As per blackduck scan, gomega@v1.10.1 found in ginkgo

onsi / ginkgo

A Modern Testing Framework for Go

http://onsi.github.io/ginkgo/

MIT License

8.38k stars 660 forks source link

As per blackduck scan, gomega@v1.10.1 found in ginkgo #1128

Open kiranSalunkhe29 opened 1 year ago

kiranSalunkhe29 commented 1 year ago

gomega violates policy rule of Version/Branch EOL.

Severity:Major Risk Category: Operational Scan Modes:Full

Description Version or branch requested is EOL. Please update to a supported version.

blgm commented 1 year ago

Hi @kiranSalunkhe29. I'm not familiar with blackduck, but I can't find any references to gomega@v1.10.1 in the latest Ginkgo (v2). I wonder if the issue is that blackduck is consuming Ginkgo v1, which would have consumed gomega@v1.10.1?

thediveo commented 1 year ago

I would rather suspect the Black Duck scanner to have yet another Go modules problem. The go.sum is clean. @kiranSalunkhe29 can you please provide more details or clarification what you were doing with Black Duck?