dev: remove Nancy (#5047)
This commit is contained in:
parent
3ed307e113
commit
8659611d67
24
.github/workflows/pr-extra.yml
vendored
24
.github/workflows/pr-extra.yml
vendored
@ -1,24 +0,0 @@
|
||||
name: Extra
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
vulns:
|
||||
name: Vulnerability scanner
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: actions/setup-go@v5
|
||||
with:
|
||||
# https://github.com/actions/setup-go#supported-version-syntax
|
||||
# ex:
|
||||
# - 1.18beta1 -> 1.18.0-beta.1
|
||||
# - 1.18rc1 -> 1.18.0-rc.1
|
||||
go-version: '1.23'
|
||||
- name: Run go list
|
||||
run: go list -json -m all > go.list
|
||||
- name: Nancy
|
||||
uses: sonatype-nexus-community/nancy-github-action@v1.0.3
|
@ -1,39 +0,0 @@
|
||||
# Skip for indirect dependency github.com/coreos/etcd@3.3.13
|
||||
CVE-2020-15114
|
||||
CVE-2020-15115
|
||||
CVE-2020-15136
|
||||
|
||||
# Skip for indirect dependency github.com/gogo/protobuf@1.3.1
|
||||
CVE-2021-3121
|
||||
|
||||
# Skip for indirect dependency github.com/dgrijalva/jwt-go@3.2.0
|
||||
CVE-2020-26160
|
||||
|
||||
# Skip for indirect dependencies:
|
||||
# golang/github.com/hashicorp/consul/api@v1.12.0
|
||||
# golang/github.com/hashicorp/consul/sdk@v0.8.0
|
||||
CVE-2022-29153
|
||||
CVE-2022-24687
|
||||
CVE-2021-41803
|
||||
|
||||
# Skip for indirect dependencies golang/github.com/valyala/fasthttp@v1.30.0
|
||||
CVE-2022-21221
|
||||
|
||||
# Skip for indirect dependencies golang/golang.org/x/net
|
||||
CVE-2022-41723
|
||||
CVE-2023-3978
|
||||
|
||||
# Skip for indirect dependencies golang/google.golang.org/grpc@v1.46.2
|
||||
CVE-2023-32731
|
||||
|
||||
# Skip for indirect dependencies golang/golang.org/x/crypto@v0.14.0
|
||||
CVE-2023-48795
|
||||
|
||||
# Skip for indirect dependencies github.com/jackc/pgproto3 - github.com/jackc/pgx
|
||||
CVE-2024-27304
|
||||
|
||||
# Skip for indirect dependencies golang/google.golang.org/protobuf
|
||||
CVE-2024-24786
|
||||
|
||||
# Skip for indirect dependencies golang/golang.org/x/net@v0.28.0
|
||||
CVE-2024-8421
|
Loading…
x
Reference in New Issue
Block a user