Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:ojkastl_buildservice:Branch_security
osv-scanner
osv-scanner.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File osv-scanner.spec of Package osv-scanner
# # spec file for package osv-scanner # # Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # %define __arch_install_post export NO_BRP_STRIP_DEBUG=true Name: osv-scanner Version: 1.9.1 Release: 0 Summary: Vulnerability scanner written in Go License: Apache-2.0 URL: https://github.com/google/osv-scanner Source: osv-scanner-%{version}.tar.gz Source1: vendor.tar.gz BuildRequires: go1.22 %description Use OSV-Scanner to find existing vulnerabilities affecting your project's dependencies. OSV-Scanner provides an officially supported frontend to the OSV database that connects a project’s list of dependencies with the vulnerabilities that affect them. Since the OSV.dev database is open source and distributed, it has several benefits in comparison with closed source advisory databases and scanners: - Each advisory comes from an open and authoritative source (e.g. the RustSec Advisory Database) - Anyone can suggest improvements to advisories, resulting in a very high quality database - The OSV format unambiguously stores information about affected versions in a machine-readable format that precisely maps onto a developer’s list of packages The above all results in fewer, more actionable vulnerability notifications, which reduces the time needed to resolve them. %prep %autosetup -p 1 -a 1 %build DATE_FMT="+%%Y-%%m-%%dT%%H:%%M:%%SZ" BUILD_DATE=$(date -u -d "@${SOURCE_DATE_EPOCH}" "${DATE_FMT}" 2>/dev/null || date -u -r "${SOURCE_DATE_EPOCH}" "${DATE_FMT}" 2>/dev/null || date -u "${DATE_FMT}") go build \ -mod=vendor \ -buildmode=pie \ -ldflags="-X main.version=%{version} -X main.date=$BUILD_DATE -X main.commit=v%{version}" \ -o bin/osv-scanner ./cmd/osv-scanner %install # Install the binary. install -D -m 0755 bin/%{name} "%{buildroot}/%{_bindir}/%{name}" %files %doc README.md %license LICENSE %{_bindir}/%{name} %changelog
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
