Spencer Schrock
a4ee3147a6
🌱 bump project minimum Go version to go1.21 ( #3661 )
...
* upgrade go.mod to 1.21
Signed-off-by: Spencer Schrock <sschrock@google.com>
* use slices from stdlib
Signed-off-by: Spencer Schrock <sschrock@google.com>
* use max/min builtins
Signed-off-by: Spencer Schrock <sschrock@google.com>
* multierrors
possibly spin this off into its own PR
Signed-off-by: Spencer Schrock <sschrock@google.com>
* dont call rand.Seed
As of Go 1.20, the generator is seeded randomly at startup.
https://pkg.go.dev/math/rand#Seed
Signed-off-by: Spencer Schrock <sschrock@google.com>
* update minimum Go version in documentation
Signed-off-by: Spencer Schrock <sschrock@google.com>
---------
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-11-13 15:12:29 -08:00
AdamKorcz
47e04c102a
🌱 Convert SAST check to probes ( #3571 )
...
* Convert SAST checks to probes
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Update checks/evaluation/sast.go
Co-authored-by: Raghav Kaul <8695110+raghavkaul@users.noreply.github.com>
Signed-off-by: AdamKorcz <44787359+AdamKorcz@users.noreply.github.com>
* preserve file info when logging positive Sonar findings
Signed-off-by: AdamKorcz <adam@adalogics.com>
* rebase
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Remove warning logging
Signed-off-by: AdamKorcz <adam@adalogics.com>
* add outcome and message to finding on the same line
Signed-off-by: AdamKorcz <adam@adalogics.com>
* codeql workflow -> codeql action
Signed-off-by: AdamKorcz <adam@adalogics.com>
* 'the Sonar' -> 'Sonar' in probe def.yml
Signed-off-by: AdamKorcz <adam@adalogics.com>
* fix typo
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Change how probe creates location
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Change names of values
Signed-off-by: AdamKorcz <adam@adalogics.com>
* change 'SAST tool detected: xx' to 'SAST tool installed: xx'
Signed-off-by: AdamKorcz <adam@adalogics.com>
* make text in probe def.yml easier to read
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Change 'to' to 'two'
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Minor change
Signed-off-by: AdamKorcz <adam@adalogics.com>
---------
Signed-off-by: AdamKorcz <adam@adalogics.com>
Signed-off-by: AdamKorcz <44787359+AdamKorcz@users.noreply.github.com>
Co-authored-by: Raghav Kaul <8695110+raghavkaul@users.noreply.github.com>
2023-11-07 08:41:44 -05:00
laurentsimon
fa0e1c17e9
✨ Add WithValues function to findings ( #3619 )
...
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update comment
Signed-off-by: laurentsimon <laurentsimon@google.com>
* typo
Signed-off-by: laurentsimon <laurentsimon@google.com>
---------
Signed-off-by: laurentsimon <laurentsimon@google.com>
2023-10-27 11:03:15 -07:00
AdamKorcz
8eaf0d7647
🌱 Add new outcome to UnmarshalYAML ( #3566 )
...
Signed-off-by: AdamKorcz <adam@adalogics.com>
2023-10-12 16:59:50 +00:00
AdamKorcz
05a1eade1f
🐛 Fix wrong quotes ( #3565 )
...
Signed-off-by: AdamKorcz <adam@adalogics.com>
2023-10-12 08:47:50 -07:00
AdamKorcz
6c43301c26
🌱 Add map to Finding ( #3558 )
...
Signed-off-by: AdamKorcz <adam@adalogics.com>
2023-10-11 09:25:40 -07:00
AdamKorcz
034e6b2ebc
🌱 Add OutcomeNotApplicable ( #3539 )
...
Signed-off-by: AdamKorcz <adam@adalogics.com>
2023-10-09 22:16:12 +00:00
laurentsimon
d177169ec2
✨ [experimental] Probe support for fuzzing check ( #3230 )
...
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* comments
Signed-off-by: laurentsimon <laurentsimon@google.com>
* unit tests and linter
Signed-off-by: laurentsimon <laurentsimon@google.com>
* remove raw from check request in e2e tests
Signed-off-by: laurentsimon <laurentsimon@google.com>
* remove redundant finding check
Signed-off-by: laurentsimon <laurentsimon@google.com>
* typo
Signed-off-by: laurentsimon <laurentsimon@google.com>
* adress comments
Signed-off-by: laurentsimon <laurentsimon@google.com>
---------
Signed-off-by: laurentsimon <laurentsimon@google.com>
2023-08-21 17:50:20 +00:00
laurentsimon
a8b255a224
✨ [experimental] Probe support for security policy check ( #3241 )
...
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* fix unit tests
Signed-off-by: laurentsimon <laurentsimon@google.com>
* comments
Signed-off-by: laurentsimon <laurentsimon@google.com>
* compilation fix
Signed-off-by: laurentsimon <laurentsimon@google.com>
* missing file
Signed-off-by: laurentsimon <laurentsimon@google.com>
* missing file
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update reason string
Signed-off-by: laurentsimon <laurentsimon@google.com>
* typo
Signed-off-by: laurentsimon <laurentsimon@google.com>
* fix unit tests
Signed-off-by: laurentsimon <laurentsimon@google.com>
* typo
Signed-off-by: laurentsimon <laurentsimon@google.com>
* unit tests and linnter
Signed-off-by: laurentsimon <laurentsimon@google.com>
* comments
Signed-off-by: laurentsimon <laurentsimon@google.com>
* comments
Signed-off-by: laurentsimon <laurentsimon@google.com>
* missing file
Signed-off-by: laurentsimon <laurentsimon@google.com>
* unit tests for probes
Signed-off-by: laurentsimon <laurentsimon@google.com>
* linter
Signed-off-by: laurentsimon <laurentsimon@google.com>
* revert FileSize change
Signed-off-by: laurentsimon <laurentsimon@google.com>
---------
Signed-off-by: laurentsimon <laurentsimon@google.com>
2023-08-04 04:52:15 +00:00
Naveen
ab1c515c30
🌱 Increase test coverage for finding outcomes ( #3142 )
...
* Increase test coverage for finding outcomes
- Add tests for Outcome UnmarshalYAML function in `finding/finding_test.go`
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
* Updates based on Codereview
- Update `Outcome` variable in `finding/finding_test.go`
- Add `t.Parallel()` for test parallelization
- Add comparison using `cmp.Diff` to test for mismatches
- Update test cases for various outcomes
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
---------
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2023-06-08 19:07:46 +00:00
laurentsimon
a4da39a779
✨ [experimental] Create probes within findings ( #2919 )
...
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
---------
Signed-off-by: laurentsimon <laurentsimon@google.com>
2023-05-03 00:42:32 +00:00
laurentsimon
2ea140a3ee
✨ Structured results for permissions ( #2584 )
...
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* Update checks/evaluation/permissions/GitHubWorkflowPermissionsTopNoWrite.yml
Co-authored-by: Joyce <joycebrumu.u@gmail.com>
Signed-off-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* Update checks/evaluation/permissions/GitHubWorkflowPermissionsStepsNoWrite.yml
Co-authored-by: Joyce <joycebrumu.u@gmail.com>
Signed-off-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
* Update checks/evaluation/permissions/GitHubWorkflowPermissionsStepsNoWrite.yml
Co-authored-by: Joyce <joycebrumu.u@gmail.com>
Signed-off-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
* Update checks/evaluation/permissions/GitHubWorkflowPermissionsStepsNoWrite.yml
Co-authored-by: Joyce <joycebrumu.u@gmail.com>
Signed-off-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
---------
Signed-off-by: laurentsimon <laurentsimon@google.com>
Signed-off-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
Co-authored-by: Joyce <joycebrumu.u@gmail.com>
2023-01-30 18:41:36 -08:00