Skip to content

Feature/add nancy scan#106

Closed
devznsh wants to merge 16 commits intomicrocks:masterfrom
devznsh:feature/add-nancy-scan
Closed

Feature/add nancy scan#106
devznsh wants to merge 16 commits intomicrocks:masterfrom
devznsh:feature/add-nancy-scan

Conversation

@devznsh
Copy link
Copy Markdown

@devznsh devznsh commented Feb 14, 2025

Summary

This pull request updates the build-verify.yml GitHub Actions workflow to use the Dockerized version of Nancy for vulnerability scanning. This change ensures compatibility and ease of use by running Nancy inside a Docker container.

Description

  • feat: Use Dockerized version of Nancy for vulnerability scanning
    • Updated the Run Nancy step to use the Dockerized version of Nancy.
    • Removed the manual installation of Nancy.

Breaking Changes

None.

Related Issue(s)

Resolves #105

devznsh and others added 16 commits February 15, 2025 00:18
@devznsh
Added Nancy to GitHub Actions workflow for security scanning
17e786e
@devznsh
Added Nancy to GitHub Actions workflow for security scanning
3d7c545
@devznsh
Update build-verify.yml
60598e8
@devznsh
Update build-verify.yml
3ac27a8
@devznsh
Update build-verify.yml
e912f1f
@devznsh
Update build-verify.yml
13ab8f2
@devznsh
Merge branch 'add-nancy-security-scan' of https://github.com/devznsh/…
8e54332 
…microcks-cli into add-nancy-security-scan
@devznsh
Fix: Integrate Nancy vulnerability scanning and correct image signing
f26aa28
@devznsh
Fix: Integrate Nancy vulnerability scanning and correct image signing
d3c8ed3
@devznsh
Fix: Integrate Nancy vulnerability scanning and correct image signing
7e4288a
@devznsh
Fix: Install Nancy correctly and add /usr/local/bin to PATH
ad6a11d
@devznsh
Update build-verify.yml
2b3f0ad
@devznsh
Update build-verify.yml
f6ac4fa
@devznsh
Fix: Integrate Nancy vulnerability scanning and correct image signing
7597a27
@devznsh
Update build-verify.yml
61fe994
@devznsh
Update build-verify.yml
e2f3406
@devznsh devznsh requested a review from lbroudoux as a code owner February 14, 2025 21:12
@github-actions
Copy link
Copy Markdown

github-actions bot commented Feb 14, 2025

👋 @devznsh

Welcome to the Microcks community! 💖

Thanks and congrats 🎉 for opening your first pull request here! Be sure to follow the pull request template or please update it accordingly.

Hope you have a great time there!

🌟 ~~~~~~~~~ 🌟

📢 If you like Microcks, please ⭐ star ⭐ our repo to support it!

🙏 It really helps the project to gain momentum and credibility. It's a small contribution back to the project with a big impact.

@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 17, 2025

This pull request has been automatically marked as stale because it has not had recent activity 😴

It will be closed in 30 days if no further activity occurs. To unstale this pull request, add a comment with detailed explanation.

There can be many reasons why some specific pull request has no activity. The most probable cause is lack of time, not lack of interest. Microcks is a Cloud Native Computing Foundation project not owned by a single for-profit company. It is a community-driven initiative ruled under open governance model.

Let us figure out together how to push this pull request forward. Connect with us through one of many communication channels we established here.

Thank you for your patience ❤️

@github-actions github-actions bot added the stale State due to inactivity label Mar 17, 2025
@github-actions github-actions bot closed this Apr 16, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lbroudoux lbroudoux Awaiting requested review from lbroudoux lbroudoux is a code owner

Assignees

No one assigned

Labels

stale State due to inactivity

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

feature - Proposal to Add Nancy for Vulnerability Scanning in Golang Dependencies

1 participant

@devznsh