search

synacktiv / octoscan

Octoscan is a static vulnerability scanner for GitHub action workflows.
GNU General Public License v3.0
175 stars 11 forks source link

Unable to get octoscan as a library #2

Closed bboilot-ledger closed 5 months ago

bboilot-ledger commented 5 months ago

How to reproduce?

Run go get github.com/synacktiv/octoscan

Expected behavior

Octoscan module should be downloaded and installed for the current project so it can be called from go code.

Current behavior

I have the following output:

go: github.com/synacktiv/octoscan@upgrade (v0.0.0-20240610220220-9a0a3b526ed0) requires github.com/synacktiv/octoscan@v0.0.0-20240610220220-9a0a3b526ed0: parsing go.mod:
        module declares its path as: octoscan
                but was required as: github.com/synacktiv/octoscan

Possible fix

I think that this is due to go.mod where the module is defined as module github.com. It should be something like github.com/synacktiv/octoscan (module name without a dot are usually reserved for standard libraries).

hugo-syn commented 5 months ago

I think i've fixed this issue with commit e8a38e649c140c7b92a3e34823135ea1546a8048, tell me if it's good for you ?

bboilot-ledger commented 5 months ago

Yes, this is now working for me, thanks! :smiley: