mirror of
https://github.com/dockersrc/go
synced 2026-07-14 23:45:58 -04:00
Scan Go dependencies against the vulnerability database automatically on every run, between vet and test. Fail fast on known CVEs before spending time running the full test suite. - rootfs/usr/local/bin/go-workflow: add govulncheck ./... as step 4; renumber build to step 6 - README.md: update default workflow diagram to include govulncheck README.md rootfs/usr/local/bin/go-workflow
This commit is contained in:
@@ -61,9 +61,11 @@ run_step "go mod tidy" go mod tidy
|
||||
run_step "gofmt -w ." gofmt -w .
|
||||
# 3. Catch suspicious constructs
|
||||
run_step "go vet ./..." go vet ./...
|
||||
# 4. Run tests — fail fast before wasting time on a build
|
||||
# 4. Scan dependencies against the Go vulnerability database
|
||||
run_step "govulncheck ./..." govulncheck ./...
|
||||
# 5. Run tests — fail fast before wasting time on a build
|
||||
run_step "go test ./..." go test ./...
|
||||
# 5. Build all main packages; output lands alongside source in each package dir
|
||||
# 6. Build all main packages; output lands alongside source in each package dir
|
||||
run_step "go build ./..." go build "${BUILD_FLAGS[@]}" ./...
|
||||
|
||||
echo "✅ Done."
|
||||
|
||||
Reference in New Issue
Block a user