rms/VictoriaMetrics
1
0
Fork 0
mirror of https://github.com/VictoriaMetrics/VictoriaMetrics.git synced 2026-06-16 23:33:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

Makefile: add govulncheck-docker target (#10981)

Browse Source 
govulncheck run locally uses the local Go version, which may differ from
the one used to build production binaries.

For example, local go1.26.2 may report vulnerabilities already fixed in
go1.26.3 used by the builder.
In this case the command would report issues which has to be manually
triaged by a developer.

Add govulncheck-docker target that runs govulncheck inside a Docker
container using the same version used to build production binaries.

The command will be used in release scripts and could be used manually.

PR https://github.com/VictoriaMetrics/VictoriaMetrics/pull/10981
This commit is contained in:
Max Kotliar
2026-05-21 15:58:30 +03:00
committed by GitHub
parent e303965b6c
commit 37a662b7e7
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
Makefile
View File

@@ -535,6 +535,9 @@ remove-golangci-lint:
govulncheck: install-govulncheck
govulncheck ./...
govulncheck-docker:
docker run -w $(PWD) -v $(PWD):$(PWD) "$(GO_BUILDER_IMAGE)" /bin/sh -c "go install golang.org/x/vuln/cmd/govulncheck@latest && govulncheck ./..."
install-govulncheck:
which govulncheck || go install golang.org/x/vuln/cmd/govulncheck@latest