gopls: prefix vulncheck diagnostic message with title
To help indicate that the diagnostic is for an error in a dependency,
not in the user's code prefix the diagnostic with
"[module] has a known vulnerability:"
Change-Id: Ib48f2e2cb2620fc6d56c4b0fd5d125cb4789283c
Reviewed-on: https://go-review.googlesource.com/c/tools/+/436217
gopls-CI: kokoro <noreply+kokoro@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Robert Findley <rfindley@google.com>
Run-TryBot: Suzy Mueller <suzmue@golang.org>
Reviewed-by: Hyang-Ah Hana Kim <hyangah@gmail.com>
diff --git a/gopls/internal/lsp/mod/diagnostics.go b/gopls/internal/lsp/mod/diagnostics.go
index af5009e..2b15ba7 100644
--- a/gopls/internal/lsp/mod/diagnostics.go
+++ b/gopls/internal/lsp/mod/diagnostics.go
@@ -222,7 +222,7 @@
Code: v.ID,
CodeHref: v.URL,
// TODO(suzmue): replace the newlines in v.Details to allow the editor to handle formatting.
- Message: v.Details,
+ Message: fmt.Sprintf("%s has a known vulnerability: %s", v.ModPath, v.Details),
SuggestedFixes: fixes,
})
}
diff --git a/gopls/internal/regtest/misc/vuln_test.go b/gopls/internal/regtest/misc/vuln_test.go
index c13acf8..b0fb1f9 100644
--- a/gopls/internal/regtest/misc/vuln_test.go
+++ b/gopls/internal/regtest/misc/vuln_test.go
@@ -254,8 +254,8 @@
CompletedWork("govulncheck", 1, true),
ShownMessage("Found"),
OnceMet(
- env.DiagnosticAtRegexpWithMessage("go.mod", `golang.org/amod`, "vuln in amod"),
- env.DiagnosticAtRegexpWithMessage("go.mod", `golang.org/bmod`, "vuln in bmod"),
+ env.DiagnosticAtRegexpWithMessage("go.mod", `golang.org/amod`, "golang.org/amod has a known vulnerability: vuln in amod"),
+ env.DiagnosticAtRegexpWithMessage("go.mod", `golang.org/bmod`, "golang.org/bmod has a known vulnerability: vuln in bmod"),
ReadDiagnostics("go.mod", d),
),
)