mirrors/object-browser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Nancy vulnerability dependency scanner (#1676)

Browse Source 
Signed-off-by: Lenin Alevski <alevsk.8772@gmail.com>
This commit is contained in:
Lenin Alevski
2022-03-07 14:47:07 -08:00
committed by GitHub
parent fd09a4c815
commit 7bc65031c4
1 changed files with 43 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
.github/workflows/jobs.yaml vendored
View File

@@ -39,6 +39,37 @@ jobs:
run: |
make verifiers
vulnerable-dependencies-checks:
name: "Check for vulnerable dependencies"
runs-on: ${{ matrix.os }}
strategy:
matrix:
go-version: [ 1.17.x ]
os: [ ubuntu-latest ]
steps:
- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
uses: actions/setup-go@v2
with:
go-version: ${{ matrix.go-version }}
id: go
- name: Check out code into the Go module directory
uses: actions/checkout@v2
- name: Build on ${{ matrix.os }}
continue-on-error: false
if: matrix.os == 'ubuntu-latest'
env:
CGO_ENABLED: 0
GO111MODULE: on
run: |
sudo apt install jq -y
sudo sysctl net.ipv6.conf.all.disable_ipv6=0
sudo sysctl net.ipv6.conf.default.disable_ipv6=0
nancy_version=$(curl --retry 10 -Ls -o /dev/null -w "%{url_effective}" https://github.com/sonatype-nexus-community/nancy/releases/latest | sed "s/https:\/\/github.com\/sonatype-nexus-community\/nancy\/releases\/tag\///")
curl -L -o nancy https://github.com/sonatype-nexus-community/nancy/releases/download/${nancy_version}/nancy-${nancy_version}-linux-amd64 && chmod +x nancy
go list -deps -json ./... | jq -s 'unique_by(.Module.Path)|.[]|select(has("Module"))|.Module' | ./nancy sleuth
no-warnings-and-make-assets:
name: "React Code Has No Warnings and then Make Assets"
runs-on: ${{ matrix.os }}
@@ -132,6 +163,7 @@ jobs:
- lint-job
- no-warnings-and-make-assets
- reuse-golang-dependencies
- vulnerable-dependencies-checks
runs-on: ${{ matrix.os }}
strategy:
matrix:
@@ -168,6 +200,7 @@ jobs:
- lint-job
- no-warnings-and-make-assets
- reuse-golang-dependencies
- vulnerable-dependencies-checks
runs-on: ${{ matrix.os }}
strategy:
matrix:
@@ -204,6 +237,7 @@ jobs:
- lint-job
- no-warnings-and-make-assets
- reuse-golang-dependencies
- vulnerable-dependencies-checks
runs-on: ${{ matrix.os }}
strategy:
matrix:
@@ -240,6 +274,7 @@ jobs:
- lint-job
- no-warnings-and-make-assets
- reuse-golang-dependencies
- vulnerable-dependencies-checks
runs-on: ${{ matrix.os }}
strategy:
matrix:
@@ -276,6 +311,7 @@ jobs:
- lint-job
- no-warnings-and-make-assets
- reuse-golang-dependencies
- vulnerable-dependencies-checks
runs-on: ${{ matrix.os }}
strategy:
matrix:
@@ -312,6 +348,7 @@ jobs:
- lint-job
- no-warnings-and-make-assets
- reuse-golang-dependencies
- vulnerable-dependencies-checks
runs-on: ${{ matrix.os }}
strategy:
matrix:
@@ -348,6 +385,7 @@ jobs:
- lint-job
- no-warnings-and-make-assets
- reuse-golang-dependencies
- vulnerable-dependencies-checks
runs-on: ${{ matrix.os }}
strategy:
matrix:
@@ -384,6 +422,7 @@ jobs:
- lint-job
- no-warnings-and-make-assets
- reuse-golang-dependencies
- vulnerable-dependencies-checks
runs-on: ${{ matrix.os }}
strategy:
matrix:
@@ -428,6 +467,7 @@ jobs:
- lint-job
- no-warnings-and-make-assets
- reuse-golang-dependencies
- vulnerable-dependencies-checks
runs-on: ubuntu-latest
strategy:
@@ -495,6 +535,7 @@ jobs:
- lint-job
- no-warnings-and-make-assets
- reuse-golang-dependencies
- vulnerable-dependencies-checks
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
@@ -511,6 +552,7 @@ jobs:
- lint-job
- no-warnings-and-make-assets
- reuse-golang-dependencies
- vulnerable-dependencies-checks
runs-on: ${{ matrix.os }}
strategy:
matrix:
@@ -583,6 +625,7 @@ jobs:
- lint-job
- no-warnings-and-make-assets
- reuse-golang-dependencies
- vulnerable-dependencies-checks
runs-on: ${{ matrix.os }}
strategy:
matrix: