mirror of
https://github.com/ossf/scorecard.git
synced 2024-11-14 11:23:59 +03:00
91eb41e235
At present we don't have a way to identify any new dependencies to go.mod that have osv/cve. With this it will query the osv.dev for any vulnerabilities and report if it found any. It also has an option to ignore any vulnerabilities if we chose to ignore. This is ignoring 3 osv that are in our dependencies. |
||
---|---|---|
.. | ||
go.mod | ||
go.sum | ||
tools.go |