Update go-swagger dependency to latest release

[Dean-Coakley]

Proposed changes

• Currently go-swagger is pinned to a specific commit due to v0.30.5 (latest tagged version) panic with Go 1.22 go-swagger/go-swagger#3070 this pr updates to v0.31.0 where the issue is now resolved

Checklist

Before creating a PR, run through this checklist and mark each as complete.

• I have read the CONTRIBUTING document
• I have run make install-tools and have attached any dependency changes to this pull request
• If applicable, I have added tests that prove my fix is effective or that my feature works
• If applicable, I have checked that any relevant tests pass after adding my changes
• If applicable, I have updated any relevant documentation (README.md)
• If applicable, I have tested my cross-platform changes on Ubuntu 22, Redhat 8, SUSE 15 and FreeBSD 13

[netlify]

✅ Deploy Preview for agent-public-docs canceled.

Name	Link
🔨 Latest commit	fefebee
🔍 Latest deploy log	https://app.netlify.com/sites/agent-public-docs/deploys/664de84ce942d00008504895

[github-actions]

Dependency Review

The following issues were found:

• ❌ 1 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 30 package(s) with unknown licenses.

See the Details below.

Vulnerabilities

test/integration/go.mod

Name	Version	Vulnerability	Severity
github.com/docker/docker	25.0.0+incompatible	Classic builder cache poisoning	moderate
		Moby's external DNS requests from 'internal' networks could lead to data exfiltration	moderate

License Issues

go.mod

Package	Version	License	Issue Type
golang.org/x/exp	0.0.0-20240222234643-814bf88cf225	Null	Unknown License
golang.org/x/mod	0.17.0	Null	Unknown License
golang.org/x/net	0.25.0	Null	Unknown License
golang.org/x/sync	0.7.0	Null	Unknown License
golang.org/x/sys	0.20.0	Null	Unknown License
golang.org/x/text	0.15.0	Null	Unknown License
golang.org/x/tools	0.21.0	Null	Unknown License

sdk/go.mod

Package	Version	License	Issue Type
golang.org/x/mod	0.17.0	Null	Unknown License
golang.org/x/net	0.25.0	Null	Unknown License
golang.org/x/sync	0.7.0	Null	Unknown License
golang.org/x/sys	0.20.0	Null	Unknown License
golang.org/x/text	0.15.0	Null	Unknown License
golang.org/x/tools	0.21.0	Null	Unknown License

test/integration/go.mod

Package	Version	License	Issue Type
golang.org/x/crypto	0.23.0	Null	Unknown License
golang.org/x/exp	0.0.0-20240222234643-814bf88cf225	Null	Unknown License
golang.org/x/mod	0.17.0	Null	Unknown License
golang.org/x/net	0.25.0	Null	Unknown License
golang.org/x/sync	0.7.0	Null	Unknown License
golang.org/x/sys	0.20.0	Null	Unknown License
golang.org/x/term	0.20.0	Null	Unknown License
golang.org/x/text	0.15.0	Null	Unknown License
golang.org/x/tools	0.21.0	Null	Unknown License

test/performance/go.mod

Package	Version	License	Issue Type
golang.org/x/crypto	0.23.0	Null	Unknown License
golang.org/x/exp	0.0.0-20240222234643-814bf88cf225	Null	Unknown License
golang.org/x/mod	0.17.0	Null	Unknown License
golang.org/x/net	0.25.0	Null	Unknown License
golang.org/x/sync	0.7.0	Null	Unknown License
golang.org/x/sys	0.20.0	Null	Unknown License
golang.org/x/text	0.15.0	Null	Unknown License
golang.org/x/tools	0.21.0	Null	Unknown License

Allowed Licenses: Apache-1.1, Apache-2.0, BSD-2-Clause, BSD-3-Clause, BSL-1.0, ISC, MIT, NCSA, OpenSSL, Python-2.0, X11, BSD-2-Clause AND BSD-3-Clause, BSD-2-Clause AND ISC

Excluded from license check: pkg:githubactions/fossas/fossa-action, pkg:golang/github.com/shoenig/go-m1cpu, pkg:pypi/pytest-metadata

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
gomod/github.com/google/uuid	1.6.0	🟢 7.2	Details Check Score Reason Code-Review 🟢 9 Found 23/24 approved changesets -- score normalized to 9 Maintained ⚠️ 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST ⚠️ 1 SAST tool is not run on all commits -- score normalized to 1 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/nginx/agent/sdk/v2	2.0.0-00010101000000-000000000000	🟢 7.7	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by personal access token CI-Tests 🟢 10 26 out of 26 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed Contributors 🟢 10 5 different organizations found -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) out of 30 and 1 issue activity out of 30 found in the last 90 days -- score normalized to 10 Packaging 🟢 10 publishing workflow detected Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 SAST 🟢 7 SAST tool detected but not run on all commits Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ 0 0 out of 5 artifacts are signed or have provenance Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 8 2 existing vulnerabilities detected
gomod/github.com/stretchr/objx	0.5.2	🟢 5	Details Check Score Reason Code-Review 🟢 8 Found 14/17 approved changesets -- score normalized to 8 Maintained 🟢 4 4 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/stretchr/testify	1.9.0	🟢 5.7	Details Check Score Reason Code-Review 🟢 8 Found 11/13 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/golang.org/x/exp	0.0.0-20240222234643-814bf88cf225	Unknown	Unknown
gomod/golang.org/x/mod	0.17.0	Unknown	Unknown
gomod/golang.org/x/net	0.25.0	Unknown	Unknown
gomod/golang.org/x/sync	0.7.0	Unknown	Unknown
gomod/golang.org/x/sys	0.20.0	Unknown	Unknown
gomod/golang.org/x/text	0.15.0	Unknown	Unknown
gomod/golang.org/x/tools	0.21.0	Unknown	Unknown
gomod/github.com/google/uuid	1.5.0	🟢 7.2	Details Check Score Reason Code-Review 🟢 9 Found 23/24 approved changesets -- score normalized to 9 Maintained ⚠️ 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST ⚠️ 1 SAST tool is not run on all commits -- score normalized to 1 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/nginx/agent/sdk/v2	2.30.3	🟢 7.7	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by personal access token CI-Tests 🟢 10 26 out of 26 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed Contributors 🟢 10 5 different organizations found -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) out of 30 and 1 issue activity out of 30 found in the last 90 days -- score normalized to 10 Packaging 🟢 10 publishing workflow detected Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 SAST 🟢 7 SAST tool detected but not run on all commits Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ 0 0 out of 5 artifacts are signed or have provenance Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 8 2 existing vulnerabilities detected
gomod/github.com/stretchr/objx	0.5.1	🟢 5	Details Check Score Reason Code-Review 🟢 8 Found 14/17 approved changesets -- score normalized to 8 Maintained 🟢 4 4 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/stretchr/testify	1.8.4	🟢 5.7	Details Check Score Reason Code-Review 🟢 8 Found 11/13 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/golang.org/x/exp	0.0.0-20240205201215-2c58cdc269a3	Unknown	Unknown
gomod/golang.org/x/mod	0.14.0	Unknown	Unknown
gomod/golang.org/x/net	0.24.0	Unknown	Unknown
gomod/golang.org/x/sync	0.6.0	Unknown	Unknown
gomod/golang.org/x/sys	0.19.0	Unknown	Unknown
gomod/golang.org/x/text	0.14.0	Unknown	Unknown
gomod/golang.org/x/tools	0.17.0	Unknown	Unknown
gomod/github.com/google/uuid	1.6.0	🟢 7.2	Details Check Score Reason Code-Review 🟢 9 Found 23/24 approved changesets -- score normalized to 9 Maintained ⚠️ 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST ⚠️ 1 SAST tool is not run on all commits -- score normalized to 1 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/stretchr/objx	0.5.2	🟢 5	Details Check Score Reason Code-Review 🟢 8 Found 14/17 approved changesets -- score normalized to 8 Maintained 🟢 4 4 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/stretchr/testify	1.9.0	🟢 5.7	Details Check Score Reason Code-Review 🟢 8 Found 11/13 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/golang.org/x/mod	0.17.0	Unknown	Unknown
gomod/golang.org/x/net	0.25.0	Unknown	Unknown
gomod/golang.org/x/sync	0.7.0	Unknown	Unknown
gomod/golang.org/x/sys	0.20.0	Unknown	Unknown
gomod/golang.org/x/text	0.15.0	Unknown	Unknown
gomod/golang.org/x/tools	0.21.0	Unknown	Unknown
gomod/github.com/google/go-cmp	0.6.0	🟢 8.1	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained ⚠️ 2 0 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 2 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 10 all dependencies are pinned Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
gomod/github.com/google/uuid	1.5.0	🟢 7.2	Details Check Score Reason Code-Review 🟢 9 Found 23/24 approved changesets -- score normalized to 9 Maintained ⚠️ 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST ⚠️ 1 SAST tool is not run on all commits -- score normalized to 1 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/stretchr/objx	0.5.1	🟢 5	Details Check Score Reason Code-Review 🟢 8 Found 14/17 approved changesets -- score normalized to 8 Maintained 🟢 4 4 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/stretchr/testify	1.8.4	🟢 5.7	Details Check Score Reason Code-Review 🟢 8 Found 11/13 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/golang.org/x/mod	0.14.0	Unknown	Unknown
gomod/golang.org/x/net	0.24.0	Unknown	Unknown
gomod/golang.org/x/sys	0.19.0	Unknown	Unknown
gomod/golang.org/x/text	0.14.0	Unknown	Unknown
gomod/golang.org/x/tools	0.17.0	Unknown	Unknown
gomod/github.com/docker/docker	25.0.0+incompatible	🟢 7.2	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 9 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/go-openapi/jsonpointer	0.21.0	Unknown	Unknown
gomod/github.com/go-openapi/jsonreference	0.21.0	🟢 4.6	Details Check Score Reason Code-Review 🟢 3 Found 6/19 approved changesets -- score normalized to 3 Maintained 🟢 5 7 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/go-openapi/swag	0.23.0	Unknown	Unknown
gomod/github.com/google/uuid	1.6.0	🟢 7.2	Details Check Score Reason Code-Review 🟢 9 Found 23/24 approved changesets -- score normalized to 9 Maintained ⚠️ 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST ⚠️ 1 SAST tool is not run on all commits -- score normalized to 1 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/stretchr/objx	0.5.2	🟢 5	Details Check Score Reason Code-Review 🟢 8 Found 14/17 approved changesets -- score normalized to 8 Maintained 🟢 4 4 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/stretchr/testify	1.9.0	🟢 5.7	Details Check Score Reason Code-Review 🟢 8 Found 11/13 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/go.opentelemetry.io/otel	1.24.0	🟢 7.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/go.opentelemetry.io/otel/metric	1.24.0	🟢 7.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/go.opentelemetry.io/otel/sdk	1.24.0	🟢 7.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/go.opentelemetry.io/otel/trace	1.24.0	🟢 7.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/golang.org/x/crypto	0.23.0	Unknown	Unknown
gomod/golang.org/x/exp	0.0.0-20240222234643-814bf88cf225	Unknown	Unknown
gomod/golang.org/x/mod	0.17.0	Unknown	Unknown
gomod/golang.org/x/net	0.25.0	Unknown	Unknown
gomod/golang.org/x/sync	0.7.0	Unknown	Unknown
gomod/golang.org/x/sys	0.20.0	Unknown	Unknown
gomod/golang.org/x/term	0.20.0	Unknown	Unknown
gomod/golang.org/x/text	0.15.0	Unknown	Unknown
gomod/golang.org/x/tools	0.21.0	Unknown	Unknown
gomod/github.com/docker/docker	24.0.9+incompatible	🟢 7.2	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 9 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/go-openapi/jsonpointer	0.20.0	Unknown	Unknown
gomod/github.com/go-openapi/jsonreference	0.20.2	🟢 4.6	Details Check Score Reason Code-Review 🟢 3 Found 6/19 approved changesets -- score normalized to 3 Maintained 🟢 5 7 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/go-openapi/swag	0.22.4	Unknown	Unknown
gomod/github.com/google/uuid	1.5.0	🟢 7.2	Details Check Score Reason Code-Review 🟢 9 Found 23/24 approved changesets -- score normalized to 9 Maintained ⚠️ 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST ⚠️ 1 SAST tool is not run on all commits -- score normalized to 1 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/stretchr/objx	0.5.1	🟢 5	Details Check Score Reason Code-Review 🟢 8 Found 14/17 approved changesets -- score normalized to 8 Maintained 🟢 4 4 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/stretchr/testify	1.8.4	🟢 5.7	Details Check Score Reason Code-Review 🟢 8 Found 11/13 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/go.opentelemetry.io/otel	1.22.0	🟢 7.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/go.opentelemetry.io/otel/metric	1.22.0	🟢 7.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/go.opentelemetry.io/otel/sdk	1.22.0	🟢 7.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/go.opentelemetry.io/otel/trace	1.22.0	🟢 7.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/golang.org/x/crypto	0.22.0	Unknown	Unknown
gomod/golang.org/x/exp	0.0.0-20240205201215-2c58cdc269a3	Unknown	Unknown
gomod/golang.org/x/mod	0.14.0	Unknown	Unknown
gomod/golang.org/x/net	0.24.0	Unknown	Unknown
gomod/golang.org/x/sync	0.6.0	Unknown	Unknown
gomod/golang.org/x/sys	0.19.0	Unknown	Unknown
gomod/golang.org/x/term	0.19.0	Unknown	Unknown
gomod/golang.org/x/text	0.14.0	Unknown	Unknown
gomod/golang.org/x/tools	0.17.0	Unknown	Unknown
gomod/github.com/google/uuid	1.6.0	🟢 7.2	Details Check Score Reason Code-Review 🟢 9 Found 23/24 approved changesets -- score normalized to 9 Maintained ⚠️ 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST ⚠️ 1 SAST tool is not run on all commits -- score normalized to 1 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/stretchr/objx	0.5.2	🟢 5	Details Check Score Reason Code-Review 🟢 8 Found 14/17 approved changesets -- score normalized to 8 Maintained 🟢 4 4 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/stretchr/testify	1.9.0	🟢 5.7	Details Check Score Reason Code-Review 🟢 8 Found 11/13 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/golang.org/x/crypto	0.23.0	Unknown	Unknown
gomod/golang.org/x/exp	0.0.0-20240222234643-814bf88cf225	Unknown	Unknown
gomod/golang.org/x/mod	0.17.0	Unknown	Unknown
gomod/golang.org/x/net	0.25.0	Unknown	Unknown
gomod/golang.org/x/sync	0.7.0	Unknown	Unknown
gomod/golang.org/x/sys	0.20.0	Unknown	Unknown
gomod/golang.org/x/text	0.15.0	Unknown	Unknown
gomod/golang.org/x/tools	0.21.0	Unknown	Unknown
gomod/github.com/google/uuid	1.5.0	🟢 7.2	Details Check Score Reason Code-Review 🟢 9 Found 23/24 approved changesets -- score normalized to 9 Maintained ⚠️ 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST ⚠️ 1 SAST tool is not run on all commits -- score normalized to 1 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/stretchr/objx	0.5.1	🟢 5	Details Check Score Reason Code-Review 🟢 8 Found 14/17 approved changesets -- score normalized to 8 Maintained 🟢 4 4 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/stretchr/testify	1.8.4	🟢 5.7	Details Check Score Reason Code-Review 🟢 8 Found 11/13 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/golang.org/x/crypto	0.22.0	Unknown	Unknown
gomod/golang.org/x/exp	0.0.0-20240205201215-2c58cdc269a3	Unknown	Unknown
gomod/golang.org/x/mod	0.14.0	Unknown	Unknown
gomod/golang.org/x/net	0.24.0	Unknown	Unknown
gomod/golang.org/x/sync	0.6.0	Unknown	Unknown
gomod/golang.org/x/sys	0.19.0	Unknown	Unknown
gomod/golang.org/x/text	0.14.0	Unknown	Unknown
gomod/golang.org/x/tools	0.17.0	Unknown	Unknown

Scanned Manifest Files

go.mod

• github.com/google/[email protected]
• github.com/nginx/agent/sdk/[email protected]
• github.com/stretchr/[email protected]
• github.com/stretchr/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• github.com/google/[email protected]
• github.com/nginx/agent/sdk/[email protected]
• github.com/stretchr/[email protected]
• github.com/stretchr/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]

sdk/go.mod

• github.com/google/[email protected]
• github.com/stretchr/[email protected]
• github.com/stretchr/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• github.com/google/[email protected]
• github.com/google/[email protected]
• github.com/stretchr/[email protected]
• github.com/stretchr/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]

test/integration/go.mod

• github.com/docker/[email protected]+incompatible
• github.com/go-openapi/[email protected]
• github.com/go-openapi/[email protected]
• github.com/go-openapi/[email protected]
• github.com/google/[email protected]
• github.com/stretchr/[email protected]
• github.com/stretchr/[email protected]
• go.opentelemetry.io/[email protected]
• go.opentelemetry.io/otel/[email protected]
• go.opentelemetry.io/otel/[email protected]
• go.opentelemetry.io/otel/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• github.com/docker/[email protected]+incompatible
• github.com/go-openapi/[email protected]
• github.com/go-openapi/[email protected]
• github.com/go-openapi/[email protected]
• github.com/google/[email protected]
• github.com/stretchr/[email protected]
• github.com/stretchr/[email protected]
• go.opentelemetry.io/[email protected]
• go.opentelemetry.io/otel/[email protected]
• go.opentelemetry.io/otel/[email protected]
• go.opentelemetry.io/otel/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]

test/performance/go.mod

• github.com/google/[email protected]
• github.com/stretchr/[email protected]
• github.com/stretchr/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• github.com/google/[email protected]
• github.com/stretchr/[email protected]
• github.com/stretchr/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]