You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is it possible to introduce a go mod command/feature that can look at data from deps.dev and automatically use the minimum version that does NOT have a known CVE. With the prevalence of code scanners, we keep getting alerts regarding CVEs. Currently the process to fix such alerts require a lot of manual work. If go mod can automate some of this, that will be much appreciated. As an example, npm has a npm audit fix command that similar things for js projects. Thanks!
The text was updated successfully, but these errors were encountered: