feat: add sonatype-nexus-community/nancy #7495

CrystalMethod · 2022-10-31T12:03:18Z

sonatype-nexus-community/nancy: A tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index

$ aqua g -i sonatype-nexus-community/nancy

How to confirm if this package works well

Reviewers aren't necessarily familiar with this package, so please describe how to confirm if this package works well.
Please confirm if this package works well yourself as much as possible.

Command and output

$ nancy help
nancy is a tool to check for vulnerabilities in your Golang dependencies,
powered by the 'Sonatype OSS Index', and as well, works with Nexus IQ Server, allowing you
a smooth experience as a Golang developer, using the best tools in the market!

Usage:
  nancy [flags]
  nancy [command]

Examples:
  Typical usage will pipe the output of 'go list -json -deps' to 'nancy':
  go list -json -deps ./... | nancy sleuth [flags]
  go list -json -deps ./... | nancy iq [flags]

  If using dep typical usage is as follows :
  nancy sleuth -p Gopkg.lock [flags]
  nancy iq -p Gopkg.lock [flags]


Available Commands:
  config      Setup credentials to use when connecting to services
  help        Help about any command
  iq          Check for vulnerabilities in your Golang dependencies using 'Sonatype's Nexus IQ IQServer'
  sleuth      Check for vulnerabilities in your Golang dependencies using Sonatype's OSS Index
  update      Check if there are any updates available

Flags:
  -v, -- count                 Set log level, multiple v's is more verbose
  -c, --clean-cache            Deletes local cache directory
  -d, --db-cache-path string   Specify an alternate path for caching responses from OSS Inde, example: /tmp
  -h, --help                   help for nancy
      --loud                   indicate output should include non-vulnerable packages
  -p, --path string            Specify a path to a dep Gopkg.lock file for scanning
  -q, --quiet                  indicate output should contain only packages with vulnerabilities (default true)
      --skip-update-check      Skip the check for updates.
  -t, --token string           Specify OSS Index API token for request
  -u, --username string        Specify OSS Index username for request
  -V, --version                Get the version

Use "nancy [command] --help" for more information about a command.

[sonatype-nexus-community/nancy](https://github.com/sonatype-nexus-community/nancy): A tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index ```console $ aqua g -i sonatype-nexus-community/nancy ``` ## How to confirm if this package works well Reviewers aren't necessarily familiar with this package, so please describe how to confirm if this package works well. Please confirm if this package works well yourself as much as possible. Command and output ```console $ ``` If files such as configuration file are needed, please share them. ``` ``` Reference -

suzuki-shunsuke · 2022-10-31T12:43:50Z

Thank you always!

suzuki-shunsuke · 2022-10-31T13:14:40Z

Released. https://github.com/aquaproj/aqua-registry/releases/tag/v3.85.0

suzuki-shunsuke added the enhancement New feature or request label Oct 31, 2022

suzuki-shunsuke added this to the v3.85.0 milestone Oct 31, 2022

fix(sonatype-nexus-community/nancy): support old versions

f469efc

suzuki-shunsuke merged commit 26fe3fd into aquaproj:main Oct 31, 2022

CrystalMethod deleted the feat/sonatype-nexus-community/nancy branch November 23, 2022 12:49

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: add sonatype-nexus-community/nancy #7495

feat: add sonatype-nexus-community/nancy #7495

CrystalMethod commented Oct 31, 2022

suzuki-shunsuke commented Oct 31, 2022

suzuki-shunsuke commented Oct 31, 2022

feat: add sonatype-nexus-community/nancy #7495

feat: add sonatype-nexus-community/nancy #7495

Conversation

CrystalMethod commented Oct 31, 2022

How to confirm if this package works well

suzuki-shunsuke commented Oct 31, 2022

suzuki-shunsuke commented Oct 31, 2022