diff --git a/.trivyignore b/.trivyignore index f8e6bc1d..87b50db3 100644 --- a/.trivyignore +++ b/.trivyignore @@ -2,6 +2,13 @@ # Format: [expiry-date] [comment] # See: https://aquasecurity.github.io/trivy/latest/docs/configuration/filtering/#trivyignore +# CVE-2026-32285 — github.com/buger/jsonparser v1.1.1 +# Severity: HIGH/MEDIUM | No fixed version available (latest is v1.1.1, released 2021-01-08) +# Transitive dependency: mark3labs/mcp-go → invopop/jsonschema → wk8/go-ordered-map → buger/jsonparser +# Not called directly by any GoSQLX code. Risk is scoped to MCP JSON schema generation. +# Re-evaluate when buger/jsonparser releases a patched version or when mcp-go updates its dependency. +CVE-2026-32285 + # GHSA-6g7g-w4f8-9c9x — buger/jsonparser v1.1.1 # Severity: MEDIUM | No fixed version available (latest is v1.1.1, released 2021-01-08) # Transitive dependency: mark3labs/mcp-go → invopop/jsonschema → wk8/go-ordered-map → buger/jsonparser diff --git a/README.md b/README.md index d16f4ae3..be764ecf 100644 --- a/README.md +++ b/README.md @@ -184,6 +184,18 @@ task check # fmt → vet → lint → test (with race detection)
+## Who's Using GoSQLX? + +GoSQLX is downloaded and cloned by developers worldwide -- 595 unique cloners in just 14 days. If you're using GoSQLX in your project or organization, we'd love to hear about it! + +| Project / Company | Use Case | +|---|---| +| *Your project here* | [Add yourself via PR](https://github.com/ajitpratap0/GoSQLX/edit/main/README.md) or [tell us in Discussions](https://github.com/ajitpratap0/GoSQLX/discussions) | + +Using GoSQLX at work? Building something cool with it? Share your story in [GitHub Discussions](https://github.com/ajitpratap0/GoSQLX/discussions) -- it helps the community grow and motivates continued development. + +
+ ## Community