mirrors/kitty
1
0
Fork 0
mirror of https://github.com/kovidgoyal/kitty synced 2026-06-06 01:05:48 +02:00
Code Issues Packages Projects Releases Wiki Activity

Run govulncheck on the binary and remove upload of SARIF to github as github doesnt like the SARIF govulncheck produces

Browse Source
This commit is contained in:
Kovid Goyal
2025-09-24 13:12:00 +05:30
parent 4771de3f95
commit 3b0938e878
2 changed files with 2 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/ci.py vendored
View File

@@ -270,10 +270,8 @@ def main() -> None:
test_kitty() test_kitty()
elif action == 'govulncheck': elif action == 'govulncheck':
subprocess.check_call(['go', 'install', 'golang.org/x/vuln/cmd/govulncheck@latest']) subprocess.check_call(['go', 'install', 'golang.org/x/vuln/cmd/govulncheck@latest'])
with open('govulncheck.sarif', 'wb') as f: subprocess.check_call(['govulncheck', '-mode=binary', 'kitty/launcher/kitten'])
subprocess.check_call(['govulncheck', '-format', 'sarif', './...'], stdout=f) subprocess.check_call(['govulncheck', './...'])
with open('govulncheck.sarif') as f:
print(f.read())
elif action == 'gofmt': elif action == 'gofmt':
q = subprocess.check_output('gofmt -s -l tools kittens'.split()).decode() q = subprocess.check_output('gofmt -s -l tools kittens'.split()).decode()
if q.strip(): if q.strip():

7
.github/workflows/codeql-analysis.yml vendored
View File

@@ -68,10 +68,3 @@ jobs:
- name: Run govulncheck - name: Run govulncheck
if: matrix.language == 'go' if: matrix.language == 'go'
run: python3 .github/workflows/ci.py govulncheck run: python3 .github/workflows/ci.py govulncheck
- name: Upload govulncheck results
if: matrix.language == 'go'
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: govulncheck.sarif
category: govulncheck