[PR #143] [MERGED] 🌱 bump securego/gosec from 2.22.3 to 2.22.8 #141

New issue

Closed

opened 2026-03-03 16:28:27 +03:00 by kerem · 0 comments

kerem commented 2026-03-03 16:28:27 +03:00

Owner

Copy link

📋 Pull Request Information

Original PR: https://github.com/natrontech/pbs-exporter/pull/143
Author: @dependabot[bot]
Created: 8/19/2025
Status: ✅ Merged
Merged: 9/2/2025
Merged by: @janfuhrer

Base: main ← Head: dependabot/github_actions/securego/gosec-2.22.8

---

📝 Commits (1)

• 613ad38 🌱 bump securego/gosec from 2.22.3 to 2.22.8

📊 Changes

1 file changed (+1 additions, -1 deletions)

View changed files

📝 .github/workflows/gosec.yml (+1 -1)

📄 Description

Bumps securego/gosec from 2.22.3 to 2.22.8.

Release notes

Sourced from securego/gosec's releases.

v2.22.8

Changelog

• c9453023c4e81ebdb6dde29e22d9cd5e2285fb16 Add support for go version 1.25.0
• ef7adab98ce3c9599c340cb6d6e988f666d9a866 Update go version in CI to 1.24.6 and 1.23.12
• e201bb86c2a1ab06d6773b6185a5c16413267abf chore(deps): update all dependencies
• ba592afef69e0e9f70adf25b95a15056cd61f015 chore(deps): update all dependencies
• 2ef6017991fdf27d40052196a32571a0ba71dc9a Update github action to release v2.22.7

v2.22.7

Changelog

• 32975f4bab0d7b683a88756aaf3fa5502188b476 Fix crash in hardcoded_nonce analyzer
• 6ea6b35e61f367312f4ec362440c98891830286d Update go action to use release v2.22.6

v2.22.6

Changelog

• bc3f2145b52adab91f2bee2686c9ad65e65005d6 Update go version to 1.24.5 and 1.23.11 in the CI
• 925741b7eff92a31663cb1d4e84d809345029883 chore(deps): update module google.golang.org/api to v0.242.0
• 59ae7e9e275d7dce03bb9c37432b7b3575dbe5fc chore(deps): update all dependencies
• e7abd9e3482c9ba37761c7e39dad696d2fd7bedb chore(deps): update all dependencies
• 35e7bc1a94c4df54c5f3f5debd3241b752c65a1a chore(deps): update all dependencies
• 2d1ed95a0be84f9468a177e96285ab901051819c chore(deps): update all dependencies
• 4a8cb4609fccc267e012189996cad9b08f2f2af8 Do not allow dashes in file names
• bcc8afbe30446f2660a7b6b6909541e12fa28239 Update gosec to version 2.22.5 in Github action

v2.22.5

Changelog

• d2d3ae66bd8d340b78b5142b6fe610691783c2fe Switch back go.mod to minimum 1.23.0
• 1e7ed06b152a8a835f64c0c2a0f4ef7b83434ae8 Update dependencies
• 1bef91a07f24a9853461be9d3f13df7ee0dfc44c Update go version 1.24.4 and 1.23.10 in CI
• 621702f13a80eed1b8e60d1fa35b128d622832cb chore(deps): update all dependencies
• 017d1d655c299165954ba3c6d99bdb86319ecb6a G201/G202: add checks for injection into sql.Conn methods
• 67f63d47819d2766119d7f5df1cc898e6d985516 chore(deps): update module google.golang.org/api to v0.235.0
• b4eabb1b18f22ef42f267d416701e57e82394e14 chore(deps): update module google.golang.org/api to v0.234.0
• 52a80ff4bdb2e571227a1cfaab461a430e0d8800 chore(deps): update module google.golang.org/api to v0.233.0
• e2a95069d97743102fc5988eef8bd1a118c9b79c chore(deps): update module google.golang.org/api to v0.232.0

v2.22.4

Changelog

• 6decf96c3d272d5a8bbdcf9fddb5789d0be16a8d Update to go version 1.24.3 and 1.23.9
• d522338364ccd4e90c00dedc1c7c73f99f1ce20d update: updated the build command to include version metadata
• 270b5ce8680a9b04afb94d7b5f2b32b9675e379a chore(deps): update all dependencies
• 60279264beb3f4ca2b288d39b84e930747009a8f Update the AI provider API key value when provided as an argument
• 65d2d9f011ac529754f847977812a1c64fdab7ea chore(deps): update module google.golang.org/api to v0.230.0
• dc1c38b861a6780559cbd51fb9585da7863d0cc5 chore(deps): update module google.golang.org/api to v0.229.0
• 55dbf5ad81fd416ebe540f79e236d1b76dec9164 chore(deps): update all dependencies
• 2aaa9c41d6671d0ce7c778cc10340c4fd62d164b Comment the reason why the file can be nil when an issue is created
• 700e9a9d180e449887f89d03681e4f8225da430a Handle nil file when creating a new issue
• d514c426711896adf8a1dffb09037c3ac8752b05 chore(deps): update all dependencies (#1333)
• 1d458c50e1a9aa6c0d414dfde3998d66cf2c4fc7 Update version in 'action.yml' to 2.22.3 (anticipating next version (#1332)

Commits

• c945302 Add support for go version 1.25.0
• ef7adab Update go version in CI to 1.24.6 and 1.23.12
• e201bb8 chore(deps): update all dependencies
• ba592af chore(deps): update all dependencies
• 2ef6017 Update github action to release v2.22.7
• 32975f4 Fix crash in hardcoded_nonce analyzer
• 6ea6b35 Update go action to use release v2.22.6
• bc3f214 Update go version to 1.24.5 and 1.23.11 in the CI
• 925741b chore(deps): update module google.golang.org/api to v0.242.0
• 59ae7e9 chore(deps): update all dependencies
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/natrontech/pbs-exporter/pull/143 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 8/19/2025 **Status:** ✅ Merged **Merged:** 9/2/2025 **Merged by:** [@janfuhrer](https://github.com/janfuhrer) **Base:** `main` ← **Head:** `dependabot/github_actions/securego/gosec-2.22.8` --- ### 📝 Commits (1) - [`613ad38`](https://github.com/natrontech/pbs-exporter/commit/613ad38fa7ac803f019a5c51e1fa3a905aab8de0) :seedling: bump securego/gosec from 2.22.3 to 2.22.8 ### 📊 Changes **1 file changed** (+1 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `.github/workflows/gosec.yml` (+1 -1) </details> ### 📄 Description Bumps [securego/gosec](https://github.com/securego/gosec) from 2.22.3 to 2.22.8. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/securego/gosec/releases">securego/gosec's releases</a>.</em></p> <blockquote> <h2>v2.22.8</h2> <h2>Changelog</h2> <ul> <li>c9453023c4e81ebdb6dde29e22d9cd5e2285fb16 Add support for go version 1.25.0</li> <li>ef7adab98ce3c9599c340cb6d6e988f666d9a866 Update go version in CI to 1.24.6 and 1.23.12</li> <li>e201bb86c2a1ab06d6773b6185a5c16413267abf chore(deps): update all dependencies</li> <li>ba592afef69e0e9f70adf25b95a15056cd61f015 chore(deps): update all dependencies</li> <li>2ef6017991fdf27d40052196a32571a0ba71dc9a Update github action to release v2.22.7</li> </ul> <h2>v2.22.7</h2> <h2>Changelog</h2> <ul> <li>32975f4bab0d7b683a88756aaf3fa5502188b476 Fix crash in hardcoded_nonce analyzer</li> <li>6ea6b35e61f367312f4ec362440c98891830286d Update go action to use release v2.22.6</li> </ul> <h2>v2.22.6</h2> <h2>Changelog</h2> <ul> <li>bc3f2145b52adab91f2bee2686c9ad65e65005d6 Update go version to 1.24.5 and 1.23.11 in the CI</li> <li>925741b7eff92a31663cb1d4e84d809345029883 chore(deps): update module google.golang.org/api to v0.242.0</li> <li>59ae7e9e275d7dce03bb9c37432b7b3575dbe5fc chore(deps): update all dependencies</li> <li>e7abd9e3482c9ba37761c7e39dad696d2fd7bedb chore(deps): update all dependencies</li> <li>35e7bc1a94c4df54c5f3f5debd3241b752c65a1a chore(deps): update all dependencies</li> <li>2d1ed95a0be84f9468a177e96285ab901051819c chore(deps): update all dependencies</li> <li>4a8cb4609fccc267e012189996cad9b08f2f2af8 Do not allow dashes in file names</li> <li>bcc8afbe30446f2660a7b6b6909541e12fa28239 Update gosec to version 2.22.5 in Github action</li> </ul> <h2>v2.22.5</h2> <h2>Changelog</h2> <ul> <li>d2d3ae66bd8d340b78b5142b6fe610691783c2fe Switch back go.mod to minimum 1.23.0</li> <li>1e7ed06b152a8a835f64c0c2a0f4ef7b83434ae8 Update dependencies</li> <li>1bef91a07f24a9853461be9d3f13df7ee0dfc44c Update go version 1.24.4 and 1.23.10 in CI</li> <li>621702f13a80eed1b8e60d1fa35b128d622832cb chore(deps): update all dependencies</li> <li>017d1d655c299165954ba3c6d99bdb86319ecb6a G201/G202: add checks for injection into sql.Conn methods</li> <li>67f63d47819d2766119d7f5df1cc898e6d985516 chore(deps): update module google.golang.org/api to v0.235.0</li> <li>b4eabb1b18f22ef42f267d416701e57e82394e14 chore(deps): update module google.golang.org/api to v0.234.0</li> <li>52a80ff4bdb2e571227a1cfaab461a430e0d8800 chore(deps): update module google.golang.org/api to v0.233.0</li> <li>e2a95069d97743102fc5988eef8bd1a118c9b79c chore(deps): update module google.golang.org/api to v0.232.0</li> </ul> <h2>v2.22.4</h2> <h2>Changelog</h2> <ul> <li>6decf96c3d272d5a8bbdcf9fddb5789d0be16a8d Update to go version 1.24.3 and 1.23.9</li> <li>d522338364ccd4e90c00dedc1c7c73f99f1ce20d update: updated the build command to include version metadata</li> <li>270b5ce8680a9b04afb94d7b5f2b32b9675e379a chore(deps): update all dependencies</li> <li>60279264beb3f4ca2b288d39b84e930747009a8f Update the AI provider API key value when provided as an argument</li> <li>65d2d9f011ac529754f847977812a1c64fdab7ea chore(deps): update module google.golang.org/api to v0.230.0</li> <li>dc1c38b861a6780559cbd51fb9585da7863d0cc5 chore(deps): update module google.golang.org/api to v0.229.0</li> <li>55dbf5ad81fd416ebe540f79e236d1b76dec9164 chore(deps): update all dependencies</li> <li>2aaa9c41d6671d0ce7c778cc10340c4fd62d164b Comment the reason why the file can be nil when an issue is created</li> <li>700e9a9d180e449887f89d03681e4f8225da430a Handle nil file when creating a new issue</li> <li>d514c426711896adf8a1dffb09037c3ac8752b05 chore(deps): update all dependencies (<a href="https://redirect.github.com/securego/gosec/issues/1333">#1333</a>)</li> <li>1d458c50e1a9aa6c0d414dfde3998d66cf2c4fc7 Update version in 'action.yml' to 2.22.3 (anticipating next version (<a href="https://redirect.github.com/securego/gosec/issues/1332">#1332</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/securego/gosec/commit/c9453023c4e81ebdb6dde29e22d9cd5e2285fb16"><code>c945302</code></a> Add support for go version 1.25.0</li> <li><a href="https://github.com/securego/gosec/commit/ef7adab98ce3c9599c340cb6d6e988f666d9a866"><code>ef7adab</code></a> Update go version in CI to 1.24.6 and 1.23.12</li> <li><a href="https://github.com/securego/gosec/commit/e201bb86c2a1ab06d6773b6185a5c16413267abf"><code>e201bb8</code></a> chore(deps): update all dependencies</li> <li><a href="https://github.com/securego/gosec/commit/ba592afef69e0e9f70adf25b95a15056cd61f015"><code>ba592af</code></a> chore(deps): update all dependencies</li> <li><a href="https://github.com/securego/gosec/commit/2ef6017991fdf27d40052196a32571a0ba71dc9a"><code>2ef6017</code></a> Update github action to release v2.22.7</li> <li><a href="https://github.com/securego/gosec/commit/32975f4bab0d7b683a88756aaf3fa5502188b476"><code>32975f4</code></a> Fix crash in hardcoded_nonce analyzer</li> <li><a href="https://github.com/securego/gosec/commit/6ea6b35e61f367312f4ec362440c98891830286d"><code>6ea6b35</code></a> Update go action to use release v2.22.6</li> <li><a href="https://github.com/securego/gosec/commit/bc3f2145b52adab91f2bee2686c9ad65e65005d6"><code>bc3f214</code></a> Update go version to 1.24.5 and 1.23.11 in the CI</li> <li><a href="https://github.com/securego/gosec/commit/925741b7eff92a31663cb1d4e84d809345029883"><code>925741b</code></a> chore(deps): update module google.golang.org/api to v0.242.0</li> <li><a href="https://github.com/securego/gosec/commit/59ae7e9e275d7dce03bb9c37432b7b3575dbe5fc"><code>59ae7e9</code></a> chore(deps): update all dependencies</li> <li>Additional commits viewable in <a href="https://github.com/securego/gosec/compare/955a68d0d19f4afb7503068f95059f7d0c529017...c9453023c4e81ebdb6dde29e22d9cd5e2285fb16">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

kerem 2026-03-03 16:28:27 +03:00

• closed this issue
• added the
  pull-request
  label

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

dependabot/github_actions/github-actions-6b600656ea

v0.9.0

v0.8.0

v0.7.1

v0.7.0

v0.6.7

v0.6.6

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.0

v0.5.0-rc.0

0.4.0

0.3.0

0.2.0

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

0.0.1

Labels

Clear labels   

dependencies

  

enhancement

  

enhancement

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

security

No labels

dependencies

enhancement

enhancement

pull-request

question

security

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/pbs-exporter#141

No description provided.