search

securego / gosec

Go security checker
https://securego.io
Apache License 2.0
7.72k stars 606 forks source link

Updated Gosec is throwing this error - Error: Unable to upload "results.sarif" as it is not valid SARIF #1220

Closed Revanthathreya closed 2 days ago

Revanthathreya commented 6 days ago

After upgrading the Securego/Gosec version, we are encountering an issue. The system is now reporting that the generated SARIF file is invalid.

This we are facing with this version- [v2.21.1]

Could you please assist in troubleshooting this problem or provide guidance on how to resolve it?

nickeskov commented 6 days ago

Hi, @Revanthathreya! See issues #1214 and #1219

Revanthathreya commented 6 days ago

yeah sure ! if the version is older that is 2.20.0, it is working fine and no errors were encountered.

ccojocar commented 2 days ago

This was fixed, not the action from master is using gosec 2.22.2. https://github.com/securego/gosec/blob/5f3194b581979e508b0ba1ee22f1f1f85a314e16/action.yml#L13

Also the scan was successful, see https://github.com/securego/gosec/actions/runs/10775152002/job/29878917216