This project uses:
- Go Vulnerability Database
- OSV Vulnerability Database
- GitHub's CodeQL (hosted on GitHub)
to scan for vulnerabilities in the dependencies of this project.
During a linting step is run to check for possible code vulnerabilities in this codebase with the help of gosec
This project uses GitHub security alerts containing a lists of supported secrets format to prevent fraudulent use of secrets that were committed accidentally. For more information see Secret scanning patterns