Simon Josefsson <[email protected]> writes: > Simon Josefsson <[email protected]> writes: > >> "Dr. Tobias Quathamer" <[email protected]> writes: >> >>> golang-github-cespare-xxhash >> >> I think this is a false positive > > Another false positive from your list: golang-github-github-smimesign.
I found another different kind of false positive: golang-golang-x-vuln It already contains go.mod files from sub-directories! How did that happen?! https://packages.debian.org/sid/all/golang-golang-x-vuln-dev/filelist I'm going to upload anyway after testing since I make several other changes, including new upstream release. /Simon
signature.asc
Description: PGP signature
