Google Git
Sign in
go / tools / 8c78b306b8b8f8a3cb067d717e3c76860d76340f^! / .
commit8c78b306b8b8f8a3cb067d717e3c76860d76340f[log] [tgz]
authorHana (Hyang-Ah) Kim <hyangah@gmail.com>Thu Dec 01 17:07:48 2022 -0500
committerHyang-Ah Hana Kim <hyangah@gmail.com>Fri Dec 02 14:52:29 2022 +0000
tree28c56912be5647df2defc744e1f60ea4086c0549
parent47a82463d369ea966c8b000b8068b22fe23107c7 [diff]
gopls/internal/vulncheck: always use pkg.go.dev/vuln for urls

Change-Id: Id740cf5d0387b7358f4fac2c7aa1300354453944
Reviewed-on: https://go-review.googlesource.com/c/tools/+/454636
Run-TryBot: Hyang-Ah Hana Kim <hyangah@gmail.com>
gopls-CI: kokoro <noreply+kokoro@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Jamal Carvalho <jamal@golang.org>

diff --git a/gopls/internal/lsp/mod/diagnostics.go b/gopls/internal/lsp/mod/diagnostics.go
index 7ee92bd..6b7a1a6 100644
--- a/gopls/internal/lsp/mod/diagnostics.go
+++ b/gopls/internal/lsp/mod/diagnostics.go

@@ -465,20 +465,11 @@
 	return strings.TrimSpace(strings.Replace(string(details), "\n\n", "\n\n  ", -1))
 }
 
-// href returns a URL embedded in the entry if any.
-// If no suitable URL is found, it returns a default entry in
-// pkg.go.dev/vuln.
+// href returns the url for the vulnerability information.
+// Eventually we should retrieve the url embedded in the osv.Entry.
+// While vuln.go.dev is under development, this always returns
+// the page in pkg.go.dev.
 func href(vuln *osv.Entry) string {
-	for _, affected := range vuln.Affected {
-		if url := affected.DatabaseSpecific.URL; url != "" {
-			return url
-		}
-	}
-	for _, r := range vuln.References {
-		if r.Type == "WEB" {
-			return r.URL
-		}
-	}
 	return fmt.Sprintf("https://pkg.go.dev/vuln/%s", vuln.ID)
 }
 

diff --git a/gopls/internal/vulncheck/util.go b/gopls/internal/vulncheck/util.go
index d21d305..fe65c6e 100644
--- a/gopls/internal/vulncheck/util.go
+++ b/gopls/internal/vulncheck/util.go

@@ -48,20 +48,11 @@
 	}
 }
 
-// href returns a URL embedded in the entry if any.
-// If no suitable URL is found, it returns a default entry in
-// pkg.go.dev/vuln.
+// href returns the url for the vulnerability information.
+// Eventually we should retrieve the url embedded in the osv.Entry.
+// While vuln.go.dev is under development, this always returns
+// the page in pkg.go.dev.
 func href(vuln *osv.Entry) string {
-	for _, affected := range vuln.Affected {
-		if url := affected.DatabaseSpecific.URL; url != "" {
-			return url
-		}
-	}
-	for _, r := range vuln.References {
-		if r.Type == "WEB" {
-			return r.URL
-		}
-	}
 	return fmt.Sprintf("https://pkg.go.dev/vuln/%s", vuln.ID)
 }