Nancy is now wrapped up as a Docker image for execution in a pipeline or via an alias in a terminal.
Nancy is a tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index. docker-nancy wraps the nancy executable in a Docker image.
To see how Nancy will output when finding vulnerabilities, use our intentionally vulnerable repo. Check out this build on Travis-CI or this build on CircleCI.
I demonstrate how you can use docker-nancy in the video below:
Additional details can be found at GitHub. Thank you to The Lonely Island for your late night inspiration about boats...
Try Nexus Repository Free Today
Sonatype Nexus Repository is the world’s most trusted artifact repository manager. Experience the difference and download Community Edition for free.
&_biz_n=1&rnd=324861&cdn_o=a&_biz_z=1747523088195)
&rnd=298202&cdn_o=a&_biz_z=1747523088197)
&_biz_n=1&rnd=324861&cdn_o=a&_biz_z=1747523091195)
&_biz_n=1&rnd=324861&cdn_o=a&_biz_z=1747523091196)
&_biz_n=1&rnd=324861&cdn_o=a&_biz_z=1747523094196)