mirror of
https://github.com/ivabus/pantry
synced 2024-11-10 02:25:18 +03:00
+govulncheck - Go vulnerability checker (#3805)
* +govulncheck - Go vulnerability checker * add test --------- Co-authored-by: Jacob Heider <jacob@pkgx.dev>
This commit is contained in:
parent
9f2d4662d2
commit
618e2a22af
63
projects/go.dev/govulncheck/package.yml
Normal file
63
projects/go.dev/govulncheck/package.yml
Normal file
|
@ -0,0 +1,63 @@
|
||||||
|
distributable:
|
||||||
|
url: https://github.com/golang/vuln/archive/refs/tags/v{{version}}.tar.gz
|
||||||
|
strip-components: 1
|
||||||
|
|
||||||
|
versions:
|
||||||
|
github: golang/vuln/tags
|
||||||
|
|
||||||
|
provides:
|
||||||
|
- bin/govulncheck
|
||||||
|
|
||||||
|
build:
|
||||||
|
dependencies:
|
||||||
|
go.dev: ^1.19
|
||||||
|
script: |
|
||||||
|
go mod download
|
||||||
|
mkdir -p "{{ prefix }}"/bin
|
||||||
|
go build -v -trimpath -ldflags="$LDFLAGS" -o $BUILDLOC ./cmd/govulncheck
|
||||||
|
env:
|
||||||
|
GOPROXY: https://proxy.golang.org,direct
|
||||||
|
GOSUMDB: sum.golang.org
|
||||||
|
GO111MODULE: on
|
||||||
|
CGO_ENABLED: 0
|
||||||
|
BUILDLOC: '{{prefix}}/bin/govulncheck'
|
||||||
|
LDFLAGS:
|
||||||
|
- -s
|
||||||
|
- -w
|
||||||
|
linux:
|
||||||
|
# or segmentation fault
|
||||||
|
# fix found here https://github.com/docker-library/golang/issues/402#issuecomment-982204575
|
||||||
|
LDFLAGS:
|
||||||
|
- -buildmode=pie
|
||||||
|
|
||||||
|
test:
|
||||||
|
fixture: |
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"os"
|
||||||
|
|
||||||
|
"golang.org/x/text/language"
|
||||||
|
)
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
for _, arg := range os.Args[1:] {
|
||||||
|
tag, err := language.Parse(arg)
|
||||||
|
if err != nil {
|
||||||
|
fmt.Printf("%s: error: %v\n", arg, err)
|
||||||
|
} else if tag == language.Und {
|
||||||
|
fmt.Printf("%s: undefined\n", arg)
|
||||||
|
} else {
|
||||||
|
fmt.Printf("%s: tag %s\n", arg, tag)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
dependencies:
|
||||||
|
go.dev: ^1.19
|
||||||
|
script:
|
||||||
|
- go mod init vuln.tutorial
|
||||||
|
- cp $FIXTURE main.go
|
||||||
|
- go mod tidy
|
||||||
|
- go get golang.org/x/text@v0.3.5
|
||||||
|
- (govulncheck ./... 2>&1 || true) | grep GO-2021-0113
|
Loading…
Reference in a new issue