Bump github.com/securego/gosec/v2 from 2.20.1-0.20240525090044-5f0084eb01a9 to 2.22.4

[dependabot]

Bumps github.com/securego/gosec/v2 from 2.20.1-0.20240525090044-5f0084eb01a9 to 2.22.4.

Release notes

Sourced from github.com/securego/gosec/v2's releases.

v2.22.4

Changelog

• 6decf96c3d272d5a8bbdcf9fddb5789d0be16a8d Update to go version 1.24.3 and 1.23.9
• d522338364ccd4e90c00dedc1c7c73f99f1ce20d update: updated the build command to include version metadata
• 270b5ce8680a9b04afb94d7b5f2b32b9675e379a chore(deps): update all dependencies
• 60279264beb3f4ca2b288d39b84e930747009a8f Update the AI provider API key value when provided as an argument
• 65d2d9f011ac529754f847977812a1c64fdab7ea chore(deps): update module google.golang.org/api to v0.230.0
• dc1c38b861a6780559cbd51fb9585da7863d0cc5 chore(deps): update module google.golang.org/api to v0.229.0
• 55dbf5ad81fd416ebe540f79e236d1b76dec9164 chore(deps): update all dependencies
• 2aaa9c41d6671d0ce7c778cc10340c4fd62d164b Comment the reason why the file can be nil when an issue is created
• 700e9a9d180e449887f89d03681e4f8225da430a Handle nil file when creating a new issue
• d514c426711896adf8a1dffb09037c3ac8752b05 chore(deps): update all dependencies (#1333)
• 1d458c50e1a9aa6c0d414dfde3998d66cf2c4fc7 Update version in 'action.yml' to 2.22.3 (anticipating next version (#1332)

v2.22.3

Changelog

• 955a68d0d19f4afb7503068f95059f7d0c529017 Update go version to 1.24.2 and 1.23.8 (#1331)
• 1336dc682085ec9d6b4d40fda0e4598e156bef5c remove G113. It only affects old/unsupported versions of Go (#1328)
• 5fd2a370447223541cddb35da8d1bc707b7bb153 chore(deps): update all dependencies (#1325)
• 39e44777884117b67b8fd57dd75bb62c96ca92b7 Add SSOJet (#1320)
• 6141d100df940efbada15a19204565c3e85fda63 chore(deps): update all dependencies (#1319)
• 9452efe4ad770f703df825fb32cd693b421fc916 Update the integrity sha for babel dependency in html report (#1316)
• 57ec63392cac020f01f555654da58918b71fdd2d Add support for //gosec:disable directive (#1314)
• e5fee17863ee626a6d3335bb13df3f620352ddf8 chore(deps): update all dependencies (#1315)

v2.22.2

Changelog

• 136f6c00402b11775d4f4a45d5a21e2f6dd99db2 Update to go version 1.24.1 and 1.23.7 (#1313)
• 047453a82f5e8e5d55730f8108582c32943b04ea chore(deps): update all dependencies (#1310)
• 76ccee5b2f4f8fb99c34e156717967b7e57d160d chore(deps): update all dependencies (#1308)
• a9eb1c96fae2533bee92dc08d311cd36d4ec2493 Update gosec version in the GitHub action to v2.22.1 (#1307)
• 89c5da3ce07d6df76c067f331f2fcfdb6b30c736 chore(deps): update module google.golang.org/api to v0.221.0 (#1305)

v2.22.1

Changelog

• 43fee884f668c23601e0bec7a8c095fba226f889 Update cosign to v2.4.2 (#1303)
• 77238291df6682591938942acd2b330229ab307d Add support for go 1.24 and phased out support for go 1.22 (#1302)
• 9552f0372db9a3c730adae2328f542e5a6bd82e5 chore(deps): update all dependencies (#1300)
• f4d2576c3634700f06a59e191003834fa3703008 Update to go version 1.23.6 and 1.22.12 (#1299)
• 2258e3108d07825c3504d831273ef844b6cfbc79 chore(deps): update module google.golang.org/api to v0.219.0 (#1296)
• fbb08336de370d93b21a2956348159193507d384 chore(deps): update module google.golang.org/api to v0.218.0 (#1294)
• c66cb56f093198af62904e900e28c34017d939f2 Add test to conver unit parssing for G115 rule (#1293)
• 59291a08aeb9c9dc9a61ee453e7a05cbfa297784 Update to go version 1.23.5 and 1.22.11 (#1291)
• 7466b7cad228fb713f911d10ca4f9e935d4e39a0 chore(deps): update all dependencies (#1290)
• 32dcc8a1f5b106becb905f20b4491f43061cbd15 Update gosec in github action to 2.22.0 (#1286)

v2.22.0

Changelog

• e0cca6fe95306b7e7790d6f1bf6a7bec6d622459 Update what message for G104 (#1282)
• 534689b08f588e88a89ffe20eddfdc28c6eeb86e chore(deps): update module github.com/onsi/ginkgo/v2 to v2.22.2 (#1281)

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[openshift-ci]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign vincent056 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/images	736c579	link	true	/test images
ci/prow/ci-index-file-integrity-operator-bundle	736c579	link	true	/test ci-index-file-integrity-operator-bundle
ci/prow/e2e-aws	736c579	link	true	/test e2e-aws

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.