cmd/govulncheck: update Go template for -html flag

The Go template used by the -html flag is updated:

- A <head> element is added to the HTML for containing metadata
- A license header is added
- Whitespace is modified to be more readable

Change-Id: I3890108cd031ec8339273ca2c71d3263e1c32a9b
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/403075
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Julie Qiu <julieqiu@google.com>
Reviewed-by: Jonathan Amsterdam <jba@google.com>
Run-TryBot: Julie Qiu <julie@golang.org>
Run-TryBot: Julie Qiu <julieqiu@google.com>
Auto-Submit: Julie Qiu <julieqiu@google.com>
diff --git a/cmd/govulncheck/static/govulncheck.tmpl b/cmd/govulncheck/static/govulncheck.tmpl
index bdabd46..d5869f3 100644
--- a/cmd/govulncheck/static/govulncheck.tmpl
+++ b/cmd/govulncheck/static/govulncheck.tmpl
@@ -1,33 +1,52 @@
-
+<!--
+  Copyright 2022 The Go Authors. All rights reserved.
+  Use of this source code is governed by a BSD-style
+  license that can be found in the LICENSE file.
+-->
 <!DOCTYPE html>
 <html lang="en">
-<meta charset="utf-8">
-<link href="/static/govulncheck.css" rel="stylesheet">
-<title>govulncheck Results</title>
-
+<head>
+  <meta charset="utf-8">
+  <link href="/static/govulncheck.css" rel="stylesheet">
+  <title>govulncheck Results</title>
+</head>
 <body>
-  {{range .}}
-    <h2>{{.ID}}</h2>
-    <table>
-      <tr><td>Package</td><td>{{.PkgPath}}</td></tr>
-      <tr><td>Your version</td><td>{{.CurrentVersion}}</td></tr>
-      <tr><td>Fixed version</td><td>{{.FixedVersion}}</td></tr>
-      <tr><td>Reference</td><td>{{.Reference}}</td></tr>
-      <tr><td>Description</td><td>{{.Details}}</td></tr>
-    </table>
-
-    {{range .Stacks}}
-      <details>
-        <summary>{{.Summary}}</summary>
-        <ul>
-          {{range .Stack}}
-            <li>{{.Function | funcName}}</li>
-          {{end}}
-        </ul>
-      </details>
-    {{end}}
-  {{else}}
-    No vulnerabilities found.
+{{range .}}
+  <h2>{{.ID}}</h2>
+  <table>
+    <tr>
+      <td>Package</td>
+      <td>{{.PkgPath}}</td>
+    </tr>
+    <tr>
+      <td>Your version</td>
+      <td>{{.CurrentVersion}}</td>
+    </tr>
+    <tr>
+      <td>Fixed version</td>
+      <td>{{.FixedVersion}}</td>
+    </tr>
+    <tr>
+      <td>Reference</td>
+      <td>{{.Reference}}</td>
+    </tr>
+    <tr>
+      <td>Description</td>
+      <td>{{.Details}}</td>
+    </tr>
+  </table>
+  {{range .Stacks}}
+    <details>
+      <summary>{{.Summary}}</summary>
+      <ul>
+        {{range .Stack}}
+          <li>{{.Function | funcName}}</li>
+        {{end}}
+      </ul>
+    </details>
   {{end}}
+{{else}}
+  <div>No vulnerabilities found.</div>
+{{end}}
 </body>
 </html>
diff --git a/cmd/govulncheck/testdata/html-binary.ct b/cmd/govulncheck/testdata/html-binary.ct
index 7c7cea2..7bcbfce 100644
--- a/cmd/govulncheck/testdata/html-binary.ct
+++ b/cmd/govulncheck/testdata/html-binary.ct
@@ -2,14 +2,15 @@
 
 <!DOCTYPE html>
 <html lang="en">
-<meta charset="utf-8">
-<link href="/static/govulncheck.css" rel="stylesheet">
-<title>govulncheck Results</title>
-
+<head>
+  <meta charset="utf-8">
+  <link href="/static/govulncheck.css" rel="stylesheet">
+  <title>govulncheck Results</title>
+</head>
 <body>
-  
-    No vulnerabilities found.
-  
+
+  <div>No vulnerabilities found.</div>
+
 </body>
 </html>
 
@@ -18,25 +19,40 @@
 
 <!DOCTYPE html>
 <html lang="en">
-<meta charset="utf-8">
-<link href="/static/govulncheck.css" rel="stylesheet">
-<title>govulncheck Results</title>
-
+<head>
+  <meta charset="utf-8">
+  <link href="/static/govulncheck.css" rel="stylesheet">
+  <title>govulncheck Results</title>
+</head>
 <body>
-  
-    <h2>GO-2021-0113</h2>
-    <table>
-      <tr><td>Package</td><td>golang.org/x/text/language</td></tr>
-      <tr><td>Your version</td><td>v0.3.0</td></tr>
-      <tr><td>Fixed version</td><td>v0.3.7</td></tr>
-      <tr><td>Reference</td><td>https://pkg.go.dev/vuln/GO-2021-0113</td></tr>
-      <tr><td>Description</td><td>Due to improper index calculation, an incorrectly formatted language tag can cause Parse
+
+  <h2>GO-2021-0113</h2>
+  <table>
+    <tr>
+      <td>Package</td>
+      <td>golang.org/x/text/language</td>
+    </tr>
+    <tr>
+      <td>Your version</td>
+      <td>v0.3.0</td>
+    </tr>
+    <tr>
+      <td>Fixed version</td>
+      <td>v0.3.7</td>
+    </tr>
+    <tr>
+      <td>Reference</td>
+      <td>https://pkg.go.dev/vuln/GO-2021-0113</td>
+    </tr>
+    <tr>
+      <td>Description</td>
+      <td>Due to improper index calculation, an incorrectly formatted language tag can cause Parse
 to panic via an out of bounds read. If Parse is used to process untrusted user inputs,
 this may be used as a vector for a denial of service attack.
-</td></tr>
-    </table>
-
-    
+</td>
+    </tr>
+  </table>
   
+
 </body>
 </html>
diff --git a/cmd/govulncheck/testdata/html.ct b/cmd/govulncheck/testdata/html.ct
index 7a3bd9f..e25ac2a 100644
--- a/cmd/govulncheck/testdata/html.ct
+++ b/cmd/govulncheck/testdata/html.ct
@@ -5,14 +5,15 @@
 
 <!DOCTYPE html>
 <html lang="en">
-<meta charset="utf-8">
-<link href="/static/govulncheck.css" rel="stylesheet">
-<title>govulncheck Results</title>
-
+<head>
+  <meta charset="utf-8">
+  <link href="/static/govulncheck.css" rel="stylesheet">
+  <title>govulncheck Results</title>
+</head>
 <body>
-  
-    No vulnerabilities found.
-  
+
+  <div>No vulnerabilities found.</div>
+
 </body>
 </html>
 
@@ -22,36 +23,51 @@
 
 <!DOCTYPE html>
 <html lang="en">
-<meta charset="utf-8">
-<link href="/static/govulncheck.css" rel="stylesheet">
-<title>govulncheck Results</title>
-
+<head>
+  <meta charset="utf-8">
+  <link href="/static/govulncheck.css" rel="stylesheet">
+  <title>govulncheck Results</title>
+</head>
 <body>
-  
-    <h2>GO-2021-0113</h2>
-    <table>
-      <tr><td>Package</td><td>golang.org/x/text/language</td></tr>
-      <tr><td>Your version</td><td>v0.3.0</td></tr>
-      <tr><td>Fixed version</td><td>v0.3.7</td></tr>
-      <tr><td>Reference</td><td>https://pkg.go.dev/vuln/GO-2021-0113</td></tr>
-      <tr><td>Description</td><td>Due to improper index calculation, an incorrectly formatted language tag can cause Parse
+
+  <h2>GO-2021-0113</h2>
+  <table>
+    <tr>
+      <td>Package</td>
+      <td>golang.org/x/text/language</td>
+    </tr>
+    <tr>
+      <td>Your version</td>
+      <td>v0.3.0</td>
+    </tr>
+    <tr>
+      <td>Fixed version</td>
+      <td>v0.3.7</td>
+    </tr>
+    <tr>
+      <td>Reference</td>
+      <td>https://pkg.go.dev/vuln/GO-2021-0113</td>
+    </tr>
+    <tr>
+      <td>Description</td>
+      <td>Due to improper index calculation, an incorrectly formatted language tag can cause Parse
 to panic via an out of bounds read. If Parse is used to process untrusted user inputs,
 this may be used as a vector for a denial of service attack.
-</td></tr>
-    </table>
-
-    
-      <details>
-        <summary>vuln.main calls golang.org/x/text/language.Parse</summary>
-        <ul>
-          
-            <li>vuln.main</li>
-          
-            <li>golang.org/x/text/language.Parse</li>
-          
-        </ul>
-      </details>
-    
+</td>
+    </tr>
+  </table>
   
+    <details>
+      <summary>vuln.main calls golang.org/x/text/language.Parse</summary>
+      <ul>
+        
+          <li>vuln.main</li>
+        
+          <li>golang.org/x/text/language.Parse</li>
+        
+      </ul>
+    </details>
+  
+
 </body>
 </html>