How do I use it?
nancy is a tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index.
nancy , assuming you have a built version of it:
nancy currently works for projects that use
go mod for dependencies.
You can see an example of using
nancy in Travis-CI at this intentionally vulnerable repo we made.
Where do I get this?
Who can I contact about it?