[GitHub] [camel-k] gansheer opened a new pull request, #4623: feat(ci): Add govulncheck as ci workflow

["gansheer (via GitHub)" <gi...@apache.org>]

gansheer opened a new pull request, #4623:
URL: https://github.com/apache/camel-k/pull/4623

   Ref #3753 
   
   ## Motivation
   
   Adding the [govulncheck](https://go.dev/blog/govulncheck) tool to the project CI will provides more visibility on vulnerabilities of the golang code.
   
   
   ## Description
   
   The govulncheck looks into the dependencies but also [how they are used in the code](https://brandur.org/fragments/govulncheck-ci). As a result, it has been activated for any change on not only in go.mod/go.sum files but also on any golang file (*.go) changed.
   
   It is active on PRs and main/release branches changes.
   
   For now I decided not to use the [recently created github action](https://github.com/golang/govulncheck-action/tree/master) as I plan to see if other security tools  like [gosec](https://github.com/securego/gosec) could be added.
   
   **Release Note**
   ```release-note
   feat(ci): Add govulncheck as ci workflow
   ```
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [camel-k] squakez merged pull request #4623: feat(ci): Add govulncheck as ci workflow

["squakez (via GitHub)" <gi...@apache.org>]

squakez merged PR #4623:
URL: https://github.com/apache/camel-k/pull/4623


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org