internal/genericosv: fix major versions in ToReport

When converting OSV to a Report, attempt to correct the major version of
module paths. For now, this is very conservative and only makes a change
if it is perfectly clear what the major version should be.

Change-Id: Ibc6cee95e7ada78e8c4d5d5ed9d800e78bdfbee9
LUCI-TryBot-Result: Go LUCI <>
Reviewed-by: Damien Neil <>
23 files changed
tree: 0250257b5ccf46997b8c89a22ce5c2369cdf0452
  1. .github/
  2. cmd/
  3. data/
  4. deploy/
  5. devtools/
  6. doc/
  7. internal/
  8. terraform/
  9. webconfig/
  10. .gitignore
  11. all_test.go
  12. checks.bash
  14. go.mod
  15. go.sum
  19. tools_test.go

The Go Vulnerability Database

Go Reference

This repository contains the infrastructure and internal reports to create the Go Vulnerability Database.

Check out for more information about the Go vulnerability management system.

Reporting a vulnerability or feedback

Click here to report a public vulnerability in the Go ecosystem, or give feedback about the project.

Privacy Policy

The privacy policy for govulncheck can be found at


Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.

Database entries are distributed under the terms of the CC-BY-4.0 license. See for information on how to access these entries.