Google Git
Sign in
go / pkgsite-metrics / aab7eeb7d8063c9b6840137a5854c7571103caa5
commitaab7eeb7d8063c9b6840137a5854c7571103caa5[log] [tgz]
authorMaceo Thompson <maceothompson@google.com>Wed Mar 01 21:45:31 2023 +0000
committerMaceo Thompson <maceothompson@google.com>Mon Mar 06 14:48:13 2023 +0000
treefea5164a421863fc54b70ab73639bddc61e9a873
parente9ee2961aa5f19de97b8467f212da70391f4e1bd [diff]
internal/worker: add logic to run govulncheck in sandbox mode

When making a query with mode GOVULNCHECK and without the insecure flag (or insecure set to false),
the govulncheck binary is ran on the requested module/package in the sandbox.
An example query would be .../vulncheck/scan/PATH/TO/MODULE@version?mode=GOVULNCHECK

While the binary compiles and runs successfully, it returns a different
amount of vulns compared to VTA/other vulncheck modes.

Change-Id: Ifdce071cb5017a08cc5f0618faca9bab43e51579
Reviewed-on: https://go-review.googlesource.com/c/pkgsite-metrics/+/472578
Run-TryBot: Maceo Thompson <maceothompson@google.com>
Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2 files changed
tree: fea5164a421863fc54b70ab73639bddc61e9a873
  1. cmd/
  2. deploy/
  3. devtools/
  4. internal/
  5. static/
  6. terraform/
  7. .dockerignore
  8. .gitignore
  9. all_test.go
  10. checks.bash
  11. config.json.commented
  12. CONTRIBUTING.md
  13. go.mod
  14. go.sum
  15. LICENSE
  16. Makefile
  17. PATENTS
  18. README.md
  19. tools_test.go
README.md

pkgsite-metrics

This repository contains code that serves pkg.go.dev/metrics.

Report Issues / Send Patches

This repository uses Gerrit for code changes. To learn how to submit changes to this repository, see https://golang.org/doc/contribute.html.

The main issue tracker for the time repository is located at https://github.com/golang/go/issues. Prefix your issue with “x/pkgsite-metrics:” in the subject line, so it is easy to find.