Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

supply chain security: add govulncheck into CI/CD workflow to check against vulnerabilities introduced in dependencies or freshly patched #3992

Open
odeke-em opened this issue Mar 22, 2025 · 0 comments · May be fixed by #3993
Open

supply chain security: add govulncheck into CI/CD workflow to check against vulnerabilities introduced in dependencies or freshly patched #3992

odeke-em opened this issue Mar 22, 2025 · 0 comments · May be fixed by #3993
Labels
devops 🗺️good first issue🗺️ Ideal for newcomer contributors security Security-sensitive issue

Comments

@odeke-em
Copy link
Contributor

Description

To strengthen the supply chain security of the Gno ecosystem, we need to be very proactive and that should involve us taking advantage of tooling such as https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck which we should add before any PR merge that'll be run and if it fails, should flag a PR as not mergeable.
odeke-em added a commit to odeke-em/gno that referenced this issue Mar 22, 2025
@odeke-em
chore: add govulncheck to Makefile for continuous supply chain securi…
aa8b75b 
…ty checks

This change adds a Makefile directive for continuous supply chain
security checks that when run will check against the Go module
vulnerabilities and CVEs.

Fixes gnolang#3992
@odeke-em odeke-em linked a pull request Mar 22, 2025 that will close this issue
Open
@moul moul added security Security-sensitive issue devops 🗺️good first issue🗺️ Ideal for newcomer contributors labels Mar 24, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
devops 🗺️good first issue🗺️ Ideal for newcomer contributors security Security-sensitive issue
Projects
🧙‍♂️gno.land core team
Status: Triage
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

chore: add govulncheck to Makefile for continuous supply chain security checks odeke-em/gno
2 participants
@moul @odeke-em