Integrate govulncheck with Vulnetix. The official Go tool for finding known vulnerabilities in dependencies, with native SARIF output.
GoCLI toolSARIF
Install & scan
$ go install golang.org/x/vuln/cmd/govulncheck@latest $ govulncheck -format sarif ./... > govulncheck.sarif
Run govulncheck in CI
Scan on every push and upload the results to Vulnetix:
- name: Install govulncheck run: go install golang.org/x/vuln/cmd/govulncheck@latest - name: Run govulncheck run: govulncheck -format sarif ./... > govulncheck.sarif - name: Upload to Vulnetix run: vulnetix upload --file govulncheck.sarif
Centralise govulncheck results in Vulnetix
Upload govulncheck SARIF output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.