| $ govulncheck -h |
| govulncheck: identify known vulnerabilities by call graph traversal. |
| |
| Usage: |
| |
| govulncheck [flags] {package pattern...} |
| |
| govulncheck [flags] {binary path} |
| |
| Flags: |
| |
| -json Print vulnerability findings in JSON format. |
| |
| -html Generate HTML with the vulnerability findings. |
| |
| -tags Comma-separated list of build tags. |
| |
| -tests Boolean flag indicating if test files should be analyzed too. |
| |
| govulncheck can be used with either one or more package patterns (i.e. golang.org/x/crypto/... |
| or ./...) or with a single path to a Go binary. In the latter case module and symbol |
| information will be extracted from the binary in order to detect vulnerable symbols. |
| |
| The environment variable GOVULNDB can be set to a comma-separated list of vulnerability |
| database URLs, with http://, https://, or file:// protocols. Entries from multiple |
| databases are merged. |
| |
| |
| # Same output as -h, but failure. |
| $ govulncheck --> FAIL 1 |
| govulncheck: identify known vulnerabilities by call graph traversal. |
| |
| Usage: |
| |
| govulncheck [flags] {package pattern...} |
| |
| govulncheck [flags] {binary path} |
| |
| Flags: |
| |
| -json Print vulnerability findings in JSON format. |
| |
| -html Generate HTML with the vulnerability findings. |
| |
| -tags Comma-separated list of build tags. |
| |
| -tests Boolean flag indicating if test files should be analyzed too. |
| |
| govulncheck can be used with either one or more package patterns (i.e. golang.org/x/crypto/... |
| or ./...) or with a single path to a Go binary. In the latter case module and symbol |
| information will be extracted from the binary in order to detect vulnerable symbols. |
| |
| The environment variable GOVULNDB can be set to a comma-separated list of vulnerability |
| database URLs, with http://, https://, or file:// protocols. Entries from multiple |
| databases are merged. |