[PR #136] [CLOSED] 🌱 bump securego/gosec from 2.22.3 to 2.22.5 #135

New issue

Closed

opened 2026-03-03 16:28:25 +03:00 by kerem · 0 comments

kerem commented

2026-03-03 16:28:25 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/natrontech/pbs-exporter/pull/136
Author: @dependabot[bot]
Created: 7/15/2025
Status: ❌ Closed

Base: main ← Head: dependabot/github_actions/securego/gosec-2.22.5

📝 Commits (1)

f3f5c75 🌱 bump securego/gosec from 2.22.3 to 2.22.5

📊 Changes

1 file changed (+1 additions, -1 deletions)

View changed files

📝 .github/workflows/gosec.yml (+1 -1)

📄 Description

Bumps securego/gosec from 2.22.3 to 2.22.5.

Release notes

Sourced from securego/gosec's releases.

v2.22.5

Changelog

d2d3ae66bd8d340b78b5142b6fe610691783c2fe Switch back go.mod to minimum 1.23.0

1e7ed06b152a8a835f64c0c2a0f4ef7b83434ae8 Update dependencies

1bef91a07f24a9853461be9d3f13df7ee0dfc44c Update go version 1.24.4 and 1.23.10 in CI

621702f13a80eed1b8e60d1fa35b128d622832cb chore(deps): update all dependencies

017d1d655c299165954ba3c6d99bdb86319ecb6a G201/G202: add checks for injection into sql.Conn methods

67f63d47819d2766119d7f5df1cc898e6d985516 chore(deps): update module google.golang.org/api to v0.235.0

b4eabb1b18f22ef42f267d416701e57e82394e14 chore(deps): update module google.golang.org/api to v0.234.0

52a80ff4bdb2e571227a1cfaab461a430e0d8800 chore(deps): update module google.golang.org/api to v0.233.0

e2a95069d97743102fc5988eef8bd1a118c9b79c chore(deps): update module google.golang.org/api to v0.232.0

v2.22.4

Changelog

6decf96c3d272d5a8bbdcf9fddb5789d0be16a8d Update to go version 1.24.3 and 1.23.9

d522338364ccd4e90c00dedc1c7c73f99f1ce20d update: updated the build command to include version metadata

270b5ce8680a9b04afb94d7b5f2b32b9675e379a chore(deps): update all dependencies

60279264beb3f4ca2b288d39b84e930747009a8f Update the AI provider API key value when provided as an argument

65d2d9f011ac529754f847977812a1c64fdab7ea chore(deps): update module google.golang.org/api to v0.230.0

dc1c38b861a6780559cbd51fb9585da7863d0cc5 chore(deps): update module google.golang.org/api to v0.229.0

55dbf5ad81fd416ebe540f79e236d1b76dec9164 chore(deps): update all dependencies

2aaa9c41d6671d0ce7c778cc10340c4fd62d164b Comment the reason why the file can be nil when an issue is created

700e9a9d180e449887f89d03681e4f8225da430a Handle nil file when creating a new issue

d514c426711896adf8a1dffb09037c3ac8752b05 chore(deps): update all dependencies (#1333)

1d458c50e1a9aa6c0d414dfde3998d66cf2c4fc7 Update version in 'action.yml' to 2.22.3 (anticipating next version (#1332)

Commits

d2d3ae6 Switch back go.mod to minimum 1.23.0
1e7ed06 Update dependencies
1bef91a Update go version 1.24.4 and 1.23.10 in CI
621702f chore(deps): update all dependencies
017d1d6 G201/G202: add checks for injection into sql.Conn methods
67f63d4 chore(deps): update module google.golang.org/api to v0.235.0
b4eabb1 chore(deps): update module google.golang.org/api to v0.234.0
52a80ff chore(deps): update module google.golang.org/api to v0.233.0
e2a9506 chore(deps): update module google.golang.org/api to v0.232.0
6decf96 Update to go version 1.24.3 and 1.23.9
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/natrontech/pbs-exporter/pull/136 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 7/15/2025 **Status:** ❌ Closed **Base:** `main` ← **Head:** `dependabot/github_actions/securego/gosec-2.22.5` --- ### 📝 Commits (1) - [`f3f5c75`](https://github.com/natrontech/pbs-exporter/commit/f3f5c75189c05ff2d78ee2f8d6f68ec51f080b97) :seedling: bump securego/gosec from 2.22.3 to 2.22.5 ### 📊 Changes **1 file changed** (+1 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `.github/workflows/gosec.yml` (+1 -1) </details> ### 📄 Description Bumps [securego/gosec](https://github.com/securego/gosec) from 2.22.3 to 2.22.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/securego/gosec/releases">securego/gosec's releases</a>.</em></p> <blockquote> <h2>v2.22.5</h2> <h2>Changelog</h2> <ul> <li>d2d3ae66bd8d340b78b5142b6fe610691783c2fe Switch back go.mod to minimum 1.23.0</li> <li>1e7ed06b152a8a835f64c0c2a0f4ef7b83434ae8 Update dependencies</li> <li>1bef91a07f24a9853461be9d3f13df7ee0dfc44c Update go version 1.24.4 and 1.23.10 in CI</li> <li>621702f13a80eed1b8e60d1fa35b128d622832cb chore(deps): update all dependencies</li> <li>017d1d655c299165954ba3c6d99bdb86319ecb6a G201/G202: add checks for injection into sql.Conn methods</li> <li>67f63d47819d2766119d7f5df1cc898e6d985516 chore(deps): update module google.golang.org/api to v0.235.0</li> <li>b4eabb1b18f22ef42f267d416701e57e82394e14 chore(deps): update module google.golang.org/api to v0.234.0</li> <li>52a80ff4bdb2e571227a1cfaab461a430e0d8800 chore(deps): update module google.golang.org/api to v0.233.0</li> <li>e2a95069d97743102fc5988eef8bd1a118c9b79c chore(deps): update module google.golang.org/api to v0.232.0</li> </ul> <h2>v2.22.4</h2> <h2>Changelog</h2> <ul> <li>6decf96c3d272d5a8bbdcf9fddb5789d0be16a8d Update to go version 1.24.3 and 1.23.9</li> <li>d522338364ccd4e90c00dedc1c7c73f99f1ce20d update: updated the build command to include version metadata</li> <li>270b5ce8680a9b04afb94d7b5f2b32b9675e379a chore(deps): update all dependencies</li> <li>60279264beb3f4ca2b288d39b84e930747009a8f Update the AI provider API key value when provided as an argument</li> <li>65d2d9f011ac529754f847977812a1c64fdab7ea chore(deps): update module google.golang.org/api to v0.230.0</li> <li>dc1c38b861a6780559cbd51fb9585da7863d0cc5 chore(deps): update module google.golang.org/api to v0.229.0</li> <li>55dbf5ad81fd416ebe540f79e236d1b76dec9164 chore(deps): update all dependencies</li> <li>2aaa9c41d6671d0ce7c778cc10340c4fd62d164b Comment the reason why the file can be nil when an issue is created</li> <li>700e9a9d180e449887f89d03681e4f8225da430a Handle nil file when creating a new issue</li> <li>d514c426711896adf8a1dffb09037c3ac8752b05 chore(deps): update all dependencies (<a href="https://redirect.github.com/securego/gosec/issues/1333">#1333</a>)</li> <li>1d458c50e1a9aa6c0d414dfde3998d66cf2c4fc7 Update version in 'action.yml' to 2.22.3 (anticipating next version (<a href="https://redirect.github.com/securego/gosec/issues/1332">#1332</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/securego/gosec/commit/d2d3ae66bd8d340b78b5142b6fe610691783c2fe"><code>d2d3ae6</code></a> Switch back go.mod to minimum 1.23.0</li> <li><a href="https://github.com/securego/gosec/commit/1e7ed06b152a8a835f64c0c2a0f4ef7b83434ae8"><code>1e7ed06</code></a> Update dependencies</li> <li><a href="https://github.com/securego/gosec/commit/1bef91a07f24a9853461be9d3f13df7ee0dfc44c"><code>1bef91a</code></a> Update go version 1.24.4 and 1.23.10 in CI</li> <li><a href="https://github.com/securego/gosec/commit/621702f13a80eed1b8e60d1fa35b128d622832cb"><code>621702f</code></a> chore(deps): update all dependencies</li> <li><a href="https://github.com/securego/gosec/commit/017d1d655c299165954ba3c6d99bdb86319ecb6a"><code>017d1d6</code></a> G201/G202: add checks for injection into sql.Conn methods</li> <li><a href="https://github.com/securego/gosec/commit/67f63d47819d2766119d7f5df1cc898e6d985516"><code>67f63d4</code></a> chore(deps): update module google.golang.org/api to v0.235.0</li> <li><a href="https://github.com/securego/gosec/commit/b4eabb1b18f22ef42f267d416701e57e82394e14"><code>b4eabb1</code></a> chore(deps): update module google.golang.org/api to v0.234.0</li> <li><a href="https://github.com/securego/gosec/commit/52a80ff4bdb2e571227a1cfaab461a430e0d8800"><code>52a80ff</code></a> chore(deps): update module google.golang.org/api to v0.233.0</li> <li><a href="https://github.com/securego/gosec/commit/e2a95069d97743102fc5988eef8bd1a118c9b79c"><code>e2a9506</code></a> chore(deps): update module google.golang.org/api to v0.232.0</li> <li><a href="https://github.com/securego/gosec/commit/6decf96c3d272d5a8bbdcf9fddb5789d0be16a8d"><code>6decf96</code></a> Update to go version 1.24.3 and 1.23.9</li> <li>Additional commits viewable in <a href="https://github.com/securego/gosec/compare/955a68d0d19f4afb7503068f95059f7d0c529017...d2d3ae66bd8d340b78b5142b6fe610691783c2fe">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=securego/gosec&package-manager=github_actions&previous-version=2.22.3&new-version=2.22.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>