-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Update go workflow that includes gosec #82
base: main
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks Hiep! Some things we've also discussed offline:
- As expected, all the service repos have a bulk of spotted gosec issues. If I'm not mistaken, babylond has the most reports (around 2k). It'd be useful if we can use the GH UI to visualize the babylond error report, if it's easy to enable.
- Due to the volume of the reported issues, we'll allow the gosec step to fail initially. The steps to making the gosec step compulsory would be the following:
- The service owners identify the valid reported issues and resolve them
- The service owners identify the non-valid reported issues and in conjuction with us silence them (this will be possible through
gosec
flags) - Once the above steps are applied and the gosec tool reports no issues, we remove the "allow-to-fail" CLI flag
Damm, it is a lot of warnings! - https://github.com/babylonlabs-io/babylon/actions/runs/10985752891/job/30498103625?pr=82 |
We should prob ignore |
Indeed when adding
The issues reduce significantly to less than 200 |
No description provided.