vulndb/govulncheck: incorporate recent vuln db changes
In particular, the changes involve exposing database client interface
and bug fixes.
Change-Id: I0fc66f0cc3d4bd1830227b33e07239d279bb9e16
Reviewed-on: https://go-review.googlesource.com/c/exp/+/350155
Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Tim King <taking@google.com>
Trust: Zvonimir Pavlinovic <zpavlinovic@google.com>
diff --git a/vulndb/go.mod b/vulndb/go.mod
index d24ebf9..61eefb2 100644
--- a/vulndb/go.mod
+++ b/vulndb/go.mod
@@ -4,7 +4,7 @@
require (
golang.org/x/tools v0.0.0-20210910171127-a568412ca0e6
- golang.org/x/vulndb v0.0.0-20210903204307-a74bfd4ac7eb
+ golang.org/x/vulndb v0.0.0-20210915213402-5966fd2d3f26
)
require (
diff --git a/vulndb/go.sum b/vulndb/go.sum
index ca67066..53c78e2 100644
--- a/vulndb/go.sum
+++ b/vulndb/go.sum
@@ -26,8 +26,8 @@
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20210910171127-a568412ca0e6 h1:O8E8PvYQ1HtZae5hPC9lyLiVuGlqL50yMQW7Y6oRaXQ=
golang.org/x/tools v0.0.0-20210910171127-a568412ca0e6/go.mod h1:YD9qOF0M9xpSpdWTBbzEl5e/RnCefISl8E5Noe10jFM=
-golang.org/x/vulndb v0.0.0-20210903204307-a74bfd4ac7eb h1:TfKhb4m4Pq73s62wVmqPze7qSN3JtdRYTzNQJm4c5nk=
-golang.org/x/vulndb v0.0.0-20210903204307-a74bfd4ac7eb/go.mod h1:xh7j0yEDggyETQM2RIfHFmzOcnAwzHg8j8heomkN1Dc=
+golang.org/x/vulndb v0.0.0-20210915213402-5966fd2d3f26 h1:GFqQWkhtSzsGH0xqWjNfK4iOz1rKmQwv/NQY/N9i12o=
+golang.org/x/vulndb v0.0.0-20210915213402-5966fd2d3f26/go.mod h1:xh7j0yEDggyETQM2RIfHFmzOcnAwzHg8j8heomkN1Dc=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
diff --git a/vulndb/govulncheck/main.go b/vulndb/govulncheck/main.go
index a50e426..9067ded 100644
--- a/vulndb/govulncheck/main.go
+++ b/vulndb/govulncheck/main.go
@@ -193,7 +193,7 @@
return !s.IsDir()
}
-func run(cfg *packages.Config, patterns []string, importsOnly bool, dbClient *client.Client) (*audit.Results, error) {
+func run(cfg *packages.Config, patterns []string, importsOnly bool, dbClient client.Client) (*audit.Results, error) {
if len(patterns) == 1 && isFile(patterns[0]) {
modules, symbols, err := binscan.ExtractPackagesAndSymbols(patterns[0])
if err != nil {
diff --git a/vulndb/internal/audit/vulnerability.go b/vulndb/internal/audit/vulnerability.go
index 79f17d9..600b193 100644
--- a/vulndb/internal/audit/vulnerability.go
+++ b/vulndb/internal/audit/vulnerability.go
@@ -6,15 +6,11 @@
import (
"golang.org/x/tools/go/packages"
- "golang.org/x/vulndb/osv"
+ "golang.org/x/vulndb/client"
)
-type dbClient interface {
- Get(string) ([]*osv.Entry, error)
-}
-
// FetchVulnerabilities fetches vulnerabilities that affect the supplied modules.
-func FetchVulnerabilities(client dbClient, modules []*packages.Module) (ModuleVulnerabilities, error) {
+func FetchVulnerabilities(client client.Client, modules []*packages.Module) (ModuleVulnerabilities, error) {
mv := ModuleVulnerabilities{}
for _, mod := range modules {
modPath := mod.Path
