commit | 1f025e96a5931cf05920137da4e30cb884acfecf | [log] [tgz] |
---|---|---|
author | Jonathan Amsterdam <jba@google.com> | Thu Mar 10 12:35:08 2022 -0500 |
committer | Jonathan Amsterdam <jba@google.com> | Mon Mar 14 20:22:51 2022 +0000 |
tree | 55b00ec4b89964e5a0add63fa0d918523b4a16cc | |
parent | 20fd27f61765bc7b0692095eb711da361e0d655c [diff] |
cmd/govulncheck: show entry symbols Show the symbols at the top of the call chains, rather than the vulnerable symbols. These are the functions in the module that govulncheck is running on. Also, group Vulns by ID and package. vulncheck will return a Vuln for each OSV Entry ID, package, and symbol. Change-Id: I9bd3d7ef710ce016e8f93da26bdf97919e1441a0 Reviewed-on: https://go-review.googlesource.com/c/exp/+/391520 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com>
This subrepository holds experimental and deprecated (in the old
directory) packages.
The idea for this subrepository originated as the pkg/exp
directory of the main repository, but its presence there made it unavailable to users of the binary downloads of the Go installation. The subrepository has therefore been created to make it possible to go get
these packages.
Warning: Packages here are experimental and unreliable. Some may one day be promoted to the main repository or other subrepository, or they may be modified arbitrarily or even disappear altogether.
In short, code in this subrepository is not subject to the Go 1 compatibility promise. (No subrepo is, but the promise is even more likely to be violated by go.exp than the others.)
Caveat emptor.