Problem
See the project design doc.
Solution & Acceptance Criteria
- Add a minimal precious config to do linting.
- Add gosec as a linter to the precious config.
- Address any issues it finds
- Update our Evergreen config to run gosec as part of the release. If it reports any high or critical vulnerabilities this should cause the release to abort.
- is depended on by
-
TOOLS-3536 Update release workflow to fail is gosec finds any high or critical vulnerabilities
- Closed
-
TOOLS-3537 Create the SSDLC report template
- Closed
-
TOOLS-3538 Update our release documentation with new SSDLC-related stuff
- Closed
- is duplicated by
-
TOOLS-3536 Update release workflow to fail is gosec finds any high or critical vulnerabilities
- Closed
- links to