Releases: TekWizely/pre-commit-golang
Support for gosec - v0.8.2
Release v0.8.2
Adds support for the gosec security checker
go-sec
Inspects source code for security problems by scanning the Go AST.
| Hook ID | Description |
|---|---|
go-sec-mod |
Run 'cd $(mod_root $FILE); gosec [$ARGS] ./...' for each staged .go file |
go-sec-pkg |
Run 'gosec [$ARGS] ./$(dirname $FILE)' for each staged .go file |
go-sec-repo-mod |
Run 'cd $(mod_root); gosec [$ARGS] ./...' for each module in the repo |
go-sec-repo-pkg |
Run 'gosec [$ARGS] ./...' in repo root folder |
Install
go get github.com/securego/gosec/v2/cmd/gosec
Help
- https://github.com/securego/gosec#usage
gosec (no args)
Exclude ALL Vendor Folders : v0.8.1
Release v0.8.1
Updates the pattern for ignoring vendor folders from ./vendor/* to */vendor/*, which should now also ignore vendor folders beneath the root folder.
'--' Now Optional In Hook Args : v0.8.0
Release v0.8.0
A trailing '--' is now (mostly) optional when passing options into hooks.
if your options contain a reference to an existing file, then you will need to use a trailing '--' argument to separate the hook options from the modified-file list that Pre-Commit passes into the hook.
Note: For repo-based hooks, '--' is not needed.
Exclude Vendor Folder - Discard Build Assets : v0.7.5
Release v0.7.5
Changes in this release
- All hooks exclude
'/vendor/'folders - Go-build hooks discard built executables (
'-o /dev/null') when building'main'packages - Fixed missing newline in error messages on go-fmt/imports/returns
Improved Module Support - All Hooks Accept Arguments : v0.7.4
Release v0.7.4
Better module/pkg support. Argument support for all hooks. Fixed error checking on go-fmt/import/returns.
Re-worked docs.
Module-Specific Hooks : v0.6.1
Release v0.6.1
I added a few Module-centric hooks:
go-build-modgo-test-modgo-vet-modgolangci-lint-modgolangci-lint-mod-fix
These hooks will walk up the path of each staged file, looking for a go.mod file. The directory containing the go.mod file will be considered a "module-root"
The command (build, test, vet...) will be executed with each module-root being the target.
Full Looping; Directory-Based + Packaged-Based Hooks : v0.6.0
Release v0.6.0
Delayed Error == More Error Messages
For hooks that loop over the input file list, I updated the loop pattern so I could run over the entire loop, instead of exiting after the first error. This should allow you to see more errors sooner.
Directory-Based Hooks
I also added Directory-Based and Packaged-Based versions of the build, test, vet, and golangci hooks.
Instead of running against each staged file individually, these new hooks will run against the staged file's parent folder.
NOTE: By design, the directory-based hooks only execute against a given directory once per hook invocation.
HOWEVER, due to OS command-line length limits, Pre-Commit can invoke a hook multiple times if a large number of files are staged.
First Release : v0.5.0
Release v0.5.0
Feeling pretty good about this first pass on the project.
Just to be safe, going to leave the version <1.0.0 until it gets some time 'in the field'.