commit	aa4967e02e3e66c0404a0e4acca84fe684e66775	[log] [tgz]
author	Jonathan Amsterdam <jba@google.com>	Tue Apr 12 21:30:52 2022 -0400
committer	Jonathan Amsterdam <jba@google.com>	Wed Apr 13 17:56:20 2022 +0000
tree	787d5d5077a2a6175bb3553dafea76f83bff78f1
parent	65d089bf3e30993e30e8a95c469dd0a89e893d9b [diff]

cmd/govulncheck: add test for JSON output

The challenge here involved filenames of Go source files, which might
contain the full path to the working directory or the Go module cache.
These paths differ across systems, so tests that might work on a
developer machine would fail on a CI system.

This CL solves that problem by filtering the JSON, replacing path
directories with "..." while preserving the base filenames.

Change-Id: I938a96a2d6ed23648106293bfe3fa9d3a540586d
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/399119
Run-TryBot: Jonathan Amsterdam <jba@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com>

cmd/govulncheck/main_test.go[diff]
cmd/govulncheck/testdata/json.ct[Added - diff]

2 files changed

tree: 787d5d5077a2a6175bb3553dafea76f83bff78f1

README.md

Go Vulnerability Management

This repository contains the following:

Package client: a client for interacting with the Go vulnerability database
Package vulncheck: an API for detecting vulnerabilities in Go packages
Command govulncheck: a CLI for detecting vulnerabilities in Go packages

The code in this repository is under active development and not to be considered stable.

License

Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.

Database entries available at https://vuln.go.dev are distributed under the terms of the CC-BY 4.0 license.