RNS-Things/MeshChatX
2
0
Fork 0
Code Issues 8 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2955b5f2c246a9e4d774bdc02df93b06706229da
MeshChatX/scripts/osv_scan.sh
Sudo-Ivan 961ad0f6ca
Some checks failed
CI / test-backend (push) Successful in 4s
Details
Tests / test (push) Failing after 22m9s
Details
CI / lint (push) Failing after 5m10s
Details
Build Test / Build and Test (pull_request) Successful in 5m12s
Details
CI / build-frontend (push) Successful in 9m43s
Details
CI / test-lang (push) Successful in 9m40s
Details
CI / lint (pull_request) Failing after 5m0s
Details
CI / test-backend (pull_request) Successful in 4s
Details
Build and Publish Docker Image / build (pull_request) Has been skipped
Details
OSV-Scanner PR Scan / scan-pr (pull_request) Successful in 7s
Details
Benchmarks / benchmark (push) Successful in 14m33s
Details
Benchmarks / benchmark (pull_request) Successful in 14m36s
Details
CI / build-frontend (pull_request) Successful in 9m40s
Details
Tests / test (pull_request) Failing after 7m18s
Details
Build Test / Build and Test (push) Successful in 17m57s
Details
CI / test-lang (pull_request) Successful in 9m34s
Details
Build and Publish Docker Image / build-dev (pull_request) Successful in 13m6s
Details
feat(scripts): add OSV-Scanner script for vulnerability scanning and reporting
2026-01-03 19:40:31 -06:00

39 lines
951 B
Bash
Raw Blame History

#!/usr/bin/env bash
set -euo pipefail
OSV_VERSION="${OSV_VERSION:-v2.3.1}"
echo "Installing OSV-Scanner ${OSV_VERSION}..."
curl -sSL "https://github.com/google/osv-scanner/releases/download/${OSV_VERSION}/osv-scanner_linux_amd64" -o /tmp/osv-scanner
chmod +x /tmp/osv-scanner
sudo mv /tmp/osv-scanner /usr/local/bin/osv-scanner
echo "Running OSV-Scanner recursively..."
OSV_JSON="$(mktemp)"
trap 'rm -f "$OSV_JSON"' EXIT
osv-scanner --recursive ./ --format json > "$OSV_JSON" || true
if ! command -v jq >/dev/null 2>&1; then
echo "Error: jq is not installed. Please install jq to parse OSV results."
exit 1
fi
VULNS=$(jq -r '
.results[]? |
.source as $src |
.vulns[]? |
"\(.id) (source: \($src))"
' "$OSV_JSON")
if [ -n "$VULNS" ]; then
echo "OSV scan found vulnerabilities:"
echo "$VULNS" | while IFS= read -r line; do
echo " - $line"
done
exit 1
else
echo "OSV scan: no vulnerabilities found."
fi
Reference in New Issue View Git Blame Copy Permalink