Google Git
Sign in
go / exp / a912b25520d484533efb317603a6029116ccc439
commita912b25520d484533efb317603a6029116ccc439[log] [tgz]
authorZvonimir Pavlinovic <zpavlinovic@google.com>Mon Aug 02 17:56:08 2021 -0700
committerZvonimir Pavlinovic <zpavlinovic@google.com>Mon Aug 30 19:46:20 2021 +0000
tree53e2fd9d78ffccc629fd7f1cd860bef831613c78
parentb6ec30af783f20c3ef2cebeb7c60ec0682b48326 [diff]
vulndb/internal/audit: push back potential FPs in ordering of findings

The majority of experiments suggest that false positive (FP) findings
involve call stacks that go through standard libraries. This CL adjusts
ordering of findings to deprioritize such findings when presented to
users.

Change-Id: I9e4c3bae2befa8c7fb4eb48662f74032cc7850b5
Reviewed-on: https://go-review.googlesource.com/c/exp/+/339330
Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Trust: Zvonimir Pavlinovic <zpavlinovic@google.com>
Reviewed-by: Tim King <taking@google.com>
4 files changed
tree: 53e2fd9d78ffccc629fd7f1cd860bef831613c78
  1. apidiff/
  2. cmd/
  3. ebnf/
  4. ebnflint/
  5. errors/
  6. event/
  7. fsnotify/
  8. inotify/
  9. internal/
  10. io/
  11. jsonrpc2/
  12. mmap/
  13. rand/
  14. shiny/
  15. shootout/
  16. sumdb/
  17. utf8string/
  18. vulndb/
  19. winfsnotify/
  20. .gitattributes
  21. .gitignore
  22. AUTHORS
  23. codereview.cfg
  24. CONTRIBUTING.md
  25. CONTRIBUTORS
  26. go.mod
  27. go.sum
  28. LICENSE
  29. PATENTS
  30. README.md
README.md

exp

PkgGoDev

This subrepository holds experimental and deprecated (in the old directory) packages.

The idea for this subrepository originated as the pkg/exp directory of the main repository, but its presence there made it unavailable to users of the binary downloads of the Go installation. The subrepository has therefore been created to make it possible to go get these packages.

Warning: Packages here are experimental and unreliable. Some may one day be promoted to the main repository or other subrepository, or they may be modified arbitrarily or even disappear altogether.

In short, code in this subrepository is not subject to the Go 1 compatibility promise. (No subrepo is, but the promise is even more likely to be violated by go.exp than the others.)

Caveat emptor.