mirror of
https://github.com/mikefarah/yq.git
synced 2026-07-02 02:11:39 +00:00
Without tuning, gosec scans all of the vendor/gocache/gomodcache, taking several minutes (3m35 here), whereas the core of the yq takes only 15 seconds to scan. If we intend to remediate upstream issues in future; add a seperate target to scan those. Signed-off-by: Robin H. Johnson <rjohnson@coreweave.com>
14 lines
227 B
Bash
Executable File
14 lines
227 B
Bash
Executable File
#!/bin/bash
|
|
|
|
set -o errexit
|
|
set -o pipefail
|
|
|
|
OPTS=(
|
|
-exclude-dir=vendor
|
|
-exclude-dir=.gomodcache
|
|
-exclude-dir=.gocache
|
|
)
|
|
|
|
command -v gosec &> /dev/null && BIN=gosec || BIN=./bin/gosec
|
|
"${BIN}" "${OPTS[@]}" "${PWD}" ./...
|