commit	c7893a2018208b0c6e95bf334c4b047805866330	[log] [tgz]
author	Jonathan Amsterdam <jba@google.com>	Wed May 18 10:36:40 2022 -0400
committer	Jonathan Amsterdam <jba@google.com>	Wed May 18 18:06:55 2022 +0000
tree	c99e00dfdc84ac1a864689ea307df5054895c215
parent	1a1baf8b415df55cabca81b42f5ceeedc4fb103c [diff]

cmd/govulncheck: add a Source function to internal/govulncheck

Move the call to vulncheck.Source and the subsequent removal of
uncalled vulns to a separate function, for sharing with gopls.

This fixes what I believe was a bug. The JSON output did not match the
other output modes, because it output all the vulns, not just the ones
that were called. We want the JSON to produce the same information as
other modes, just in JSON format.

Change-Id: I3b3d1b31044530079e03969374462384d069d71c
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/406935
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Hyang-Ah Hana Kim <hyangah@gmail.com>
Run-TryBot: Jonathan Amsterdam <jba@google.com>
Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com>

3 files changed

tree: c99e00dfdc84ac1a864689ea307df5054895c215

README.md

Go Vulnerability Management

This repository contains the following:

Package client: a client for interacting with the Go vulnerability database
Package vulncheck: an API for detecting vulnerabilities in Go packages
Command govulncheck: a CLI for detecting vulnerabilities in Go packages

The code in this repository is under active development and not to be considered stable.

License

Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.

Database entries available at https://vuln.go.dev are distributed under the terms of the CC-BY 4.0 license.