diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 7e44e73..eeea032 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -1,7 +1,7 @@ # See here for image contents: https://github.com/microsoft/vscode-dev-containers/tree/v0.231.6/containers/go/.devcontainer/base.Dockerfile # [Choice] Go version (use -bullseye variants on local arm64/Apple Silicon): 1, 1.16, 1.17, 1-bullseye, 1.16-bullseye, 1.17-bullseye, 1-buster, 1.16-buster, 1.17-buster -ARG VARIANT="1.21-bullseye" +ARG VARIANT="1.22-bullseye" FROM mcr.microsoft.com/vscode/devcontainers/go:${VARIANT} # [Choice] Node.js version: none, lts/*, 16, 14, 12, 10 diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 9347650..f63ffd9 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -8,10 +8,10 @@ // Update the VARIANT arg to pick a version of Go: 1, 1.18, 1.17 // Append -bullseye or -buster to pin to an OS version. // Use -bullseye variants on local arm64/Apple Silicon. - "VARIANT": "1.21-bullseye", + "VARIANT": "1.22-bullseye", // Options "NODE_VERSION": "none", - "VULNCHECK_VERSION": "v1.0.0" + "VULNCHECK_VERSION": "v1.1.0" } }, "runArgs": [ @@ -39,7 +39,7 @@ "go.formatTool": "goimports", "[go]": { "editor.codeActionsOnSave": { - "source.organizeImports": true + "source.organizeImports": "always" } }, "[go.mod]": { diff --git a/pkg/vulncheck/runner.go b/pkg/vulncheck/runner.go index 3777bb8..8c0b49b 100644 --- a/pkg/vulncheck/runner.go +++ b/pkg/vulncheck/runner.go @@ -2,6 +2,7 @@ package vulncheck import ( "encoding/json" + "fmt" "os" "os/exec" "path" @@ -55,10 +56,23 @@ func (r *CLIScanner) Scan() (*types.Report, error) { if err, ok := cmdErr.(*exec.ExitError); ok { // Only if stderr is present the CLI failed if len(err.Stderr) > 0 { + receivedError := string(err.Stderr) + + if strings.Contains(receivedError, "go:") { + receivedError = strings.Trim(receivedError[strings.Index(receivedError, "go:")+3:], " ") + } + r.log.Error(). Err(err). - Str("Stderr", string(err.Stderr)). + Str("Stderr", receivedError). Msg("govulncheck exited with none 0 code") + + // Building up a set of known "mistakes" + if strings.Contains(receivedError, "requires go >=") { + return nil, fmt.Errorf("the used go version is lower than required by your code. original error: %s", receivedError) + } + + return nil, fmt.Errorf("running govulncheck binary produced %s", receivedError) } }