New
v2.22.9
Changelog
- 15d5c61e866bc2e2e8389376a31f1e5e09bde7d8 Update cosign to v2.6.0 and go in the CI to latest version
- 7b8713e2c9114d7db686be71c260e4e9f7ffc2e9 fix(autofix): unnecessary conversion
- 64ebfc010618034268272af465bb47dbbb49d64f feat(autofix): update gemini sdk and add anthropic claude
- 506407e7dfe6979d514d362f0b2d2ea77f49f5c8 feat(G304): add os.Root remediation hint (Autofix) when Go >= 1.24
- 3ead143f0a3b5ace623f1865ea0f560bf730cd32 chore(deps): update all dependencies
- e81fba3c3afd54f0740d580297d9206d972d47b9 refactor(G304): remove unused trackJoin helper; no functional change
- ab078db7b0e0de577588ae298d22d1b490bf136c style: gofmt rules/readfile.go
- e6218c83ecf834512867fda709dbb096b9cc06aa test(g304): add samples for var perm and var flag with cleaned path\n\n- Ensure G304 does not fire when only non-path args (flag/perm) are variables\n- Both samples use filepath.Clean on the path arg\n- Rules suite remains green (42 passed)
- 79f835d9c776f61d7d61505970829d8b3610b763 rules(G304): analyze only path arg; ignore flag/perm vars; track Clean and safe Join; fix nil-context panic\n\n- Limit G304 checks to first arg (path) for os.Open/OpenFile/ReadFile, avoiding false positives when flag/perm are variables\n- Track filepath.Clean so cleaned identifiers are treated as safe\n- Consider safe joins: filepath.Join(const|resolvedBase, Clean(var)|cleanedIdent)\n- Record Join(...) assigned to identifiers and allow if later cleaned\n- Fix panic by passing non-nil context in trackJoinAssignStmt\n- All rules tests: 42 passed