remove nancy (#2)

Author: SVilgelm

.github/Brewfile

@@ -1,15 +1,12 @@
 tap "golangci/tap"
 tap "kyoh86/tap"
-tap "sonatype-nexus-community/nancy-tap"
 tap "sv-tools/apps"
 tap "goreleaser/tap"
 
 # Fast linters runner for Go.
 brew "golangci/tap/golangci-lint"
 # Rich-Go will enrich `go test` outputs with text decorations
 brew "kyoh86/tap/richgo"
-# A tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index
-brew "sonatype-nexus-community/nancy-tap/nancy"
 # bumptag is a tool to increment a version and to create a git tag with an annotation.
 brew "sv-tools/apps/bumptag"
 # Deliver Go binaries as fast and easily as possible

.github/workflows/checks.yaml

@@ -15,14 +15,15 @@ env:
 
 jobs:
   CodeQL:
-    # CodeQL runs on ubuntu-latest, windows-latest, and macos-latest
     runs-on: ubuntu-latest
 
+    permissions:
+      security-events: write
+
     steps:
       - name: Checkout repository
         uses: actions/checkout@v2
 
-      # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
         uses: github/codeql-action/init@v1
         with:
@@ -69,21 +70,3 @@ jobs:
           version: latest
           skip-build-cache: true
           skip-go-installation: true
-
-  Nancy:
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v2
-
-      - name: Install Go
-        uses: actions/setup-go@v2
-        with:
-          go-version: ${{ env.GO }}
-
-      - name: Prepare go list
-        run: go list -json -m all > go.list
-
-      - name: Run Nancy
-        uses: sonatype-nexus-community/[email protected]

.golangci.yml

@@ -16,7 +16,6 @@ linters:
     - gocyclo
     - goerr113
     - gofumpt
-    - golint
     - goprintffuncname
     - gosec
     - ifshort

.nancy-ignore

@@ -7,7 +7,7 @@ ifeq ($(shell uname), Darwin)
 all: brew-install
 endif
 
-all: tidy lint nancy test done
+all: tidy lint test done
 
 done:
 	@echo "$(OK_COLOR)==> Done.$(NO_COLOR)"
@@ -26,10 +26,6 @@ run-benchmark:
 
 test: run-test run-benchmark
 
-nancy:
-	@echo "$(OK_COLOR)==> Checking Vulnerability via nancy...$(NO_COLOR)"
-	@go list -json -m all | nancy sleuth --quiet
-
 lint:
 	@echo "$(OK_COLOR)==> Linting via golangci-lint...$(NO_COLOR)"
 	@golangci-lint run --fix ./...

Makefile

@@ -5,7 +5,7 @@ go 1.17
 require (
 	github.com/spf13/pflag v1.0.5
 	github.com/stretchr/testify v1.7.0
-	github.com/sv-tools/conf v1.2.0
+	github.com/sv-tools/conf v1.2.1
 )
 
 require (

go.mod

@@ -11,8 +11,8 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/sv-tools/conf v1.2.0 h1:wnY7DVMopQxY8tI8dEYI9KV24f+32iPvAcmOZtHmMdQ=
-github.com/sv-tools/conf v1.2.0/go.mod h1:JXH0HRFlTwyvLPr0IbD3CNHdp9oiQujuj+iIuYdRkmQ=
+github.com/sv-tools/conf v1.2.1 h1:vxUFIU1TA5XFukIidPS2PH3bS8wq1O73+uZ7xEIInCE=
+github.com/sv-tools/conf v1.2.1/go.mod h1:OaofESH1b31AhuR6oHHSoAt6pdcBouIELgwVPoQx6kc=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=