Some related discussion in https://github.com/golang/go/issues/24031 and linked issues.
On Tue, 13 Aug 2019 at 10:32, Steve Mynott <steve.myn...@gmail.com> wrote: > I've been introduced to https://rubysec.com/ which has a database > which easily integrates with builds to check for known security > vulnerabilities in third party libraries and was wondering whether > anything similar exists for go packages? > > A quick search finds https://snyk.io/vuln?type=golang which appears > similar but is basically a pay service based on node.js. > > Also https://www.owasp.org/index.php/OWASP_Dependency_Track_Project > looks interesting but doesn't include go. > > Does such an open source version exist for go which is written in go > and integrates easily with builds? > > -- > Steve Mynott <steve.myn...@gmail.com> > cv25519/ECF8B611205B447E091246AF959E3D6197190DD5 > > -- > You received this message because you are subscribed to the Google Groups > "golang-nuts" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to golang-nuts+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/golang-nuts/CANuZA8RhYQrLY%3DJ_BgqYzJm%3Dehyr%3DbCo1F%3D2pCcJJ8cf2u-Vig%40mail.gmail.com > . > -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/CACoUkn4cAa-t%2B12C0br2tMo0fef0fs%3D4rSnikVkuGrWsxQ-V3g%40mail.gmail.com.