go
go copied to clipboard
golang
Security Policy violation Binary Artifacts
This issue was automatically created by Allstar.
Security Policy Violation Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Allstar has been installed on all Google managed GitHub orgs. Policies are gradually being rolled out and enforced by the GOSST and OSPO teams. Learn more at http://go/allstar
This issue will auto resolve when the policy is in compliance.
Issue created by Allstar. See https://github.com/ossf/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer.
![google-allstar-prod[bot] avatar](https://avatars.githubusercontent.com/in/260857?v=4 "Published by a pub.dev verified publisher"){kind=small}
Change https://go.dev/cl/458115 mentions this issue: repo: add ignore paths to allstar yaml file for *.syso files
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
Updating issue after ping interval. See its status below.
Project is out of compliance with Binary Artifacts policy: binaries present in source code
Rule Description Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.
Remediation Steps To remediate, remove the generated executable artifacts from the repository.
First 10 Artifacts Found
- src/crypto/internal/boring/syso/goboringcrypto_linux_amd64.syso
- src/crypto/internal/boring/syso/goboringcrypto_linux_arm64.syso
- src/runtime/race/internal/amd64v1/race_darwin.syso
- src/runtime/race/internal/amd64v1/race_freebsd.syso
- src/runtime/race/internal/amd64v1/race_linux.syso
- src/runtime/race/internal/amd64v1/race_netbsd.syso
- src/runtime/race/internal/amd64v1/race_openbsd.syso
- src/runtime/race/internal/amd64v3/race_linux.syso
- src/runtime/race/race_darwin_arm64.syso
- src/runtime/race/race_linux_arm64.syso
- Run a Scorecards scan to see full list.
Additional Information This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.
The Allstar FAQ says that we can opt out by creating a file called .allstar/binary_artifacts.yaml in our repo, but I see no reason we should be bullied by a bot that we didn't ask for and that hasn't been explained to us. This is a classic unfunded mandate, and I see little reason to cooperate blindly.
If someone from the team behind Allstar would like to reach out to me to discuss, that'd be great. Otherwise, I'm going to close this issue, and we should deduplicate future issues into this one.
Where do these blobs come from? There's no way to build Go without running them?
The race detector relies on a supporting library written in C++. The source code for that library is in the LLVM project. We want to be able to build Go on a system that does not include a C++ compiler. Therefore, we build the library ourselves for systems that support that race detector, and distribute the prebuilt library with the Go distribution.
Similarly boringcrypto relies on a support library written in C (and assembler).
You can build and use Go without those binary blobs if you don't use the race detector and don't use boringcrypto. But that is not what we want as the default behavior of the tools.
