Skip to content

chore(deps): bump securego/gosec from 2.27.1 to 2.28.0#67

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/securego/gosec-2.28.0
Open

chore(deps): bump securego/gosec from 2.27.1 to 2.28.0#67
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/securego/gosec-2.28.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 16, 2026

Copy link
Copy Markdown
Contributor

Bumps securego/gosec from 2.27.1 to 2.28.0.

Release notes

Sourced from securego/gosec's releases.

v2.28.0

Changelog

  • 9e75c0576c9878035d4221392108d458abe10fc3 feat(G101): detect AWS temporary access keys (#1702)
  • 14f493ab92f212e1f3d69aeaa561989e5baf9d6f Update to go version 1.26.5 and 1.25.12 (#1704)
  • ffd5ba1d3354928fae89ac31912bd1d730798799 Update all dependencies (#1703)
  • 849570622f56a251c015c0e2417aebafc0216e17 Update all dependencies (#1699)
  • 11023e51e1f46c4ea63315bdb7670f073442168f Update all dependencies (#1698)
  • f88a0781159d73052ba792962e624749904783d6 fix: min+max G115 false positives (#1697)
  • 6a008f60b8f7f3d7fae8f126984a9df5d4b7e0cf Update all dependencies (#1696)
  • caf8857bbd3276599d0176b0528e9712bb0b5bec fix(G404): flag missing math/rand weak-random functions (#1694)
  • cbef395cb1e2e3a35f6223f5b97f1657f7144797 Update all dependencies (#1695)
  • f1c81de5fcdf7b466b229fb24ca02d1a8406dd09 Update all dependencies (#1693)
  • 9addc97cefc9460a114e3c36f536b935da3b98c9 Update to go version 1.26.4 and 1.25.11 (#1690)
  • 92ed8df32846e85d4e81b0b62012567afddfdc95 Update the gosec in the Github action to v2.27.1 (#1688)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [securego/gosec](https://github.com/securego/gosec) from 2.27.1 to 2.28.0.
- [Release notes](https://github.com/securego/gosec/releases)
- [Commits](securego/gosec@v2.27.1...v2.28.0)

---
updated-dependencies:
- dependency-name: securego/gosec
  dependency-version: 2.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 16, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants