Skip to content

Bump securego/gosec from 2.27.1 to 2.28.0#388

Merged
arnested merged 1 commit into
mainfrom
dependabot/github_actions/securego/gosec-2.28.0
Jul 15, 2026
Merged

Bump securego/gosec from 2.27.1 to 2.28.0#388
arnested merged 1 commit into
mainfrom
dependabot/github_actions/securego/gosec-2.28.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 15, 2026

Copy link
Copy Markdown
Contributor

Bumps securego/gosec from 2.27.1 to 2.28.0.

Release notes

Sourced from securego/gosec's releases.

v2.28.0

Changelog

  • 9e75c0576c9878035d4221392108d458abe10fc3 feat(G101): detect AWS temporary access keys (#1702)
  • 14f493ab92f212e1f3d69aeaa561989e5baf9d6f Update to go version 1.26.5 and 1.25.12 (#1704)
  • ffd5ba1d3354928fae89ac31912bd1d730798799 Update all dependencies (#1703)
  • 849570622f56a251c015c0e2417aebafc0216e17 Update all dependencies (#1699)
  • 11023e51e1f46c4ea63315bdb7670f073442168f Update all dependencies (#1698)
  • f88a0781159d73052ba792962e624749904783d6 fix: min+max G115 false positives (#1697)
  • 6a008f60b8f7f3d7fae8f126984a9df5d4b7e0cf Update all dependencies (#1696)
  • caf8857bbd3276599d0176b0528e9712bb0b5bec fix(G404): flag missing math/rand weak-random functions (#1694)
  • cbef395cb1e2e3a35f6223f5b97f1657f7144797 Update all dependencies (#1695)
  • f1c81de5fcdf7b466b229fb24ca02d1a8406dd09 Update all dependencies (#1693)
  • 9addc97cefc9460a114e3c36f536b935da3b98c9 Update to go version 1.26.4 and 1.25.11 (#1690)
  • 92ed8df32846e85d4e81b0b62012567afddfdc95 Update the gosec in the Github action to v2.27.1 (#1688)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [securego/gosec](https://github.com/securego/gosec) from 2.27.1 to 2.28.0.
- [Release notes](https://github.com/securego/gosec/releases)
- [Commits](securego/gosec@v2.27.1...v2.28.0)

---
updated-dependencies:
- dependency-name: securego/gosec
  dependency-version: 2.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies github_actions Pull requests that update GitHub Actions code labels Jul 15, 2026
@dependabot
dependabot Bot requested a review from arnested as a code owner July 15, 2026 02:02
@dependabot dependabot Bot added dependencies github_actions Pull requests that update GitHub Actions code labels Jul 15, 2026
@arnested
arnested merged commit eba85dd into main Jul 15, 2026
16 checks passed
@arnested
arnested deleted the dependabot/github_actions/securego/gosec-2.28.0 branch July 15, 2026 04:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies github_actions Pull requests that update GitHub Actions code size/XS

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant