UNPKG

snyk-go-plugin

Version:

Snyk CLI Golang plugin

github.com/snyk/snyk-go-plugin

snyk/snyk-go-plugin

36 lines (25 loc) 1.26 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
![Snyk logo](https://snyk.io/style/asset/logo/snyk-print.svg) *** Snyk helps you find, fix and monitor for known vulnerabilities in your dependencies, both on an ad hoc basis and as part of your CI (Build) system. | :information_source: This repository is only a plugin to be used with the Snyk CLI tool. To use this plugin to test and fix vulnerabilities in your project, install the Snyk CLI tool first. Head over to [snyk.io](https://github.com/snyk/snyk) to get started. | | --- | ## Snyk Golang CLI Plugin This plugin provides dependency metadata for Golang projects that use `dep` (and have a `Gopkg.lock` file), or `govendor` (and have a `vendor/vendor.json` file). ## Breaking changes in v2.x When upgrading from v1 to v2 of this plugin, note that PackageURL information will be present by default when invoking the `inspect()` function. ```diff { "name": "golang.org/x/exp/slices" "version": "#2e198f4a06a1" + "purl": "pkg:golang/golang.org/x/exp@v0.0.0-20230522175609-2e198f4a06a1#slices" } ``` To disable this behaviour, it can be turned off through the options passed to the function: ```diff const result = await inspect( process.cwd(), "go.mod", - {}, + { configuration: { includePackageUrls: false } }, ) ```