mirror of
https://github.com/ossf/scorecard.git
synced 2024-11-14 19:57:18 +03:00
91eb41e235
At present we don't have a way to identify any new dependencies to go.mod that have osv/cve. With this it will query the osv.dev for any vulnerabilities and report if it found any. It also has an option to ignore any vulnerabilities if we chose to ignore. This is ignoring 3 osv that are in our dependencies.
155 lines
7.9 KiB
Modula-2
155 lines
7.9 KiB
Modula-2
module github.com/ossf/scorecard/tools
|
|
|
|
go 1.17
|
|
|
|
require (
|
|
github.com/golangci/golangci-lint v1.42.1
|
|
github.com/google/addlicense v1.0.0
|
|
github.com/naveensrinivasan/stunning-tribble v0.4.2
|
|
github.com/onsi/ginkgo v1.16.4
|
|
google.golang.org/protobuf v1.27.1
|
|
)
|
|
|
|
require (
|
|
4d63.com/gochecknoglobals v0.0.0-20201008074935-acfc0b28355a // indirect
|
|
github.com/Antonboom/errname v0.1.4 // indirect
|
|
github.com/BurntSushi/toml v0.4.1 // indirect
|
|
github.com/Djarvur/go-err113 v0.0.0-20210108212216-aea10b59be24 // indirect
|
|
github.com/Masterminds/semver v1.5.0 // indirect
|
|
github.com/OpenPeeDeeP/depguard v1.0.1 // indirect
|
|
github.com/alexkohler/prealloc v1.0.0 // indirect
|
|
github.com/ashanbrown/forbidigo v1.2.0 // indirect
|
|
github.com/ashanbrown/makezero v0.0.0-20210520155254-b6261585ddde // indirect
|
|
github.com/beorn7/perks v1.0.1 // indirect
|
|
github.com/bkielbasa/cyclop v1.2.0 // indirect
|
|
github.com/bmatcuk/doublestar/v4 v4.0.2 // indirect
|
|
github.com/bombsimon/wsl/v3 v3.3.0 // indirect
|
|
github.com/cespare/xxhash/v2 v2.1.1 // indirect
|
|
github.com/charithe/durationcheck v0.0.8 // indirect
|
|
github.com/chavacava/garif v0.0.0-20210405164556-e8a0a408d6af // indirect
|
|
github.com/daixiang0/gci v0.2.9 // indirect
|
|
github.com/davecgh/go-spew v1.1.1 // indirect
|
|
github.com/denis-tingajkin/go-header v0.4.2 // indirect
|
|
github.com/esimonov/ifshort v1.0.2 // indirect
|
|
github.com/ettle/strcase v0.1.1 // indirect
|
|
github.com/fatih/color v1.12.0 // indirect
|
|
github.com/fatih/structtag v1.2.0 // indirect
|
|
github.com/fsnotify/fsnotify v1.4.9 // indirect
|
|
github.com/fzipp/gocyclo v0.3.1 // indirect
|
|
github.com/go-critic/go-critic v0.5.6 // indirect
|
|
github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 // indirect
|
|
github.com/go-toolsmith/astcast v1.0.0 // indirect
|
|
github.com/go-toolsmith/astcopy v1.0.0 // indirect
|
|
github.com/go-toolsmith/astequal v1.0.0 // indirect
|
|
github.com/go-toolsmith/astfmt v1.0.0 // indirect
|
|
github.com/go-toolsmith/astp v1.0.0 // indirect
|
|
github.com/go-toolsmith/strparse v1.0.0 // indirect
|
|
github.com/go-toolsmith/typep v1.0.2 // indirect
|
|
github.com/go-xmlfmt/xmlfmt v0.0.0-20191208150333-d5b6f63a941b // indirect
|
|
github.com/gobwas/glob v0.2.3 // indirect
|
|
github.com/gofrs/flock v0.8.1 // indirect
|
|
github.com/golang/protobuf v1.5.2 // indirect
|
|
github.com/golangci/check v0.0.0-20180506172741-cfe4005ccda2 // indirect
|
|
github.com/golangci/dupl v0.0.0-20180902072040-3e9179ac440a // indirect
|
|
github.com/golangci/go-misc v0.0.0-20180628070357-927a3d87b613 // indirect
|
|
github.com/golangci/gofmt v0.0.0-20190930125516-244bba706f1a // indirect
|
|
github.com/golangci/lint-1 v0.0.0-20191013205115-297bf364a8e0 // indirect
|
|
github.com/golangci/maligned v0.0.0-20180506175553-b1d89398deca // indirect
|
|
github.com/golangci/misspell v0.3.5 // indirect
|
|
github.com/golangci/revgrep v0.0.0-20210208091834-cd28932614b5 // indirect
|
|
github.com/golangci/unconvert v0.0.0-20180507085042-28b1c447d1f4 // indirect
|
|
github.com/google/go-cmp v0.5.5 // indirect
|
|
github.com/gordonklaus/ineffassign v0.0.0-20210225214923-2e10b2664254 // indirect
|
|
github.com/gostaticanalysis/analysisutil v0.4.1 // indirect
|
|
github.com/gostaticanalysis/comment v1.4.1 // indirect
|
|
github.com/gostaticanalysis/forcetypeassert v0.0.0-20200621232751-01d4955beaa5 // indirect
|
|
github.com/gostaticanalysis/nilerr v0.1.1 // indirect
|
|
github.com/hashicorp/errwrap v1.0.0 // indirect
|
|
github.com/hashicorp/go-multierror v1.1.1 // indirect
|
|
github.com/hashicorp/hcl v1.0.0 // indirect
|
|
github.com/inconshreveable/mousetrap v1.0.0 // indirect
|
|
github.com/jgautheron/goconst v1.5.1 // indirect
|
|
github.com/jingyugao/rowserrcheck v1.1.0 // indirect
|
|
github.com/jirfag/go-printf-func-name v0.0.0-20200119135958-7558a9eaa5af // indirect
|
|
github.com/julz/importas v0.0.0-20210419104244-841f0c0fe66d // indirect
|
|
github.com/kisielk/errcheck v1.6.0 // indirect
|
|
github.com/kisielk/gotool v1.0.0 // indirect
|
|
github.com/kulti/thelper v0.4.0 // indirect
|
|
github.com/kunwardeep/paralleltest v1.0.2 // indirect
|
|
github.com/kyoh86/exportloopref v0.1.8 // indirect
|
|
github.com/ldez/gomoddirectives v0.2.2 // indirect
|
|
github.com/ldez/tagliatelle v0.2.0 // indirect
|
|
github.com/magiconair/properties v1.8.5 // indirect
|
|
github.com/maratori/testpackage v1.0.1 // indirect
|
|
github.com/matoous/godox v0.0.0-20210227103229-6504466cf951 // indirect
|
|
github.com/mattn/go-colorable v0.1.8 // indirect
|
|
github.com/mattn/go-isatty v0.0.12 // indirect
|
|
github.com/mattn/go-runewidth v0.0.9 // indirect
|
|
github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
|
|
github.com/mbilski/exhaustivestruct v1.2.0 // indirect
|
|
github.com/mgechev/dots v0.0.0-20190921121421-c36f7dcfbb81 // indirect
|
|
github.com/mgechev/revive v1.1.1 // indirect
|
|
github.com/mitchellh/go-homedir v1.1.0 // indirect
|
|
github.com/mitchellh/mapstructure v1.4.1 // indirect
|
|
github.com/moricho/tparallel v0.2.1 // indirect
|
|
github.com/nakabonne/nestif v0.3.0 // indirect
|
|
github.com/nbutton23/zxcvbn-go v0.0.0-20210217022336-fa2cb2858354 // indirect
|
|
github.com/nishanths/exhaustive v0.2.3 // indirect
|
|
github.com/nishanths/predeclared v0.2.1 // indirect
|
|
github.com/nxadm/tail v1.4.8 // indirect
|
|
github.com/olekukonko/tablewriter v0.0.5 // indirect
|
|
github.com/pelletier/go-toml v1.9.3 // indirect
|
|
github.com/phayes/checkstyle v0.0.0-20170904204023-bfd46e6a821d // indirect
|
|
github.com/pkg/errors v0.9.1 // indirect
|
|
github.com/pmezard/go-difflib v1.0.0 // indirect
|
|
github.com/polyfloyd/go-errorlint v0.0.0-20210722154253-910bb7978349 // indirect
|
|
github.com/prometheus/client_golang v1.7.1 // indirect
|
|
github.com/prometheus/client_model v0.2.0 // indirect
|
|
github.com/prometheus/common v0.10.0 // indirect
|
|
github.com/prometheus/procfs v0.6.0 // indirect
|
|
github.com/quasilyte/go-ruleguard v0.3.4 // indirect
|
|
github.com/quasilyte/regex/syntax v0.0.0-20200407221936-30656e2c4a95 // indirect
|
|
github.com/ryancurrah/gomodguard v1.2.3 // indirect
|
|
github.com/ryanrolds/sqlclosecheck v0.3.0 // indirect
|
|
github.com/sanposhiho/wastedassign/v2 v2.0.6 // indirect
|
|
github.com/securego/gosec/v2 v2.8.1 // indirect
|
|
github.com/shazow/go-diff v0.0.0-20160112020656-b6b7b6733b8c // indirect
|
|
github.com/sirupsen/logrus v1.8.1 // indirect
|
|
github.com/sonatard/noctx v0.0.1 // indirect
|
|
github.com/sourcegraph/go-diff v0.6.1 // indirect
|
|
github.com/spf13/afero v1.6.0 // indirect
|
|
github.com/spf13/cast v1.3.1 // indirect
|
|
github.com/spf13/cobra v1.2.1 // indirect
|
|
github.com/spf13/jwalterweatherman v1.1.0 // indirect
|
|
github.com/spf13/pflag v1.0.5 // indirect
|
|
github.com/spf13/viper v1.8.1 // indirect
|
|
github.com/ssgreg/nlreturn/v2 v2.1.0 // indirect
|
|
github.com/stretchr/objx v0.1.1 // indirect
|
|
github.com/stretchr/testify v1.7.0 // indirect
|
|
github.com/subosito/gotenv v1.2.0 // indirect
|
|
github.com/tdakkota/asciicheck v0.0.0-20200416200610-e657995f937b // indirect
|
|
github.com/tetafro/godot v1.4.9 // indirect
|
|
github.com/timakin/bodyclose v0.0.0-20200424151742-cb6215831a94 // indirect
|
|
github.com/tomarrell/wrapcheck/v2 v2.3.0 // indirect
|
|
github.com/tommy-muehle/go-mnd/v2 v2.4.0 // indirect
|
|
github.com/ultraware/funlen v0.0.3 // indirect
|
|
github.com/ultraware/whitespace v0.0.4 // indirect
|
|
github.com/uudashr/gocognit v1.0.5 // indirect
|
|
github.com/yeya24/promlinter v0.1.0 // indirect
|
|
golang.org/x/mod v0.4.2 // indirect
|
|
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect
|
|
golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c // indirect
|
|
golang.org/x/text v0.3.6 // indirect
|
|
golang.org/x/tools v0.1.5 // indirect
|
|
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
|
|
gopkg.in/ini.v1 v1.62.0 // indirect
|
|
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
|
|
gopkg.in/yaml.v2 v2.4.0 // indirect
|
|
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
|
|
honnef.co/go/tools v0.2.1 // indirect
|
|
mvdan.cc/gofumpt v0.1.1 // indirect
|
|
mvdan.cc/interfacer v0.0.0-20180901003855-c20040233aed // indirect
|
|
mvdan.cc/lint v0.0.0-20170908181259-adc824a0674b // indirect
|
|
mvdan.cc/unparam v0.0.0-20210104141923-aac4ce9116a7 // indirect
|
|
)
|