scorecard

ossf/scorecard

Fork 0

mirror of https://github.com/ossf/scorecard.git synced 2024-11-13 01:25:07 +03:00

Commit Graph

Author	SHA1	Message	Date
Naveen	91eb41e235	🌱 Check for OSV for a go.mod changes (#1053 ) At present we don't have a way to identify any new dependencies to go.mod that have osv/cve. With this it will query the osv.dev for any vulnerabilities and report if it found any. It also has an option to ignore any vulnerabilities if we chose to ignore. This is ignoring 3 osv that are in our dependencies.	2021-09-22 20:41:56 +00:00
naveen	2b15b1353b	🌱 Moving tools dependencies to separate go.mod * Moving the tools dependencies to a separate go.mod to reduce the dependencies on scorecard. * This is also increases the security posture by having less dependencies on the main go.mod	2021-09-07 18:23:41 -05:00

Author

SHA1

Message

Date

Naveen

91eb41e235

🌱 Check for OSV for a go.mod changes (#1053 )

At present we don't have a way to identify any new dependencies to go.mod that have osv/cve.
With this it will query the osv.dev for any vulnerabilities and report if it found any.

It also has an option to ignore any vulnerabilities if we chose to ignore.

This is ignoring 3 osv that are in our dependencies.

2021-09-22 20:41:56 +00:00

naveen

2b15b1353b

🌱 Moving tools dependencies to separate go.mod

* Moving the tools dependencies to a separate go.mod to reduce the
dependencies on scorecard.

* This is also increases the security posture by having less dependencies
on the main go.mod

2021-09-07 18:23:41 -05:00

2 Commits