Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Disable govulncheck due to false positive
govulcheck detected a case where `--jq` user input directly constructs a regexp in gojq code, which govulncheck considers a failure since it can lead to denial-of-service attacks. This risk doesn't not affect us, however, since we're building CLI apps and not hosted apps. As a user, you can crash your own `gh` process using your own malicious input as much as you'd like. govulncheck presently does not have a way of silencing or allow-listing specific violations, so this disables govulncheck completely.
- Loading branch information