Google Git
Sign in
go/vuln/5499630db5f896778f084a8b3720910426de5c53
commit
5499630db5f896778f084a8b3720910426de5c53
[log]
author
Roland Shoemaker <roland@golang.org>
Wed Apr 15 08:31:32 2026 -0700
committer
Gopher Robot <gobot@golang.org>
Wed Apr 15 09:18:40 2026 -0700
tree
b41fbfcbd5bcb0c14c97d2da02ee764657c0a74d
parent
a8075323febce35764797d66a61fa9e19a8d9797 [diff]
internal/scan: exit after printing version info

When -version flag is passed, print the version information and exit
immediately without trying to do any scanning. This is different than
the behavior of the -show flag, which prints information and then
continues with the scan.

This prevents govulncheck from returning a non-zero exit code when
-version is passed, without any package patterns.

Fixes golang/go#78743

Change-Id: I9b1efa56f067e209956bd38cd77d7055fa70a7ce
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/767300
Reviewed-by: Ethan Lee <ethanalee@google.com>
Auto-Submit: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
2 files changed
tree: b41fbfcbd5bcb0c14c97d2da02ee764657c0a74d
  1. cmd/
  2. doc/
  3. internal/
  4. scan/
  5. .gitignore
  6. all_test.go
  7. codereview.cfg
  8. CONTRIBUTING.md
  9. go.mod
  10. go.sum
  11. LICENSE
  12. PATENTS
  13. README.md
README.md

Go Vulnerability Management

Go Reference

Go's support for vulnerability management includes tooling for analyzing your codebase and binaries to surface known vulnerabilities in your dependencies. This tooling is backed by the Go vulnerability database, which is curated by the Go security team. Go’s tooling reduces noise in your results by only surfacing vulnerabilities in functions that your code is actually calling.

You can install the latest version of govulncheck using go install

go install golang.org/x/vuln/cmd/govulncheck@latest

Then, run govulncheck inside your module:

govulncheck ./...

See the govulncheck tutorial to get started, and https://go.dev/security/vuln for more information about Go's support for vulnerability management. The API documentation can be found at https://pkg.go.dev/golang.org/x/vuln/scan.

Privacy Policy

The privacy policy for govulncheck can be found at https://vuln.go.dev/privacy.

License

Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.

Database entries available at https://vuln.go.dev are distributed under the terms of the CC-BY 4.0 license.