Deployment status of gosec rules.

[zak-pawel]

Current status:

Rule	Issue	To enable?	PR(s)	Work finished?
G101: Look for hard coded credentials	#12889	Y	#13009	Y
G102: Bind to all interfaces	#12890	Y	#12923 #12976	Y
G103: Audit the use of unsafe block	#12891	Y	#13038	Y
G104: Audit errors not checked	#12892	N (errcheck is used instead)	x	Y
G105: Audit the use of math/big.Int.Exp	x	N (retired)	x	Y
G106: Audit the use of ssh.InsecureIgnoreHostKey	#12893	Y	#12956	Y
G107: Url provided to HTTP request as taint input	#12894	Y	#13010	Y
G108: Profiling endpoint automatically exposed on /debug/pprof	#12895	Y	#12956	Y
G109: Potential Integer overflow made by strconv.Atoi result conversion to int16/32	#12896	Y	#12956	Y
G110: Potential DoS vulnerability via decompression bomb	#12897	Y	#13044	Y
G111: Potential directory traversal	#12898	Y	#12956	Y
G112: Potential slowloris attack	#12899	Y	#12986	Y
G113: Usage of Rat.SetString in math/big with an overflow (CVE-2022-23772)	#12900	N (not valid anymore)	x	Y
G114: Use of net/http serve function that has no support for setting timeouts	#12901	Y	#12986	Y
G115: Potential integer overflow when converting between integer types	#15798
G201: SQL query construction using format string	#12902	Y	#12956	Y
G202: SQL query construction using string concatenation	#12903	Y	#12984	Y
G203: Use of unescaped data in HTML templates	#12904	Y	#12956	Y
G204: Audit use of command execution	#12905	N	x	Y
G301: Poor file permissions used when creating a directory	#12940	Y	#13022	Y
G302: Poor file permissions used with chmod	#12941	Y	#13022	Y
G303: Creating tempfile using a predictable path	#12942	Y	#13039	Y
G304: File path provided as taint input	#12943	N	x	Y
G305: File traversal when extracting zip/tar archive	#12944	Y	#13039	Y
G306: Poor file permissions used when writing to a new file	#12945	Y	#13022	Y
G307: Deferring a method which returns an error	x	N (retired)	x	Y
G401: Detect the usage of DES, RC4, MD5 or SHA1	#12946	Y	#13021	Y
G402: Look for bad TLS connection settings	#12947	N	x	Y
G403: Ensure minimum RSA key length of 2048 bits	#12948	Y	#13021	Y
G404: Insecure random number source (rand)	#12949	Y	#13095	Y
G405: Detect the usage of DES or RC4	#15799	Y	#15835	Y
G406: Detect the usage of MD4 or RIPEMD160	#15800	Y	#15835	Y
G407: Detect the usage of hardcoded Initialization Vector(IV)/Nonce	Rule not yet available in the newest golangci-lint (currently: v1.60.3)
G501: Import blocklist: crypto/md5	#12950	Y	#13021	Y
G502: Import blocklist: crypto/des	#12951	Y	#13021	Y
G503: Import blocklist: crypto/rc4	#12952	Y	#13021	Y
G504: Import blocklist: net/http/cgi	#12953	N (not valid anymore)	x	Y
G505: Import blocklist: crypto/sha1	#12954	Y	#13021	Y
G506: Import blocklist: golang.org/x/crypto/md4	#15801	Y	#15835	Y
G507: Import blocklist: golang.org/x/crypto/ripemd160	#15802	Y	#15835	Y
G601: Implicit memory aliasing of items from a range statement	#12955	Y	#13042	Y
G602: Slice access out of bounds	#14633	Y	#14927	Y

[powersj]

next steps: PRs for approved items, and hash out any remaining issues with questionable rules

[srebhan]

Put thumbs up/down or a comment on all without a decision.