govulncheck: How to disable checks for specific vulnerabilities?

[twp...@gmail.com]

Hello,

I use govulncheck to regularly scan my project for vulnerabilities. Finding a vulnerability currently triggers a build failure.

Unfortunately, someone recently reported GO-2026-4923 which affects my project but isn't a vulnerability at all. However, it's still (for now) in govulncheck's database, so my builds cannot pass until it is removed.

Is there a way to configure govulncheck to ignore specific vulnerabilities? I couldn't find any indication of how to do this in govulncheck's documentation.

My only other alternative is to disable govulncheck completely whenever govulncheck accepts an invalid invulnerability.

Many thanks for any suggestions,

Tom

[Marcello H]

I found this, perhaps this is how you can make a workaround for your issue:
.govulncheck-ignore.yaml

Or you do it like this:
# Run govulncheck in JSON mode, filter out the unwanted ID,
# and check if any other findings remain.
if [ "$(govulncheck -format json ./... | jq '[.finding | select(.osv != "GO-2026-4923")] | length')" -ne 0 ]; then
  echo "Vulnerabilities found!"
  exit 1
fi

Op woensdag 8 april 2026 om 01:04:25 UTC+2 schreef twp...@gmail.com:

[bakari jofrey]

Oky let's check out 

--
You received this message because you are subscribed to the Google Groups "golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/golang-nuts/2d2c387a-a74d-47ec-8b23-80de0edf4327n%40googlegroups.com.