fix some typos
  • d9071e3 Update local installation instructions by removing the details for Go 1.16
  • 5d837bc Update gosec version to 2.18.2 in the action

v2.18.2

Changelog

  • 55d7949 Disable dot-imports in revive linter
  • 4656817 chore(deps): update module github.com/onsi/gomega to v1.28.1
  • 5567ac4 Run the gosec with data race detector active during tests
  • a239758 Fix data race in the analyzer
  • c06903a Fix test that checks the overriden nosec directive
  • bde2619 Clean global state in flgs tests
  • e108c56 Format the file
  • e298388 Update README with details which describe the current behaviour of #nosec
  • d8a6d35 Ensure the ignores are parsed before analysing the package
  • 7846db0 chore(deps): update all dependencies
  • 8e0cf8c Update gosec to version 2.18.1 in the action
  • 6b12a71 Update cosign version to v2.2.0

v2.18.1

Changelog

  • 0ec6cd9 Refactor how ignored issues are tracked

... (truncated)

Commits
  • 26e57d6 Update CI to go version 1.22
  • e60b8d8 chore(deps): update all dependencies
  • 1285eb7 chore(deps): update all dependencies
  • cf4ab3e chore(deps): update all dependencies
  • 277553c chore(deps): update all dependencies
  • 57ec76b chore(deps): update all dependencies
  • 8fa46c1 chore(deps): update dependency babel-standalone to v7.23.7
  • 53aa3f7 chore(deps): update module golang.org/x/crypto to v0.17.0 [security]
  • 187adab chore(deps): update all dependencies
  • e1f27ba chore(deps): update actions/setup-go action to v5
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)