•  
      request #38287 Adjust OSV Scanner setup to behave identically in CI and dev env and temporarily ignore Go 1.22.3+ sec issues
    Infos
    #38287
    Thomas Gerbet (tgerbet)
    2024-06-05 14:00
    2024-06-05 10:08
    39906
    Details
    Adjust OSV Scanner setup to behave identically in CI and dev env and temporarily ignore Go 1.22.3+ sec issues

    We currently have 3 issues:

    • we are getting alerts for Go [1.22.0; 1.22.1] stdlib issues while we are using Go 1.22.2
    • we have differences when we run make scan-vuln-deps locally after having built the whole stack and what the CI does
    • we are getting valid alerts Go stdlib for things that have been fixed in Go 1.22.3 and 1.22.4, those have no direct impact for our use cases so they will wait until Go 1.22.4 lands in nixpkgs cache
    Dev tools
    All
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Thomas Gerbet (tgerbet)
    Closed
    2024-06-05
    Attachments
    Empty
    References
    Referencing request #38287

    Follow-ups