Simon Josefsson <[email protected]> writes:

> Simon Josefsson <[email protected]> writes:
>
>> "Dr. Tobias Quathamer" <[email protected]> writes:
>>
>>> golang-github-cespare-xxhash
>>
>> I think this is a false positive
>
> Another false positive from your list: golang-github-github-smimesign.

I found another different kind of false positive: golang-golang-x-vuln

It already contains go.mod files from sub-directories!  How did that
happen?!

https://packages.debian.org/sid/all/golang-golang-x-vuln-dev/filelist

I'm going to upload anyway after testing since I make several other
changes, including new upstream release.

/Simon

Attachment: signature.asc
Description: PGP signature

Reply via email to