pandora/woodpecker-config-server.goapp
3
0
Fork 0
Code Issues 3 Pull requests Projects Releases 13 Packages 1 Wiki Activity Actions

Vulnerability dashboard #1

New issue
Open
opened 2026-04-10 01:26:14 +00:00 by bot-ci · 0 comments
bot-ci commented 2026-04-10 01:26:14 +00:00
Owner
Copy link

This issue list updates about vulnerabilites that are detected by trivy.woodpecker plugin.

Summary

Severity Count
CRITICAL 0
HIGH 0
MEDIUM 0
LOW 0
UNKNOWN 0

Detected packages and vulnerabilites

Packages

code.thinkaboutit.tech/pandora/woodpecker-config-server.goapp:latest (debian 13.4):

Name Version
base-files 13.8+deb13u4
media-types 13.0.0
netbase 6.5
tzdata 2026a
tzdata-legacy 2026a

go.mod:

Name Version
code.thinkaboutit.tech/pandora/woodpecker-config-server.app
code.thinkaboutit.tech/pandora/woodpecker-utils.gopack v1.2.0
github.com/alecthomas/kong v1.15.0
github.com/gorilla/mux v1.8.1
github.com/oklog/ulid/v2 v2.1.1
github.com/yaronf/httpsign v0.5.1
go.woodpecker-ci.org/woodpecker/v3 v3.13.0
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.1
github.com/drone/envsubst v1.0.3
github.com/dunglas/httpsfv v1.1.0
github.com/gdgvda/cron v0.6.0
github.com/goccy/go-json v0.10.6
github.com/lestrrat-go/blackmagic v1.0.4
github.com/lestrrat-go/dsig v1.2.1
github.com/lestrrat-go/dsig-secp256k1 v1.0.0
github.com/lestrrat-go/httpcc v1.0.1
github.com/lestrrat-go/httprc v1.0.6
github.com/lestrrat-go/httprc/v3 v3.0.5
github.com/lestrrat-go/iter v1.0.2
github.com/lestrrat-go/jwx/v2 v2.1.6
github.com/lestrrat-go/jwx/v3 v3.0.13
github.com/lestrrat-go/option v1.0.1
github.com/lestrrat-go/option/v2 v2.0.0
github.com/mattn/go-colorable v0.1.14
github.com/mattn/go-isatty v0.0.21
github.com/rs/zerolog v1.35.0
github.com/segmentio/asm v1.2.1
github.com/tink-crypto/tink-go/v2 v2.6.0
github.com/urfave/cli/v3 v3.8.0
github.com/valyala/fastjson v1.6.10
golang.org/x/crypto v0.50.0
golang.org/x/sync v0.20.0
golang.org/x/sys v0.43.0

usr/local/bin/woodpecker-config-server.goapp:

Name Version
code.thinkaboutit.tech/pandora/woodpecker-config-server.app 1.3.5-SNAPSHOT-4ae5007
stdlib v1.26.2
code.thinkaboutit.tech/pandora/woodpecker-utils.gopack v1.2.0
github.com/alecthomas/kong v1.15.0
github.com/drone/envsubst v1.0.3
github.com/dunglas/httpsfv v1.1.0
github.com/gdgvda/cron v0.6.0
github.com/gorilla/mux v1.8.1
github.com/lestrrat-go/blackmagic v1.0.4
github.com/lestrrat-go/dsig v1.2.1
github.com/lestrrat-go/httpcc v1.0.1
github.com/lestrrat-go/httprc v1.0.6
github.com/lestrrat-go/httprc/v3 v3.0.5
github.com/lestrrat-go/iter v1.0.2
github.com/lestrrat-go/jwx/v2 v2.1.6
github.com/lestrrat-go/jwx/v3 v3.0.13
github.com/lestrrat-go/option v1.0.1
github.com/lestrrat-go/option/v2 v2.0.0
github.com/mattn/go-colorable v0.1.14
github.com/mattn/go-isatty v0.0.21
github.com/oklog/ulid/v2 v2.1.1
github.com/rs/zerolog v1.35.0
github.com/tink-crypto/tink-go/v2 v2.6.0
github.com/urfave/cli/v3 v3.8.0
github.com/valyala/fastjson v1.6.10
github.com/yaronf/httpsign v0.5.1
go.woodpecker-ci.org/woodpecker/v3 v3.13.0
golang.org/x/crypto v0.50.0
golang.org/x/sync v0.20.0
golang.org/x/sys v0.43.0
Vulnerabilities
This issue list updates about vulnerabilites that are detected by [trivy.woodpecker](https://code.thinkaboutit.tech/pandora/trivy.woodpecker) plugin. ## Summary | Severity | Count | | -------- | ----- | | CRITICAL | 0 | | HIGH | 0 | | MEDIUM | 0 | | LOW | 0 | | UNKNOWN | 0 | ## Detected packages and vulnerabilites <details><summary>Packages</summary> **code.thinkaboutit.tech/pandora/woodpecker-config-server.goapp:latest (debian 13.4)**: | Name | Version | | ---- | ------- | | base-files | 13.8+deb13u4 | | media-types | 13.0.0 | | netbase | 6.5 | | tzdata | 2026a | | tzdata-legacy | 2026a | **go.mod**: | Name | Version | | ---- | ------- | | code.thinkaboutit.tech/pandora/woodpecker-config-server.app | | | code.thinkaboutit.tech/pandora/woodpecker-utils.gopack | v1.2.0 | | github.com/alecthomas/kong | v1.15.0 | | github.com/gorilla/mux | v1.8.1 | | github.com/oklog/ulid/v2 | v2.1.1 | | github.com/yaronf/httpsign | v0.5.1 | | go.woodpecker-ci.org/woodpecker/v3 | v3.13.0 | | github.com/decred/dcrd/dcrec/secp256k1/v4 | v4.4.1 | | github.com/drone/envsubst | v1.0.3 | | github.com/dunglas/httpsfv | v1.1.0 | | github.com/gdgvda/cron | v0.6.0 | | github.com/goccy/go-json | v0.10.6 | | github.com/lestrrat-go/blackmagic | v1.0.4 | | github.com/lestrrat-go/dsig | v1.2.1 | | github.com/lestrrat-go/dsig-secp256k1 | v1.0.0 | | github.com/lestrrat-go/httpcc | v1.0.1 | | github.com/lestrrat-go/httprc | v1.0.6 | | github.com/lestrrat-go/httprc/v3 | v3.0.5 | | github.com/lestrrat-go/iter | v1.0.2 | | github.com/lestrrat-go/jwx/v2 | v2.1.6 | | github.com/lestrrat-go/jwx/v3 | v3.0.13 | | github.com/lestrrat-go/option | v1.0.1 | | github.com/lestrrat-go/option/v2 | v2.0.0 | | github.com/mattn/go-colorable | v0.1.14 | | github.com/mattn/go-isatty | v0.0.21 | | github.com/rs/zerolog | v1.35.0 | | github.com/segmentio/asm | v1.2.1 | | github.com/tink-crypto/tink-go/v2 | v2.6.0 | | github.com/urfave/cli/v3 | v3.8.0 | | github.com/valyala/fastjson | v1.6.10 | | golang.org/x/crypto | v0.50.0 | | golang.org/x/sync | v0.20.0 | | golang.org/x/sys | v0.43.0 | **usr/local/bin/woodpecker-config-server.goapp**: | Name | Version | | ---- | ------- | | code.thinkaboutit.tech/pandora/woodpecker-config-server.app | 1.3.5-SNAPSHOT-4ae5007 | | stdlib | v1.26.2 | | code.thinkaboutit.tech/pandora/woodpecker-utils.gopack | v1.2.0 | | github.com/alecthomas/kong | v1.15.0 | | github.com/drone/envsubst | v1.0.3 | | github.com/dunglas/httpsfv | v1.1.0 | | github.com/gdgvda/cron | v0.6.0 | | github.com/gorilla/mux | v1.8.1 | | github.com/lestrrat-go/blackmagic | v1.0.4 | | github.com/lestrrat-go/dsig | v1.2.1 | | github.com/lestrrat-go/httpcc | v1.0.1 | | github.com/lestrrat-go/httprc | v1.0.6 | | github.com/lestrrat-go/httprc/v3 | v3.0.5 | | github.com/lestrrat-go/iter | v1.0.2 | | github.com/lestrrat-go/jwx/v2 | v2.1.6 | | github.com/lestrrat-go/jwx/v3 | v3.0.13 | | github.com/lestrrat-go/option | v1.0.1 | | github.com/lestrrat-go/option/v2 | v2.0.0 | | github.com/mattn/go-colorable | v0.1.14 | | github.com/mattn/go-isatty | v0.0.21 | | github.com/oklog/ulid/v2 | v2.1.1 | | github.com/rs/zerolog | v1.35.0 | | github.com/tink-crypto/tink-go/v2 | v2.6.0 | | github.com/urfave/cli/v3 | v3.8.0 | | github.com/valyala/fastjson | v1.6.10 | | github.com/yaronf/httpsign | v0.5.1 | | go.woodpecker-ci.org/woodpecker/v3 | v3.13.0 | | golang.org/x/crypto | v0.50.0 | | golang.org/x/sync | v0.20.0 | | golang.org/x/sys | v0.43.0 | </details> <details><summary>Vulnerabilities</summary> </details>
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
1.3.6
1.3.5
1.3.4
1.3.3
1.3.2
1.3.1
1.3.0
1.2.1
1.2.0
1.1.2
1.1.1
1.1.0
1.0.0
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
pandora/woodpecker-config-server.goapp#1
No description provided.