feat(GODT-3160): no need to ignore vulns

2025-12-10 04:36:43 +00:00 · 2024-01-24 10:30:30 +01:00
parent 374194c13b
commit 164fb23653
4 changed files with 2 additions and 12 deletions
--- a/ci/setup.yml
+++ b/ci/setup.yml
@ -2,6 +2,6 @@

 include:
  - project: 'go/bridge-internal'
-    ref: 'feat/godt-3160'
+    ref: 'master'
    file: 'ci/runners-setup.yml'

--- a/ci/test.yml
+++ b/ci/test.yml
@ -134,7 +134,6 @@ go-vuln-check:
  tags:
    - shared-medium
  script:
-    - apt-get -y install jq
    - ./utils/govulncheck.sh
  artifacts:
    when: always
--- a/tests/collector_test.go
+++ b/tests/collector_test.go
@ -69,7 +69,7 @@ func awaitType[T events.Event](c *eventCollector, ofType T, timeout time.Duratio
 		return *new(T), false //nolint:gocritic
 	}

-	if eventT, ok := event.(T); !ok {
+	if eventT, ok := event.(T); ok {
 		return eventT, true
 	}

--- a/utils/govulncheck.sh
+++ b/utils/govulncheck.sh
@ -27,15 +27,6 @@ main(){

    jq -r '.finding | select( (.osv != null) and (.trace[0].function != null) ) | .osv ' < vulns.json > vulns_osv_ids.txt

-    ignore GO-2023-2102 "GODT-3160 update go to 1.21.4"
-    ignore GO-2023-2043 "GODT-3160 update go to 1.21.4"
-    ignore GO-2023-2041 "GODT-3160 update go to 1.21.4"
-    ignore GO-2023-1878 "GODT-3160 update go to 1.21.4"
-    ignore GO-2023-1987 "GODT-3160 update go to 1.21.4"
-    ignore GO-2023-1840 "GODT-3160 update go to 1.21.4"
-    ignore GO-2023-2185 "GODT-3160 update go to 1.21.4"
-    ignore GO-2023-2186 "GODT-3160 update go to 1.21.4"
-    ignore GO-2023-2382 "GODT-3160 update go to 1.21.4"
    ignore GO-2023-2328 "GODT-3124 RESTY race condition"

    has_vulns