/
plugin.yaml
45 lines (45 loc) · 1.35 KB
/
plugin.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
version: 0.1
lint:
downloads:
- name: nancy
version: 1.0.41
downloads:
- os:
linux: linux
macos: darwin
cpu:
x86_64: amd64
arm_64: arm64
url: https://github.com/sonatype-nexus-community/nancy/releases/download/v${version}/nancy-v${version}-${os}-${cpu}.tar.gz
- os: windows
cpu:
x86_64: amd64
arm_64: arm64
url: https://github.com/sonatype-nexus-community/nancy/releases/download/v${version}/nancy-v${version}-windows-${cpu}.zip
definitions:
- name: nancy
files: [go-lockfile]
download: nancy
runtime: go
description: Checks for vulnerabilities in your Go dependencies
commands:
- output: sarif
run: sh ${plugin}/linters/nancy/run.sh
success_codes: [0, 1, 2]
target: .
read_output_from: stdout
is_security: true
parser:
runtime: python
run: python3 ${plugin}/linters/nancy/parse.py
version_command:
parse_regex: nancy version ${semver}
run: nancy --version
suggest_if: never
environment:
- name: PATH
list: ["${runtime}", "${linter}", "${env.PATH}"]
- name: USER
value: ${env.USER}
optional: true
known_good_version: 1.0.41