mirrors/object-browser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Moving away from Nancy (#2393)

Browse Source 
`Nancy` test is failing and the issue is recent:
https://github.com/sonatype-nexus-community/nancy/issues/263

Move to more idiomatic https://pkg.go.dev/golang.org/x/vuln/vulncheck
This commit is contained in:
Cesar Celis Hernandez
2022-10-19 03:07:42 -04:00
committed by GitHub
parent 2dd92fd940
commit 5f07d45846
1 changed files with 13 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
.github/workflows/jobs.yaml vendored
View File

@@ -250,31 +250,20 @@ jobs:
runs-on: ubuntu-latest
strategy:
matrix:
go-version: [ 1.18.x ]
os: [ ubuntu-latest ]
go-version: [ 1.19 ]
steps:
- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
uses: actions/setup-go@v2
with:
go-version: ${{ matrix.go-version }}
id: go
- name: Check out code into the Go module directory
uses: actions/checkout@v2
- name: Build on ${{ matrix.os }}
continue-on-error: false
if: matrix.os == 'ubuntu-latest'
env:
CGO_ENABLED: 0
GO111MODULE: on
run: |
sudo apt install jq -y || apt install jq -y
sudo sysctl net.ipv6.conf.all.disable_ipv6=0 || sysctl net.ipv6.conf.all.disable_ipv6=0
sudo sysctl net.ipv6.conf.default.disable_ipv6=0 || sysctl net.ipv6.conf.default.disable_ipv6=0
nancy_version=$(curl --retry 10 -Ls -o /dev/null -w "%{url_effective}" https://github.com/sonatype-nexus-community/nancy/releases/latest | sed "s/https:\/\/github.com\/sonatype-nexus-community\/nancy\/releases\/tag\///")
curl -L -o nancy https://github.com/sonatype-nexus-community/nancy/releases/download/${nancy_version}/nancy-${nancy_version}-linux-amd64 && chmod +x nancy
go list -deps -json ./... | jq -s 'unique_by(.Module.Path)|.[]|select(has("Module"))|.Module' | ./nancy sleuth
- name: Check out code into the Go module directory
uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: ${{ matrix.go-version }}
check-latest: true
- name: Get govulncheck
run: go install golang.org/x/vuln/cmd/govulncheck@latest
shell: bash
- name: Run govulncheck
run: govulncheck ./...
shell: bash
semgrep-static-code-analysis:
name: "semgrep checks"