Commit 598ebdd8 authored by hashworks's avatar hashworks
Browse files

Add dependency scanning with arch-audit

parent 79e8df9a
Pipeline #729 failed with stages
in 2 minutes and 55 seconds
......@@ -43,8 +43,18 @@ test:
- pacman -Sy
- pacman -Qqk
- pacman -Syu --noconfirm docker grep
- pacman -Syu --noconfirm docker grep arch-audit jq
- docker -v
- id -u http
- locale | grep -q UTF-8
- echo '{"version":"3.0.1","vulnerabilities":['
$(arch-audit --color never --recursive --format
'{"category":"Dependency Scanning","id":"%n","name":"%n","message":"Package %n is affected by known CVEs. It is required by %r.","scanner":{"id":"arch_audit","name":"arch-audit"},"identifiers":[%c],"links":[""]},')
| sed 's/\(CVE-[0-9]\{4\}-[0-9]\{1,\}\)/{"type":"cve","name":"\1","value":"\1","link":"https:\/\/\/cgi-bin\/cvename.cgi?name=\1"}/g'
| sed 's/,]/]/g'
| jq > arch-audit.json
dependency_scanning: arch-audit.json
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment