Google Git
Sign in
go / vuln / e17f629f30397f2117c884c2503bbbc5a2418830
commite17f629f30397f2117c884c2503bbbc5a2418830[log] [tgz]
authorZvonimir Pavlinovic <zpavlinovic@google.com>Fri Feb 09 20:51:36 2024 +0000
committerZvonimir Pavlinovic <zpavlinovic@google.com>Mon Feb 12 17:28:11 2024 +0000
tree08004a07ac923f042907a4a9ca231748392b1e48
parent60e1cce05e0f4eb611384dbfca5e7114d6938c10 [diff]
all: remove bash checks

The only check left in checks.bash is now a check that performs static
analysis of shell scripts. But we don't really have any useful shell
scripts apart from checks.bash itself. The snapshot_vulndb.sh could be
useful but it has not been used in a long time and it does not really
need static analysis: its failure would reflect in unit tests.

We hence delete all shell scripts and code that invokes them.

Change-Id: I58570f0b65487ef31b3382ab76e110e1f2b53605
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/563055
Reviewed-by: Maceo Thompson <maceothompson@google.com>
Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
4 files changed
tree: 08004a07ac923f042907a4a9ca231748392b1e48
  1. cmd/
  2. doc/
  3. internal/
  4. scan/
  5. .gitignore
  6. all_test.go
  7. CONTRIBUTING.md
  8. go.mod
  9. go.sum
  10. LICENSE
  11. PATENTS
  12. README.md
README.md

Go Vulnerability Management

Go Reference

Go's support for vulnerability management includes tooling for analyzing your codebase and binaries to surface known vulnerabilities in your dependencies. This tooling is backed by the Go vulnerability database, which is curated by the Go security team. Go’s tooling reduces noise in your results by only surfacing vulnerabilities in functions that your code is actually calling.

You can install the latest version of govulncheck using go install

go install golang.org/x/vuln/cmd/govulncheck@latest

Then, run govulncheck inside your module:

govulncheck ./...

See the govulncheck tutorial to get started, and https://go.dev/security/vuln for more information about Go's support for vulnerability management. The API documentation can be found at https://pkg.go.dev/golang.org/x/vuln/scan.

Privacy Policy

The privacy policy for govulncheck can be found at https://vuln.go.dev/privacy.

License

Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.

Database entries available at https://vuln.go.dev are distributed under the terms of the CC-BY 4.0 license.