Commit Graph

4 Commits

Author SHA1 Message Date
Robin H. Johnson
fcac8b1239
build: exclude go caches from gosec
Without tuning, gosec scans all of the vendor/gocache/gomodcache, taking
several minutes (3m35 here), whereas the core of the yq takes only 15
seconds to scan.

If we intend to remediate upstream issues in future; add a seperate
target to scan those.

Signed-off-by: Robin H. Johnson <rjohnson@coreweave.com>
2025-12-29 10:10:59 -08:00
Mike Farah
85bbbbeed4 shellcheck 2021-07-18 17:05:12 +10:00
Mike Farah
b4ce50b705 Fixed secure script to run against all files 2021-07-07 20:06:14 +10:00
Mike Farah
b2186d5404 Added gosec 2021-03-03 19:44:34 +11:00