Security
Security Report
Section titled “Security Report”Auto-generated by CI security pipeline. Do not edit manually.
Last updated: 2026-02-26 05:40 UTC
Dependency Vulnerabilities (Snyk)
Section titled “Dependency Vulnerabilities (Snyk)”Status: unknown vulnerabilities found
Dependency & Filesystem Scan (Trivy)
Section titled “Dependency & Filesystem Scan (Trivy)”Status: 5 findings detected
Results uploaded to GitHub Security tab
Go Vulnerability Database (govulncheck)
Section titled “Go Vulnerability Database (govulncheck)”Status: No vulnerabilities found
Scanned using the Go team’s official vulnerability scanner with symbol-level reachability analysis.
Static Security Analysis (gosec)
Section titled “Static Security Analysis (gosec)”Status: No findings
SARIF results uploaded to GitHub Security tab
Secret Detection (Gitleaks)
Section titled “Secret Detection (Gitleaks)”Status: No secrets detected
License Compliance (go-licenses)
Section titled “License Compliance (go-licenses)”Status: 42 license violations found
Allowed licenses: MIT, Apache-2.0, BSD-2-Clause, BSD-3-Clause, ISC, MPL-2.0
Static Analysis (CodeQL)
Section titled “Static Analysis (CodeQL)”CodeQL runs in a separate workflow. Results are available in the GitHub Security tab.
Reporting Vulnerabilities
Section titled “Reporting Vulnerabilities”If you discover a security vulnerability, please report it responsibly by emailing security@lookatitude.com. Do not open public issues for security vulnerabilities.