Closed jarno-rootz closed 7 months ago
https://github.com/jeremylong/DependencyCheck/pull/6233 would probably fix this.
6233 would probably fix this.
Thanks, that did fixed mine issue. Bumped FROM golang:1.20.7-alpine3.18
to FROM golang:1.21.8-alpine3.19
I get this error when I want to install gowhitness on linux parrot help go: github.com/sensepost/gowitness@latest (in github.com/sensepost/gowitness@v0.0.0-20240410033601-6b10eaeba7a6): go.mod:5: unknown directive: toolchain
Describe the bug When running the owasp/dependency-check as a docker image, if go.mod file contains
toolchain
directive, dependency-check fails with messages likeThis is because the go version used in the image is golang:1.17.1-alpine. The toolchain directive has appeared in go 1.21.
Version of dependency-check used The problem occurs using version owasp/dependency-check:9.0.3 docker image.
Log file https://gist.github.com/jarno-rootz/53e6709a9e23424b666b13c7820b54c9
To Reproduce
$ cat go.mod module example.com/toolchain
go 1.21
toolchain go1.21.1 $ docker run --rm --volume $(pwd):/src:z owasp/dependency-check --project toolchain --scan . --enableExperimental
Expected behavior Dependency-check should finish the analyzis without errors even when there is a
toolchain
directive in go.mod file.Additional context Workaround is to remove the
toolchain
directive from go.mod file.