Browse code
dockerfile: update govulncheck to v1.1.4
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
CrazyMax authored on 2025/06/23 17:02:38Showing 1 changed files
| ... | ... |
@@ -1,7 +1,7 @@ |
| 1 | 1 |
# syntax=docker/dockerfile:1 |
| 2 | 2 |
|
| 3 | 3 |
ARG GO_VERSION=1.24.4 |
| 4 |
-ARG GOVULNCHECK_VERSION=v1.1.3 |
|
| 4 |
+ARG GOVULNCHECK_VERSION=v1.1.4 |
|
| 5 | 5 |
ARG FORMAT=text |
| 6 | 6 |
|
| 7 | 7 |
FROM golang:${GO_VERSION}-alpine AS base
|
| ... | ... |
@@ -20,12 +20,6 @@ RUN --mount=type=bind,target=.,rw <<EOT |
| 20 | 20 |
ln -s vendor.mod go.mod |
| 21 | 21 |
ln -s vendor.sum go.sum |
| 22 | 22 |
govulncheck -format ${FORMAT} ./... | tee /out/govulncheck.out
|
| 23 |
- if [ "${FORMAT}" = "sarif" ]; then
|
|
| 24 |
- # Make sure "results" field is defined in SARIF output otherwise GitHub Code Scanning |
|
| 25 |
- # will fail when uploading report with "Invalid SARIF. Missing 'results' array in run." |
|
| 26 |
- # Relates to https://github.com/golang/vuln/blob/ffdef74cc44d7eb71931d8d414c478b966812488/internal/sarif/sarif.go#L69 |
|
| 27 |
- jq '(.runs[] | select(.results == null) | .results) |= []' /out/govulncheck.out | tee >(sponge /out/govulncheck.out) |
|
| 28 |
- fi |
|
| 29 | 23 |
EOT |
| 30 | 24 |
|
| 31 | 25 |
FROM scratch AS output |