Open sbszcz opened 1 year ago
The output that the Golang Mod Analyzer shows you in the error message is the output generated by go (go list -m -json -mod=readonly -all
) and just handed to you in the output. You should ensure to start off with a proper formatted go.mod for the version of go in the image
The docker image embeds go from the golang 1.17.1-alpine image.
https://github.com/jeremylong/DependencyCheck/blob/main/Dockerfile
Ah okay ... Thank you. I didn't see that.
Sounds strange to me by the way that your sequence of events leads to a quoted version as go documentation appear to suggest that it would be unquoted.
Try running go list -m -json -all
without the readonly and see if that corrects the problem?
Hello,
I got the same issue, seems it's only broken if you use semantic versioning (X.Y.Z). If you use go 1.21
in you go.mod
file, it'll work
Also reported here: https://github.com/jeremylong/DependencyCheck/issues/6052, but it's how go works, I guess
Thanks @Tolrod22 , it worked for me :)
When you are using the semantic versioning - what happens when you run:
go list -json -m all
Hello,
I got the same issue, seems it's only broken if you use semantic versioning (X.Y.Z). If you use
go 1.21
in yougo.mod
file, it'll workAlso reported here: #6052, but it's how go works, I guess
thanks, solved my problem
so how to update go version into docker image with openjdk?
This is happening to me on a brand new 'go mod init'. It is writing my go version correctly at 1.22.4 but I have to manually remove the '.4' to avoid the error.
Describe the bug
The process yields the error complaining about the go version format.
Version of dependency-check used The problem occurs using version 8.4.0 of the docker image
Log file
Excerpt:
To Reproduce Steps to reproduce the behavior:
mkdir example && cd example
go mod init foobar
--enableExperimental
flagExpected behavior Scanning process should proceed with no error
Additional context The obvious workaround is to edit the
go.mod
file and adjust the format.