Update Static Analysis Analyzers to Go 1.15
Description
Go 1.15 was released 11 August 2020. We should update our tools to use the latest stable version of Go.
Proposal
Update Analyzers maintained by @gitlab-org/secure/static-analysis-be to use Go 1.15
Tasks
Update default goversion to 1.15
in https://gitlab.com/gitlab-org/security-products/ci-templates/-/blob/master/includes-dev/analyzer.yml#L7
Update the following analyzers to use Go 1.15
-
https://gitlab.com/gitlab-org/security-products/analyzers/bandit -
https://gitlab.com/gitlab-org/security-products/analyzers/brakeman -
https://gitlab.com/gitlab-org/security-products/analyzers/eslint -
https://gitlab.com/gitlab-org/security-products/analyzers/flawfinder -
https://gitlab.com/gitlab-org/security-products/analyzers/gosec -
https://gitlab.com/gitlab-org/security-products/analyzers/kubesec -
https://gitlab.com/gitlab-org/security-products/analyzers/nodejs-scan -
https://gitlab.com/gitlab-org/security-products/analyzers/phpcs-security-audit -
https://gitlab.com/gitlab-org/security-products/analyzers/pmd-apex -
https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan -
https://gitlab.com/gitlab-org/security-products/analyzers/sobelow -
https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs [ ] https://gitlab.com/gitlab-org/security-products/analyzers/tslint-
https://gitlab.com/gitlab-org/security-products/analyzers/secrets
Sub-tasks for all analyzers above
-
Add CHANGELOG entry for updated golang version. -
Release new minor version of the analyzer with updated golang version.
Edited by Daniel Paul Searles