Google Git
Sign in
go / vuln / 348460952d62720df9244d4e7b81008a9195e109
commit348460952d62720df9244d4e7b81008a9195e109[log] [tgz]
authorJonathan Amsterdam <jba@google.com>Thu Jul 21 16:39:02 2022 -0400
committerJonathan Amsterdam <jba@google.com>Sat Jul 23 11:26:32 2022 +0000
treedcdd7d3c83837439fcaa9dc8f5cb8fd11f273686
parent8313ba84e2180464753c916225f54701e7b32934 [diff]
vulncheck: add ResultVersion

Add an exported string that can be used to cache results.  We use a
value controlled by the developer, rather than a git hash or tag,
because not every change to the package will change its results, and
we don't want to invalidate cached values unnecessarily.

Change-Id: I018cdc7a0a237c086d377938af9496def714cd0e
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/418974
Run-TryBot: Jonathan Amsterdam <jba@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com>
1 file changed
tree: dcdd7d3c83837439fcaa9dc8f5cb8fd11f273686
  1. client/
  2. cmd/
  3. devtools/
  4. doc/
  5. internal/
  6. osv/
  7. vulncheck/
  8. .gitignore
  9. all_test.go
  10. checks.bash
  11. CONTRIBUTING.md
  12. go.mod
  13. go.sum
  14. LICENSE
  15. PATENTS
  16. README.md
  17. tools_test.go
README.md

Go Vulnerability Management

Go Reference

This repository contains the following:

  • Package client: a client for interacting with the Go vulnerability database
  • Package vulncheck: an API for detecting vulnerabilities in Go packages
  • Command govulncheck: a CLI for detecting vulnerabilities in Go packages

The code in this repository is under active development and not to be considered stable.

License

Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.

Database entries available at https://vuln.go.dev are distributed under the terms of the CC-BY 4.0 license.