diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ed4cac0e93..2e4ac9ad31 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -23,7 +23,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: technote-space/get-diff-action@v6.1.1 id: git_diff with: diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 7413e12371..1618512f3c 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -25,7 +25,7 @@ jobs: uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL uses: github/codeql-action/init@v2 diff --git a/.github/workflows/cosmovisor-release.yml b/.github/workflows/cosmovisor-release.yml index 11ce78cf48..3a0fe6f15c 100644 --- a/.github/workflows/cosmovisor-release.yml +++ b/.github/workflows/cosmovisor-release.yml @@ -18,7 +18,7 @@ jobs: fetch-depth: 0 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 # get 'v*.*.*' part from 'cosmovisor/v*.*.*' and save to $GITHUB_ENV - name: Set env run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/cosmovisor/}" >> $GITHUB_ENV diff --git a/.github/workflows/dependabot-update-all.yml b/.github/workflows/dependabot-update-all.yml index 8ca5f066c5..4ff5288836 100644 --- a/.github/workflows/dependabot-update-all.yml +++ b/.github/workflows/dependabot-update-all.yml @@ -17,7 +17,7 @@ jobs: token: ${{ secrets.PRBOT_PAT }} - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - name: Extract updated dependency id: deps run: | diff --git a/.github/workflows/dependencies-review.yml b/.github/workflows/dependencies-review.yml index b0c6c9cadd..ed6af07ad9 100644 --- a/.github/workflows/dependencies-review.yml +++ b/.github/workflows/dependencies-review.yml @@ -10,10 +10,12 @@ jobs: steps: - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - name: "Checkout Repository" uses: actions/checkout@v3 - name: "Dependency Review" uses: actions/dependency-review-action@v3 - name: "Dependency audit" run: ./scripts/dep-assert.sh + - name: "Go vulnerability check" + run: make vulncheck diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index c095f952ff..96ad34a31e 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -17,7 +17,7 @@ jobs: - uses: actions/setup-go@v3 with: # ci is set to go1.19 to match developer setups - go-version: 1.19.2 + go-version: 1.19.3 - uses: actions/checkout@v3 - name: golangci-lint uses: golangci/golangci-lint-action@v3 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index edbc77faea..8f470580eb 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -20,7 +20,7 @@ jobs: - name: Install Go uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - name: Unshallow run: git fetch --prune --unshallow - name: Create release diff --git a/.github/workflows/sims-045.yml b/.github/workflows/sims-045.yml index 602c1ea265..c5c433bc5f 100644 --- a/.github/workflows/sims-045.yml +++ b/.github/workflows/sims-045.yml @@ -21,7 +21,7 @@ jobs: ref: "release/v0.45.x" - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - run: make build install-runsim: @@ -32,7 +32,7 @@ jobs: steps: - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - name: Install runsim run: go install github.com/cosmos/tools/cmd/runsim@v1.0.0 - uses: actions/cache@v3 @@ -49,7 +49,7 @@ jobs: ref: "release/v0.45.x" - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: actions/cache@v3 with: path: ~/go/bin @@ -67,7 +67,7 @@ jobs: ref: "release/v0.45.x" - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: actions/cache@v3 with: path: ~/go/bin @@ -86,7 +86,7 @@ jobs: ref: "release/v0.45.x" - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: actions/cache@v3 with: path: ~/go/bin diff --git a/.github/workflows/sims-046.yml b/.github/workflows/sims-046.yml index 3ec3a88943..dbaa316e5f 100644 --- a/.github/workflows/sims-046.yml +++ b/.github/workflows/sims-046.yml @@ -21,7 +21,7 @@ jobs: ref: "release/v0.46.x" - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - run: make build install-runsim: @@ -32,7 +32,7 @@ jobs: steps: - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - name: Install runsim run: go install github.com/cosmos/tools/cmd/runsim@v1.0.0 - uses: actions/cache@v3 @@ -50,7 +50,7 @@ jobs: ref: "release/v0.46.x" - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: actions/cache@v3 with: path: ~/go/bin @@ -68,7 +68,7 @@ jobs: ref: "release/v0.46.x" - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: actions/cache@v3 with: path: ~/go/bin @@ -86,7 +86,7 @@ jobs: ref: "release/v0.46.x" - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: actions/cache@v3 with: path: ~/go/bin diff --git a/.github/workflows/sims-047.yml b/.github/workflows/sims-047.yml index ee3ff167ae..082a32ca51 100644 --- a/.github/workflows/sims-047.yml +++ b/.github/workflows/sims-047.yml @@ -21,7 +21,7 @@ jobs: ref: "release/v0.47.x" - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - run: make build install-runsim: @@ -32,7 +32,7 @@ jobs: steps: - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - name: Install runsim run: go install github.com/cosmos/tools/cmd/runsim@v1.0.0 - uses: actions/cache@v3 @@ -50,7 +50,7 @@ jobs: ref: "release/v0.47.x" - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: actions/cache@v3 with: path: ~/go/bin @@ -68,7 +68,7 @@ jobs: ref: "release/v0.47.x" - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: actions/cache@v3 with: path: ~/go/bin @@ -86,7 +86,7 @@ jobs: ref: "release/v0.47.x" - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: actions/cache@v3 with: path: ~/go/bin diff --git a/.github/workflows/sims-nightly.yml b/.github/workflows/sims-nightly.yml index a2cf6530e8..cc065b1b16 100644 --- a/.github/workflows/sims-nightly.yml +++ b/.github/workflows/sims-nightly.yml @@ -22,7 +22,7 @@ jobs: steps: - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - name: Install runsim run: go install github.com/cosmos/tools/cmd/runsim@v1.0.0 - uses: actions/cache@v3 @@ -36,7 +36,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: actions/cache@v3 with: path: ~/go/bin diff --git a/.github/workflows/sims.yml b/.github/workflows/sims.yml index 36e581c0d8..d9f0662123 100644 --- a/.github/workflows/sims.yml +++ b/.github/workflows/sims.yml @@ -21,7 +21,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - run: make build - name: Install runsim run: go install github.com/cosmos/tools/cmd/runsim@v1.0.0 @@ -38,7 +38,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: actions/cache@v3 with: path: ~/go/bin @@ -54,7 +54,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: actions/cache@v3 with: path: ~/go/bin @@ -71,7 +71,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: actions/cache@v3 with: path: ~/go/bin diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 38e3e2ef7d..5cdf702f20 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -19,7 +19,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - name: Create a file with all core Cosmos SDK pkgs run: go list ./... > pkgs.txt - name: Split pkgs into 4 files @@ -52,7 +52,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: technote-space/get-diff-action@v6.1.1 id: git_diff with: @@ -86,7 +86,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: technote-space/get-diff-action@v6.1.1 id: git_diff with: @@ -110,7 +110,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: technote-space/get-diff-action@v6.1.1 id: git_diff with: @@ -138,7 +138,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: technote-space/get-diff-action@v6.1.1 id: git_diff with: @@ -215,7 +215,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: technote-space/get-diff-action@v6.1.1 id: git_diff with: @@ -242,7 +242,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: technote-space/get-diff-action@v6.1.1 id: git_diff with: @@ -274,7 +274,7 @@ jobs: fetch-depth: 0 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: technote-space/get-diff-action@v6.1.1 id: git_diff with: @@ -304,7 +304,7 @@ jobs: fetch-depth: 0 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: technote-space/get-diff-action@v6.1.1 id: git_diff with: @@ -334,7 +334,7 @@ jobs: fetch-depth: 0 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: technote-space/get-diff-action@v6.1.1 id: git_diff with: @@ -360,7 +360,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: technote-space/get-diff-action@v6.1.1 id: git_diff with: @@ -390,7 +390,7 @@ jobs: fetch-depth: 0 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: technote-space/get-diff-action@v6.1.1 id: git_diff with: @@ -418,7 +418,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: technote-space/get-diff-action@v6.1.1 id: git_diff with: @@ -451,7 +451,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: technote-space/get-diff-action@v6.1.1 id: git_diff with: @@ -482,7 +482,7 @@ jobs: fetch-depth: 0 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: technote-space/get-diff-action@v6.1.1 id: git_diff with: @@ -513,7 +513,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: 1.19.2 + go-version: 1.19.3 - uses: technote-space/get-diff-action@v6.1.1 id: git_diff with: diff --git a/Makefile b/Makefile index e3fa6b4226..bb7a0fbf67 100644 --- a/Makefile +++ b/Makefile @@ -109,7 +109,7 @@ ifeq (debug,$(findstring debug,$(COSMOS_BUILD_OPTIONS))) BUILD_FLAGS += -gcflags "all=-N -l" endif -all: tools build lint test +all: tools build lint test vulncheck # The below include contains the tools and runsim targets. include contrib/devtools/Makefile @@ -145,6 +145,11 @@ mocks: $(MOCKS_DIR) sh ./scripts/mockgen.sh .PHONY: mocks + +vulncheck: $(BUILDDIR)/ + GOBIN=$(BUILDDIR) go install golang.org/x/vuln/cmd/govulncheck@latest + $(BUILDDIR)/govulncheck ./... + $(MOCKS_DIR): mkdir -p $(MOCKS_DIR)