What is Nostr?
Filippo Valsorda :go: /
npub1whz…kn2m
2024-06-16 13:28:03

Filippo Valsorda :go: on Nostr: Trivy 0.52.1 on age v1.1.1 > Total: 31 (UNKNOWN: 2, LOW: 0, MEDIUM: 13, HIGH: 14, ...

Trivy 0.52.1 on age v1.1.1

> Total: 31 (UNKNOWN: 2, LOW: 0, MEDIUM: 13, HIGH: 14, CRITICAL: 2)

govulncheck v1.1.2

> No vulnerabilities found.

govulncheck is correct. All the vulns reported by the other thing are provably false positives.

When I did the initial design of govulncheck, I made minimizing noise a priority, to give devs a chance to actually triage potential vulns.

I suspect I was wrong: if the tool is too good, it will find nothing most of the time, and devs will not trust it.
Author Public Key
npub1whzyg92c6fsvpjjcnn504z0a2pfwenctp872sgmedqg2np4drj8qwakn2m