Skip to content

Commit 5d0b1ca

Browse files
manufacturistheliocodacy
manufacturist
and
heliocodacy
authored
fix: bump go to 1.22.12 to fix vulns CF-2302 (#196)
* fix: minor bump CF-2302 * fix: bump opengrep CF-2302 * fix: integration tests CF-2302 * rewrite * Fix integration tests * bump opengrep to 1.16.4 --------- Co-authored-by: Hélio Rocha <helio@codacy.com>
1 parent 2847fb6 commit 5d0b1ca

File tree

14 files changed

+358
-333
lines changed

14 files changed

+358
-333
lines changed

.codacy/codacy.yaml

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -3,13 +3,11 @@ runtimes:
33
- java@17.0.10
44
- node@22.2.0
55
- python@3.11.11
6-
- flutter@3.7.2
76
tools:
87
- eslint@9.38.0
98
- lizard@1.17.31
9+
- opengrep@1.16.4
1010
- pmd@6.55.0
1111
- pylint@3.3.9
1212
- revive@1.12.0
13-
- opengrep@1.16.2
1413
- trivy@0.69.3
15-
- dartanalyzer@3.7.2

go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
module codacy/cli-v2
22

3-
go 1.22.4
3+
go 1.22.12
44

55
require (
66
github.com/fatih/color v1.18.0

integration-tests/config-discover/expected/codacy.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ tools:
77
- dartanalyzer@3.7.2
88
- eslint@8.57.0
99
- lizard@1.17.31
10-
- opengrep@1.16.2
10+
- opengrep@1.16.4
1111
- pmd@7.11.0
1212
- pylint@3.3.6
1313
- trivy@0.69.3

integration-tests/config-discover/expected/tools-configs/languages-config.yaml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,10 @@ tools:
1111
languages: [C, CPP, CSharp, Erlang, Fortran, Go, Java, Javascript, Kotlin, Lua, Objective C, PHP, Python, Ruby, Rust, Scala, Solidity, Swift, TypeScript]
1212
extensions: [.c, .cc, .cpp, .cs, .cxx, .gemspec, .go, .h, .hpp, .ino, .java, .jbuilder, .js, .jsm, .jsx, .kt, .kts, .m, .mjs, .opal, .php, .podspec, .py, .rake, .rb, .rlib, .rs, .scala, .swift, .ts, .tsx, .vue]
1313
files: []
14+
- name: opengrep
15+
languages: [Apex, C, CPP, CSharp, Dockerfile, Go, Java, Javascript, Kotlin, PHP, PLSQL, Python, Ruby, Rust, SQL, Scala, Shell, Swift, Terraform, TypeScript, YAML]
16+
extensions: [.bash, .c, .cc, .cls, .cpp, .cs, .cxx, .dockerfile, .env, .fnc, .gemspec, .go, .h, .hpp, .ino, .java, .jbuilder, .js, .jsm, .jsx, .kt, .kts, .mjs, .opal, .pck, .php, .pkb, .pkh, .pks, .plb, .pld, .plh, .pls, .podspec, .prc, .py, .rake, .rb, .rlib, .rs, .scala, .sh, .sql, .swift, .tf, .tpb, .tps, .trg, .trigger, .ts, .tsx, .tyb, .typ, .vue, .yaml, .yml]
17+
files: []
1418
- name: pmd
1519
languages: [Apex, JSP, Java, Javascript, PLSQL, SQL, Velocity, VisualForce, XML]
1620
extensions: [.cls, .component, .fnc, .java, .js, .jsm, .jsp, .jsx, .mjs, .page, .pck, .pkb, .pkh, .pks, .plb, .pld, .plh, .pls, .pom, .prc, .sql, .tpb, .tps, .trg, .trigger, .tyb, .typ, .vm, .vue, .wsdl, .xml, .xsl]
@@ -23,10 +27,6 @@ tools:
2327
languages: [Go]
2428
extensions: [.go]
2529
files: []
26-
- name: opengrep
27-
languages: [Apex, C, CPP, CSharp, Dockerfile, Go, Java, Javascript, Kotlin, PHP, PLSQL, Python, Ruby, Rust, SQL, Scala, Shell, Swift, Terraform, TypeScript, YAML]
28-
extensions: [.bash, .c, .cc, .cls, .cpp, .cs, .cxx, .dockerfile, .env, .fnc, .gemspec, .go, .h, .hpp, .ino, .java, .jbuilder, .js, .jsm, .jsx, .kt, .kts, .mjs, .opal, .pck, .php, .pkb, .pkh, .pks, .plb, .pld, .plh, .pls, .podspec, .prc, .py, .rake, .rb, .rlib, .rs, .scala, .sh, .sql, .swift, .tf, .tpb, .tps, .trg, .trigger, .ts, .tsx, .tyb, .typ, .vue, .yaml, .yml]
29-
files: []
3030
- name: trivy
3131
languages: [C, CPP, CSharp, Dart, Dockerfile, Elixir, Go, JSON, Java, Javascript, PHP, Python, Ruby, Rust, Scala, Swift, Terraform, TypeScript, XML, YAML]
3232
extensions: [.c, .cc, .cpp, .cs, .cxx, .dart, .dockerfile, .env, .ex, .exs, .gemspec, .go, .h, .hpp, .ino, .java, .jbuilder, .js, .jsm, .json, .jsx, .mjs, .opal, .php, .podspec, .pom, .py, .rake, .rb, .rlib, .rs, .scala, .swift, .tf, .ts, .tsx, .vue, .wsdl, .xml, .xsl, .yaml, .yml]

integration-tests/init-with-token/expected/codacy.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ runtimes:
55
tools:
66
- eslint@8.57.0
77
- lizard@1.17.31
8-
- opengrep@1.16.2
8+
- opengrep@1.16.4
99
- pmd@6.55.0
1010
- pylint@3.3.9
1111
- trivy@0.69.3

integration-tests/init-with-token/expected/tools-configs/languages-config.yaml

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,15 @@
11
tools:
22
- name: eslint
3-
languages: [Javascript]
4-
extensions: [.js, .jsm, .jsx, .mjs, .vue]
3+
languages: [Javascript, TypeScript]
4+
extensions: [.js, .jsm, .jsx, .mjs, .ts, .tsx, .vue]
55
files: []
66
- name: lizard
7-
languages: [Java, Javascript, Python]
8-
extensions: [.java, .js, .jsm, .jsx, .mjs, .py, .vue]
7+
languages: [Java, Javascript, Python, TypeScript]
8+
extensions: [.java, .js, .jsm, .jsx, .mjs, .py, .ts, .tsx, .vue]
9+
files: []
10+
- name: opengrep
11+
languages: [Java, Javascript, Python, TypeScript]
12+
extensions: [.java, .js, .jsm, .jsx, .mjs, .py, .ts, .tsx, .vue]
913
files: []
1014
- name: pmd
1115
languages: [Java, Javascript]
@@ -15,11 +19,7 @@ tools:
1519
languages: [Python]
1620
extensions: [.py]
1721
files: []
18-
- name: opengrep
19-
languages: [Java, Javascript, Python]
20-
extensions: [.java, .js, .jsm, .jsx, .mjs, .py, .vue]
21-
files: []
2222
- name: trivy
23-
languages: [JSON, Java, Javascript, Python]
24-
extensions: [.java, .js, .jsm, .json, .jsx, .mjs, .py, .vue]
25-
files: [Pipfile.lock, gradle.lockfile, package-lock.json, package.json, pnpm-lock.yaml, poetry.lock, pom.xml, requirements.txt, uv.lock, yarn.lock]
23+
languages: [JSON, Java, Javascript, Python, TypeScript]
24+
extensions: [.java, .js, .jsm, .json, .jsx, .mjs, .py, .ts, .tsx, .vue]
25+
files: [Pipfile.lock, gradle.lockfile, package-lock.json, package.json, pnpm-lock.yaml, poetry.lock, pom.xml, requirements.txt, uv.lock, yarn.lock]

integration-tests/init-without-token/expected/codacy.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ tools:
88
- dartanalyzer@3.7.2
99
- eslint@8.57.0
1010
- lizard@1.17.31
11-
- opengrep@1.16.2
11+
- opengrep@1.16.4
1212
- pmd@7.11.0
1313
- pylint@3.3.6
1414
- revive@1.7.0

integration-tests/init-without-token/expected/tools-configs/languages-config.yaml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,10 @@ tools:
1111
languages: [C, CPP, CSharp, Erlang, Fortran, Go, Java, Javascript, Kotlin, Lua, Objective C, PHP, Python, Ruby, Rust, Scala, Solidity, Swift, TypeScript]
1212
extensions: [.c, .cc, .cpp, .cs, .cxx, .gemspec, .go, .h, .hpp, .ino, .java, .jbuilder, .js, .jsm, .jsx, .kt, .kts, .m, .mjs, .opal, .php, .podspec, .py, .rake, .rb, .rlib, .rs, .scala, .swift, .ts, .tsx, .vue]
1313
files: []
14+
- name: opengrep
15+
languages: [Apex, C, CPP, CSharp, Dockerfile, Go, Java, Javascript, Kotlin, PHP, PLSQL, Python, Ruby, Rust, SQL, Scala, Shell, Swift, Terraform, TypeScript, YAML]
16+
extensions: [.bash, .c, .cc, .cls, .cpp, .cs, .cxx, .dockerfile, .env, .fnc, .gemspec, .go, .h, .hpp, .ino, .java, .jbuilder, .js, .jsm, .jsx, .kt, .kts, .mjs, .opal, .pck, .php, .pkb, .pkh, .pks, .plb, .pld, .plh, .pls, .podspec, .prc, .py, .rake, .rb, .rlib, .rs, .scala, .sh, .sql, .swift, .tf, .tpb, .tps, .trg, .trigger, .ts, .tsx, .tyb, .typ, .vue, .yaml, .yml]
17+
files: []
1418
- name: pmd
1519
languages: [Apex, JSP, Java, Javascript, PLSQL, SQL, Velocity, VisualForce, XML]
1620
extensions: [.cls, .component, .fnc, .java, .js, .jsm, .jsp, .jsx, .mjs, .page, .pck, .pkb, .pkh, .pks, .plb, .pld, .plh, .pls, .pom, .prc, .sql, .tpb, .tps, .trg, .trigger, .tyb, .typ, .vm, .vue, .wsdl, .xml, .xsl]
@@ -23,10 +27,6 @@ tools:
2327
languages: [Go]
2428
extensions: [.go]
2529
files: []
26-
- name: opengrep
27-
languages: [Apex, C, CPP, CSharp, Dockerfile, Go, Java, Javascript, Kotlin, PHP, PLSQL, Python, Ruby, Rust, SQL, Scala, Shell, Swift, Terraform, TypeScript, YAML]
28-
extensions: [.bash, .c, .cc, .cls, .cpp, .cs, .cxx, .dockerfile, .env, .fnc, .gemspec, .go, .h, .hpp, .ino, .java, .jbuilder, .js, .jsm, .jsx, .kt, .kts, .mjs, .opal, .pck, .php, .pkb, .pkh, .pks, .plb, .pld, .plh, .pls, .podspec, .prc, .py, .rake, .rb, .rlib, .rs, .scala, .sh, .sql, .swift, .tf, .tpb, .tps, .trg, .trigger, .ts, .tsx, .tyb, .typ, .vue, .yaml, .yml]
29-
files: []
3030
- name: trivy
3131
languages: [C, CPP, CSharp, Dart, Dockerfile, Elixir, Go, JSON, Java, Javascript, PHP, Python, Ruby, Rust, Scala, Swift, Terraform, TypeScript, XML, YAML]
3232
extensions: [.c, .cc, .cpp, .cs, .cxx, .dart, .dockerfile, .env, .ex, .exs, .gemspec, .go, .h, .hpp, .ino, .java, .jbuilder, .js, .jsm, .json, .jsx, .mjs, .opal, .php, .podspec, .pom, .py, .rake, .rb, .rlib, .rs, .scala, .swift, .tf, .ts, .tsx, .vue, .wsdl, .xml, .xsl, .yaml, .yml]

plugins/tools/opengrep/plugin.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
name: opengrep
22
description: Opengrep is an open-source static analysis tool and community fork of Semgrep for finding bugs and enforcing code standards.
3-
default_version: 1.16.2
3+
default_version: 1.16.4
44
download:
55
url_template: "https://github.com/opengrep/opengrep/releases/download/v{{.Version}}/opengrep_{{.OS}}_{{.Arch}}{{.Extension}}"
66
file_name_template: "opengrep_{{.OS}}_{{.Arch}}"

0 commit comments

Comments
 (0)