๐ต๏ธโโ๏ธ go_over
A tool to check for Erlang & Elixir dependency advisories as well as retired hex packages, to make sure your gleam projects really sparkle! โจ
๐จ NOTE: security advisories are NOT currently monitored for gleam dependencies. The language, while excellent, is far too new and niche
Install
gleam add --dev go_over
๐ฃ Also!
- add
.go-over/
to your.gitignore
- make sure
git
is installed
Usage
gleam run -m go_over
๐ฅ Obligatory Asciinema
๐ด Flags
--skip
: will skip checking the cache and used the stored data no matter what--force
: will force pulling new data even if the cached data is still valid
Caching
- Security advisory data is cached for six hours
- hex.pm retired package data is cached for one hour
๐๏ธ Other Art
- As Iโm sure is no surprise this tool is inspired by (and all around worse than) mirego/mix_audit. Please check it out!
- It also draws inspiration from mix hex.audit
License
This tool uses mirego/elixir-security-advisories which is it self licensed with BSD-3-Clause license
and CC-BY 4.0 open source license
. See their #license section
Code original to this repo is Licensed under MIT