Silverfish/proton-bridge
1
0
Fork 1
mirror of https://github.com/ProtonMail/proton-bridge.git synced 2026-02-04 00:08:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

chore(BRIDGE-392): bump go to 1.24.4

Browse Source
This commit is contained in:
Atanas Janeshliev
2025-06-20 16:19:12 +02:00
parent 5832d48a5b
commit 2f2a8a200b
3 changed files with 14 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
utils/govulncheck.sh
View File

@ -21,19 +21,19 @@
set -eo pipefail
main(){
go install golang.org/x/vuln/cmd/govulncheck@latest
echo "Using Go version:"
go version
echo
## go install golang.org/x/vuln/cmd/govulncheck@latest
make gofiles
govulncheck -json ./... > vulns.json
GOTOOLCHAIN=auto go run golang.org/x/vuln/cmd/govulncheck@latest -json ./... > vulns.json
jq -r '.finding | select( (.osv != null) and (.trace[0].function != null) ) | .osv ' < vulns.json > vulns_osv_ids.txt
ignore GO-2023-2328 "GODT-3124 RESTY race condition"
ignore GO-2025-3563 "BRIDGE-346 net/http request smuggling"
ignore GO-2025-3749 "BRIDGE-388 affects github.com/cloudflare/circl, not used"
ignore GO-2025-3750 "BRIDGE-388 net/http Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects"
ignore GO-2025-3751 "BRIDGE-388 affects syscall and os for symlink files"
ignore GO-2025-3754 "BRIDGE-388 crypto/x509 policy graphs"
ignore GO-2025-3754 "BRIDGE-388 github.com/cloudflare/circl indirect import from gopenpgp; need to wait for upstream to patch"
has_vulns