Merge pull request #256 from apptainer/dependabot/go_modules/main/git…

…hub.com/spf13/pflag-1.0.6 build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6
apptainer · Jan 30, 2025 · e6d1064 · e6d1064
2 parents 84154b2 + 053233f
commit e6d1064
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 3 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -33,8 +33,20 @@ jobs:
       - name: Install govulncheck
         run: go install golang.org/x/vuln/cmd/govulncheck@latest
 
+      - name: Install jq
+        run: sudo apt-get update && sudo apt-get install -y jq
+
       - name: Check for vulnerabilities
-        run: $HOME/go/bin/govulncheck ./...
+        run: |
+            $HOME/go/bin/govulncheck -format json ./...|jq -r .finding.osv|grep -v null|sort -u >/tmp/vuln-cves
+            CVES="$(cat .govulncheck-ignorecves .govulncheck-ignorecves /tmp/vuln-cves|sort|uniq -u)"
+            if [ -n "$CVES" ]; then
+                echo >&2
+                echo "***" govulncheck CVES that are not ignored: $CVES "***" >&2
+                echo >&2
+                set -x
+                $HOME/go/bin/govulncheck -show verbose ./...
+            fi
 
       - name: Build Source
         run: go build ./...

diff --git a/.govulncheck-ignorecves b/.govulncheck-ignorecves
@@ -0,0 +1,2 @@
+GO-2025-3373
+GO-2025-3420
diff --git a/go.mod b/go.mod
@@ -11,7 +11,7 @@ require (
 	github.com/sebdah/goldie/v2 v2.5.5
 	github.com/sigstore/sigstore v1.8.12
 	github.com/spf13/cobra v1.8.1
-	github.com/spf13/pflag v1.0.5
+	github.com/spf13/pflag v1.0.6
 )
 
 require (

diff --git a/go.sum b/go.sum
@@ -63,8 +63,9 @@ github.com/sigstore/sigstore v1.8.12 h1:S8xMVZbE2z9ZBuQUEG737pxdLjnbOIcFi5v9UFfk
 github.com/sigstore/sigstore v1.8.12/go.mod h1:+PYQAa8rfw0QdPpBcT+Gl3egKD9c+TUgAlF12H3Nmjo=
 github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM=
 github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y=
-github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
 github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o=
+github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=