Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Override Go versions for OSV Scanner #691

Merged
merged 1 commit into from
Mar 25, 2024
Merged

Override Go versions for OSV Scanner #691

merged 1 commit into from
Mar 25, 2024

Conversation

sudo-bmitch
Copy link
Contributor

@sudo-bmitch sudo-bmitch commented Mar 8, 2024
edited

Fixes issue

OSV Scanner detects the Go version from the go.mod which is intentionally a few versions behind for library users.

Describe the change

Add a Go version override to inject the version used to build the binaries.
This also disables the scanner pending the next release upstream to support the override.

How to verify it

GHA will no longer fail the vulnerability scan.

Changelog text

  • Fix: Override the Go version used by the OSV Scanner.

Please verify and check that the pull request fulfills the following requirements

  • Tests have been added or not applicable
  • Documentation has been added, updated, or not applicable
  • Changes have been rebased to main
  • Multiple commits to the same code have been squashed

@sudo-bmitch sudo-bmitch marked this pull request as draft March 8, 2024 19:13
@sudo-bmitch
Copy link
Contributor Author

Set as a draft pending google/osv-scanner#850 and then the next release of the OSV scanner.

@sudo-bmitch sudo-bmitch marked this pull request as ready for review March 25, 2024 15:16
@sudo-bmitch
Override Go versions for OSV Scanner and disable
1645a99 
Disabled pending the next release that uses the override file.

Signed-off-by: Brandon Mitchell <git@bmitch.net>
@sudo-bmitch sudo-bmitch merged commit 1eccd07 into regclient:main Mar 25, 2024
6 checks passed
@sudo-bmitch sudo-bmitch deleted the pr-osv-scanner-gover branch March 25, 2024 15:23
@BrewTestBot BrewTestBot mentioned this pull request May 14, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@sudo-bmitch