Skip to content

Commit e039f43

Browse files
committed
add vulncheck to detect vulnerabilities
1 parent 6a8c7b3 commit e039f43

4 files changed

Lines changed: 13 additions & 3 deletions

File tree

.github/workflows/test.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -56,6 +56,9 @@ jobs:
5656
- name: Run tests
5757
run: just test
5858

59+
- name: Run Go Vulnerability Check
60+
run: just vulncheck
61+
5962
trigger_stable_release:
6063
runs-on: ubuntu-latest
6164
needs: test

justfile

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,9 +8,6 @@ test filter='.*':
88
[no-cd]
99
test-pkg filter='.*':
1010
@go test ./... -race -json -coverprofile=coverage.out -coverpkg=. -run={{filter}} | {{toolprefix}} gotestfmt -hide 'empty-packages'
11-
...
12-
scc:
13-
@{{toolprefix}} scc
1411

1512
# Release commands
1613
release-snapshot:
@@ -61,6 +58,9 @@ build-win:
6158
lint:
6259
@{{toolprefix}} golangci-lint run ./...
6360

61+
vulncheck:
62+
@go tool -modfile=tools.mod govulncheck ./...
63+
6464
pre-commit:
6565
@pre-commit run
6666

tools.mod

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@ tool (
99
github.com/gotesttools/gotestfmt/v2/cmd/gotestfmt
1010
github.com/segmentio/golines
1111
golang.org/x/tools/cmd/goimports
12+
golang.org/x/vuln/cmd/govulncheck
1213
mvdan.cc/gofumpt
1314
)
1415

@@ -516,9 +517,11 @@ require (
516517
golang.org/x/net v0.50.0 // indirect
517518
golang.org/x/oauth2 v0.30.0 // indirect
518519
golang.org/x/sys v0.42.0 // indirect
520+
golang.org/x/telemetry v0.0.0-20260209163413-e7419c687ee4 // indirect
519521
golang.org/x/term v0.41.0 // indirect
520522
golang.org/x/time v0.12.0 // indirect
521523
golang.org/x/tools v0.42.0 // indirect
524+
golang.org/x/vuln v1.1.4 // indirect
522525
golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da // indirect
523526
google.golang.org/api v0.242.0 // indirect
524527
google.golang.org/genproto v0.0.0-20250505200425-f936aa4a68b2 // indirect

tools.sum

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1609,6 +1609,8 @@ golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI=
16091609
golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
16101610
golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo=
16111611
golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw=
1612+
golang.org/x/telemetry v0.0.0-20260209163413-e7419c687ee4 h1:bTLqdHv7xrGlFbvf5/TXNxy/iUwwdkjhqQTJDjW7aj0=
1613+
golang.org/x/telemetry v0.0.0-20260209163413-e7419c687ee4/go.mod h1:g5NllXBEermZrmR51cJDQxmJUHUOfRAaNyWBM+R+548=
16121614
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
16131615
golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
16141616
golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@@ -1683,6 +1685,8 @@ golang.org/x/tools v0.36.0 h1:kWS0uv/zsvHEle1LbV5LE8QujrxB3wfQyxHfhOk0Qkg=
16831685
golang.org/x/tools v0.36.0/go.mod h1:WBDiHKJK8YgLHlcQPYQzNCkUxUypCaa5ZegCVutKm+s=
16841686
golang.org/x/tools v0.42.0 h1:uNgphsn75Tdz5Ji2q36v/nsFSfR/9BRFvqhGBaJGd5k=
16851687
golang.org/x/tools v0.42.0/go.mod h1:Ma6lCIwGZvHK6XtgbswSoWroEkhugApmsXyrUmBhfr0=
1688+
golang.org/x/vuln v1.1.4 h1:Ju8QsuyhX3Hk8ma3CesTbO8vfJD9EvUBgHvkxHBzj0I=
1689+
golang.org/x/vuln v1.1.4/go.mod h1:F+45wmU18ym/ca5PLTPLsSzr2KppzswxPP603ldA67s=
16861690
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
16871691
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
16881692
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

0 commit comments

Comments
 (0)