Nancy, on a Boat! (Announcing Nancy for Docker)
By DJ Schleen
2 minute read time
Nancy is now wrapped up as a Docker image for execution in a pipeline or via an alias in a terminal.
Nancy is a tool to check for vulnerabilities in your Golang dependencies , powered by Sonatype OSS Index . docker-nancy wraps the nancy executable in a Docker image.To see how Nancy will output when finding vulnerabilities, use our intentionally vulnerable repo. Check out this build on Travis-CI or this build on CircleCI.
I demonstrate how you can use docker-nancy in the video below:
Additional details can be found at GitHub. Thank you to The Lonely Island for your late night inspiration about boats...