You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by "gansheer (via GitHub)" <gi...@apache.org> on 2023/07/28 16:07:46 UTC
[GitHub] [camel-k] gansheer opened a new pull request, #4623: feat(ci): Add govulncheck as ci workflow
gansheer opened a new pull request, #4623:
URL: https://github.com/apache/camel-k/pull/4623
Ref #3753
## Motivation
Adding the [govulncheck](https://go.dev/blog/govulncheck) tool to the project CI will provides more visibility on vulnerabilities of the golang code.
## Description
The govulncheck looks into the dependencies but also [how they are used in the code](https://brandur.org/fragments/govulncheck-ci). As a result, it has been activated for any change on not only in go.mod/go.sum files but also on any golang file (*.go) changed.
It is active on PRs and main/release branches changes.
For now I decided not to use the [recently created github action](https://github.com/golang/govulncheck-action/tree/master) as I plan to see if other security tools like [gosec](https://github.com/securego/gosec) could be added.
**Release Note**
```release-note
feat(ci): Add govulncheck as ci workflow
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [camel-k] squakez merged pull request #4623: feat(ci): Add govulncheck as ci workflow
Posted by "squakez (via GitHub)" <gi...@apache.org>.
squakez merged PR #4623:
URL: https://github.com/apache/camel-k/pull/4623
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org