commit | aab7eeb7d8063c9b6840137a5854c7571103caa5 | [log] [tgz] |
---|---|---|
author | Maceo Thompson <maceothompson@google.com> | Wed Mar 01 21:45:31 2023 +0000 |
committer | Maceo Thompson <maceothompson@google.com> | Mon Mar 06 14:48:13 2023 +0000 |
tree | fea5164a421863fc54b70ab73639bddc61e9a873 | |
parent | e9ee2961aa5f19de97b8467f212da70391f4e1bd [diff] |
internal/worker: add logic to run govulncheck in sandbox mode When making a query with mode GOVULNCHECK and without the insecure flag (or insecure set to false), the govulncheck binary is ran on the requested module/package in the sandbox. An example query would be .../vulncheck/scan/PATH/TO/MODULE@version?mode=GOVULNCHECK While the binary compiles and runs successfully, it returns a different amount of vulns compared to VTA/other vulncheck modes. Change-Id: Ifdce071cb5017a08cc5f0618faca9bab43e51579 Reviewed-on: https://go-review.googlesource.com/c/pkgsite-metrics/+/472578 Run-TryBot: Maceo Thompson <maceothompson@google.com> Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
This repository contains code that serves pkg.go.dev/metrics.
This repository uses Gerrit for code changes. To learn how to submit changes to this repository, see https://golang.org/doc/contribute.html.
The main issue tracker for the time repository is located at https://github.com/golang/go/issues. Prefix your issue with “x/pkgsite-metrics:” in the subject line, so it is easy to find.