-
Notifications
You must be signed in to change notification settings - Fork 336
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
go vulnerability scan #899
Conversation
Is the changes to makefile sufficient? After makefile, I will make changes to GH actions |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@sheharyaar Please look at the comment #889 (comment)
Made the changes to Makefile |
Codecov Report
@@ Coverage Diff @@
## main #899 +/- ##
==========================================
- Coverage 38.92% 38.87% -0.05%
==========================================
Files 31 31
Lines 9707 9707
==========================================
- Hits 3778 3774 -4
- Misses 5424 5429 +5
+ Partials 505 504 -1
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
@kranurag7 any more changes required in the Makefile? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@sheharyaar Sorry for late response. Instead of making changes in Makefile, you can change implement the same in GitHub actions in ci-test-go. Please check this for reference.
@sheharyaar , Thanks for working on this. Do you have any updates on this? One question, after running |
The report was clean after running make scan. I will update the PR as suggested by kanurag7. |
@nyrahul after running govulncheck today, I got multiple informational vulnerabilities. Should I create a new Issue or just send them here. |
Placing govulncheck in ci-test-go would cause action to fail even on informational vulnerabilities. |
Can you attach the |
Attached to the following link : govulnscan.log Scan Report
|
Thanks. |
Sure, I will do the required in this PR.Should I move the scan to |
@nyrahul , the scan report I sent was for go 1.19. My bad for noticing it earlier. The informational vulnerabilities which have been reported have been already backported to golang packagges. I attach the report from |
I quote the documentation :
|
Signed-off-by: Mohammad Shehar Yaar Tausif <[email protected]>
Verified that there are no vulnerabilities reported by govulncheck if the golang version >=1.19.4 is used. I am merging these changes since manual verification using |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Thanks for approving the PR. I am glad to be able to contribute to the project :) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM @sheharyaar, Can you also do the same for kubearmor-client repo?
Sure, I will create a PR there with the changes |
Initial work on #889
Signed-off-by: Mohammad Shehar Yaar Tausif [email protected]