internal/worker: update comment on vulns for mode The previous comment was talking about implementation details that are also not true anymore. Change-Id: I97a53231b97e33511dce13f1f39171cb1c5301b1 Reviewed-on: https://go-review.googlesource.com/c/pkgsite-metrics/+/507195 Reviewed-by: Maceo Thompson <maceothompson@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com> Auto-Submit: Zvonimir Pavlinovic <zpavlinovic@google.com>

commit: ca9694298a8da1c66f53690df61b9f02b1b4d0a2 [log] [tgz]
author: Zvonimir Pavlinovic <zpavlinovic@google.com> Thu Jun 29 09:57:00 2023 -0700
committer: Gopher Robot <gobot@golang.org> Thu Jul 06 16:32:39 2023 +0000
tree: 50f252606e724deaf74cfd241fdce584b9512707
parent: b6bb8cfec92e1fa78da6ad43b6b9a7199095d638 [diff]
diff --git a/internal/worker/govulncheck_scan.go b/internal/worker/govulncheck_scan.go
index 98d8a61..17eb900 100644
--- a/internal/worker/govulncheck_scan.go
+++ b/internal/worker/govulncheck_scan.go

@@ -291,10 +291,10 @@
 // a particular mode.
 //
 // For ModeGovulncheck, these are all vulns that are actually
-// called (CallSink!=0). For modeImports, these are all vulns
-// modified to have CallSink=0. For ModeBinary, these are
-// exactly the input vulns since binary analysis does not
-// distinguish between called and imported vulnerabilities.
+// called. For modeImports, these are all vulns, called or just
+// imported. For ModeBinary, these are exactly all the vulns
+// since binary analysis does not distinguish between called
+// and imported vulnerabilities.
 func vulnsForMode(vulns []*govulncheck.Vuln, mode string) []*govulncheck.Vuln {
 	if mode == ModeBinary {
 		return vulns
commit	ca9694298a8da1c66f53690df61b9f02b1b4d0a2	[log] [tgz]
author	Zvonimir Pavlinovic <zpavlinovic@google.com>	Thu Jun 29 09:57:00 2023 -0700
committer	Gopher Robot <gobot@golang.org>	Thu Jul 06 16:32:39 2023 +0000
tree	50f252606e724deaf74cfd241fdce584b9512707
parent	b6bb8cfec92e1fa78da6ad43b6b9a7199095d638 [diff]