Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Introduce govulncheck into the Bee codebase #3618

Open
mrekucci opened this issue Dec 2, 2022 · 1 comment · May be fixed by #5020
Open

Introduce govulncheck into the Bee codebase #3618

mrekucci opened this issue Dec 2, 2022 · 1 comment · May be fixed by #5020
Assignees
@gacevicljubisa
Labels
good first issue Good for newcomers issue

Comments

@mrekucci
Copy link
Contributor

mrekucci commented Dec 2, 2022
edited
Loading

Introduce govulncheck into the Bee codebase. Investigate the limitations and false positives beforehand.
See: https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck
@bee-runner bee-runner bot added the issue label Dec 2, 2022
@mrekucci mrekucci changed the title Introduce govulncheck Introduce govulncheck into the Bee codebase Dec 2, 2022
@nikipapadatou nikipapadatou added the good first issue Good for newcomers label Nov 1, 2023
@gacevicljubisa gacevicljubisa linked a pull request Feb 25, 2025 that will close this issue
chore: add govulncheck #5020
Draft
4 tasks
@gacevicljubisa
Copy link
Contributor

gacevicljubisa commented Mar 6, 2025
edited
Loading

Adding govulncheck to the GitHub workflow will report vulnerabilities, as demonstrated in this PR (see the code scanning results). However, these vulnerabilities are already being detected by Dependabot. Therefore, including govulncheck in workflow would be redundant.

@gacevicljubisa gacevicljubisa linked a pull request Mar 6, 2025 that will close this issue
Draft
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gacevicljubisa gacevicljubisa

Labels
good first issue Good for newcomers issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

chore: add govulncheck ethersphere/bee
5 participants
@nikipapadatou @mrekucci @martinconic @istae @gacevicljubisa