Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(template): Add vulnerability detection using govulncheck #198

Merged
merged 12 commits into from
Mar 31, 2023
Merged

feat(template): Add vulnerability detection using govulncheck #198

merged 12 commits into from
Mar 31, 2023

Conversation

linuxluigi
Copy link
Collaborator

Add the new govulncheck to the template & engine. This is a new feature from the Go team to search for known vulnerabilities from Open Source dependencies in a Go project.

Tool announcement from: https://go.dev/blog/vuln

@linuxluigi linuxluigi changed the title feat(template): Add govulncheck feat(template): Add vulnerability detection using govulncheck Dec 21, 2022
@linuxluigi linuxluigi mentioned this pull request Dec 22, 2022
Closed
@brumhard brumhard force-pushed the feature/add-vulnerability-scanner branch from 67665ac to 8dd644c Compare February 10, 2023 13:06
@linuxluigi
Copy link
Collaborator Author

Make use of go run to execute govulncheck now instead of building the bin before.

linuxluigi and others added 9 commits March 31, 2023 14:27
@linuxluigi @brumhard
Add govulncheck
a897cb2 
Signed-off-by: Steffen Exler <steffen.exler@pm.me>
@linuxluigi @brumhard
Fix CI
3991fd0 
Signed-off-by: Steffen Exler <steffen.exler@pm.me>
@linuxluigi @brumhard
fix makefile
72aa550
@linuxluigi @brumhard
add govulncheck installation into makefile
da89857
@linuxluigi @brumhard
Remove phony
2ce57c1 
Signed-off-by: Steffen Exler <steffen.exler@pm.me>
@linuxluigi @brumhard
Add path to govulncheck command
0a115da 
Signed-off-by: Steffen Exler <steffen.exler@pm.me>
@linuxluigi @brumhard
Use go run instead of bin
578e0c0 
Signed-off-by: Steffen Exler <Steffen.Exler@pm.me>
@linuxluigi @brumhard
Fix govulncheck command
e155a11 
Signed-off-by: Steffen Exler <Steffen.Exler@pm.me>
@linuxluigi @brumhard
Restore make CI
649998e 
Signed-off-by: Steffen Exler <Steffen.Exler@pm.me>
@brumhard brumhard force-pushed the feature/add-vulnerability-scanner branch from 05e5d85 to 97481fb Compare March 31, 2023 12:27
@github-advanced-security
Copy link

You have successfully added a new Semgrep configuration .github/workflows/semgrep.yml:semgrep. As part of the setup process, we have scanned this repository and found no existing alerts. In the future, you will see all code scanning alerts on the repository Security tab.

@linuxluigi @brumhard
Put make ci back
63fd179 
Signed-off-by: Steffen Exler <Steffen.Exler@pm.me>
@brumhard brumhard force-pushed the feature/add-vulnerability-scanner branch from 97481fb to 63fd179 Compare March 31, 2023 12:38
@brumhard brumhard force-pushed the feature/add-vulnerability-scanner branch from f5fada6 to a433237 Compare March 31, 2023 12:50
brumhard
brumhard previously approved these changes Mar 31, 2023
View reviewed changes
@brumhard brumhard merged commit 8cc43a1 into main Mar 31, 2023
@brumhard brumhard deleted the feature/add-vulnerability-scanner branch March 31, 2023 13:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brumhard brumhard brumhard approved these changes

@danielzwink danielzwink Awaiting requested review from danielzwink

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@linuxluigi @brumhard