Merge pull request #3265 from crazy-max/update-govulncheck

tonistiigi · web-flow · commit fba5d5e55420 · 2025-06-24T11:12:20.000-07:00
dockerfile: update govulncheck to v1.1.4
diff --git a/hack/dockerfiles/govulncheck.Dockerfile b/hack/dockerfiles/govulncheck.Dockerfile
@@ -3,7 +3,7 @@
 ARG GO_VERSION=1.24
 ARG ALPINE_VERSION=3.21
 
-ARG GOVULNCHECK_VERSION=v1.1.3
+ARG GOVULNCHECK_VERSION=v1.1.4
 ARG FORMAT="text"
 
 FROM golang:${GO_VERSION}-alpine${ALPINE_VERSION} AS base
@@ -20,12 +20,6 @@ RUN --mount=type=bind,target=. <<EOT
   set -ex
   mkdir /out
   govulncheck -format ${FORMAT} ./... | tee /out/govulncheck.out
-  if [ "${FORMAT}" = "sarif" ]; then
-    # Make sure "results" field is defined in SARIF output otherwise GitHub Code Scanning
-    # will fail when uploading report with "Invalid SARIF. Missing 'results' array in run."
-    # Relates to https://github.com/golang/vuln/blob/ffdef74cc44d7eb71931d8d414c478b966812488/internal/sarif/sarif.go#L69
-    jq '(.runs[] | select(.results == null) | .results) |= []' /out/govulncheck.out | tee >(sponge /out/govulncheck.out)
-  fi
 EOT
 
 FROM scratch AS output
