commit	17b3185bd862b0f25f48438420de175377094276	[log] [tgz]
author	Jonathan Amsterdam <jba@google.com>	Mon Apr 04 16:13:40 2022 -0400
committer	Jonathan Amsterdam <jba@google.com>	Tue Apr 05 18:10:49 2022 +0000
tree	58fdf6cc18030d2ec4b0547cd9a2847fa3228528
parent	dce8374dbc095411612006359bf7c0ad621cd992 [diff]

internal/gosym: fork debug/gosym This is the first CL in a sequence that will allow vulncheck to see inlined symbols in a binary. In order to do this without relying on DWARF debugging information, we need to traverse some data structures in the binary file. debug/gosym does most of the work, but we need to extend it to find information about inlined functions. We start by forking debug/gosym and getting it to work outside of the standard library. (Also, make check.bash skip license checks for files in testdata directories.) For golang/go#51412. Change-Id: I21d2911fde59dd8eb8f0e6d82bc28365f147c68d Reviewed-on: https://go-review.googlesource.com/c/vuln/+/398295 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com>

tree: 58fdf6cc18030d2ec4b0547cd9a2847fa3228528

README.md

Go Vulnerability Management

This repository contains the following:

Package client: a client for interacting with the Go vulnerability database
Package vulncheck: an API for detecting vulnerabilities in Go packages
Command govulncheck: a CLI for detecting vulnerabilities in Go packages

The code in this repository is under active development and not to be considered stable.

License

Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.

Database entries available at https://vuln.go.dev are distributed under the terms of the CC-BY 4.0 license.