pantry/projects/go.dev/govulncheck/package.yml

distributable:
  url: https://github.com/golang/vuln/archive/refs/tags/v{{version}}.tar.gz
  strip-components: 1

versions:
  github: golang/vuln/tags

provides:
  - bin/govulncheck

build:
  dependencies:
    go.dev: ^1.19
  script: |
    go mod download
    mkdir -p "{{ prefix }}"/bin
    go build -v -trimpath -ldflags="$LDFLAGS" -o $BUILDLOC ./cmd/govulncheck
  env:
    GOPROXY: https://proxy.golang.org,direct
    GOSUMDB: sum.golang.org
    GO111MODULE: on
    CGO_ENABLED: 0
    BUILDLOC: '{{prefix}}/bin/govulncheck'
    LDFLAGS:
      - -s
      - -w
    linux:
      # or segmentation fault
      # fix found here https://github.com/docker-library/golang/issues/402#issuecomment-982204575
      LDFLAGS:
      - -buildmode=pie

test:
  fixture: |
    package main

    import (
            "fmt"
            "os"

            "golang.org/x/text/language"
    )

    func main() {
            for _, arg := range os.Args[1:] {
                    tag, err := language.Parse(arg)
                    if err != nil {
                            fmt.Printf("%s: error: %v\n", arg, err)
                    } else if tag == language.Und {
                            fmt.Printf("%s: undefined\n", arg)
                    } else {
                            fmt.Printf("%s: tag %s\n", arg, tag)
                    }
            }
    }
  dependencies:
    go.dev: ^1.19
  script:
    - go mod init vuln.tutorial
    - cp $FIXTURE main.go
    - go mod tidy
    - go get golang.org/x/text@v0.3.5
    - (govulncheck ./... 2>&1 || true) | grep GO-2021-0113
+govulncheck - Go vulnerability checker (#3805) * +govulncheck - Go vulnerability checker * add test --------- Co-authored-by: Jacob Heider <jacob@pkgx.dev> 2023-10-25 01:30:23 +03:00			`distributable:`
			`url: https://github.com/golang/vuln/archive/refs/tags/v{{version}}.tar.gz`
			`strip-components: 1`

			`versions:`
			`github: golang/vuln/tags`

			`provides:`
			`- bin/govulncheck`

			`build:`
			`dependencies:`
			`go.dev: ^1.19`
			`script: \|`
			`go mod download`
			`mkdir -p "{{ prefix }}"/bin`
			`go build -v -trimpath -ldflags="$LDFLAGS" -o $BUILDLOC ./cmd/govulncheck`
			`env:`
			`GOPROXY: https://proxy.golang.org,direct`
			`GOSUMDB: sum.golang.org`
			`GO111MODULE: on`
			`CGO_ENABLED: 0`
			`BUILDLOC: '{{prefix}}/bin/govulncheck'`
			`LDFLAGS:`
			`- -s`
			`- -w`
			`linux:`
			`# or segmentation fault`
			`# fix found here https://github.com/docker-library/golang/issues/402#issuecomment-982204575`
			`LDFLAGS:`
			`- -buildmode=pie`

			`test:`
			`fixture: \|`
			`package main`

			`import (`
			`"fmt"`
			`"os"`

			`"golang.org/x/text/language"`
			`)`

			`func main() {`
			`for _, arg := range os.Args[1:] {`
			`tag, err := language.Parse(arg)`
			`if err != nil {`
			`fmt.Printf("%s: error: %v\n", arg, err)`
			`} else if tag == language.Und {`
			`fmt.Printf("%s: undefined\n", arg)`
			`} else {`
			`fmt.Printf("%s: tag %s\n", arg, tag)`
			`}`
			`}`
			`}`
			`dependencies:`
			`go.dev: ^1.19`
			`script:`
			`- go mod init vuln.tutorial`
			`- cp $FIXTURE main.go`
			`- go mod tidy`
			`- go get golang.org/x/text@v0.3.5`
			`- (govulncheck ./... 2>&1 \|\| true) \| grep GO-2021-0113`