Skip to content

build(govulncheck): exclude reviewed vulnerability IDs#1039

Merged
burningalchemist merged 1 commit into
masterfrom
fix/govuln-binary-fix
Jul 9, 2026
Merged

build(govulncheck): exclude reviewed vulnerability IDs#1039
burningalchemist merged 1 commit into
masterfrom
fix/govuln-binary-fix

Conversation

@burningalchemist

Copy link
Copy Markdown
Owner

This pull request updates the govulncheck-binary.yml workflow to improve vulnerability checking by allowing the exclusion of specific, known vulnerabilities from failing the workflow. The main change is that the workflow now filters out the known GO-2026-5932 vulnerability (which is not relevant to the codebase), ensuring that only new or unapproved vulnerabilities will cause the workflow to fail.

Vulnerability check improvements:

  • Modified the govulncheck step to always succeed, then added logic to exclude the known GO-2026-5932 vulnerability from causing workflow failures, while still failing the workflow if any other vulnerabilities are detected (.github/workflows/govulncheck-binary.yml).

@burningalchemist
burningalchemist merged commit 3485e1f into master Jul 9, 2026
1 of 3 checks passed
@burningalchemist
burningalchemist deleted the fix/govuln-binary-fix branch July 9, 2026 10:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant