| // Copyright 2024 The Go Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style |
| // license that can be found in the LICENSE file. |
| |
| package main |
| |
| import ( |
| "fmt" |
| "strings" |
| |
| "golang.org/x/exp/constraints" |
| "golang.org/x/exp/maps" |
| "golang.org/x/exp/slices" |
| "golang.org/x/vulndb/internal/report" |
| ) |
| |
| // xref returns cross-references for a report: Information about other reports |
| // for the same CVE, GHSA, or module. |
| func xref(rname string, r *report.Report, existingByFile map[string]*report.Report) string { |
| out := &strings.Builder{} |
| matches := report.XRef(r, existingByFile) |
| delete(matches, rname) |
| // This sorts as CVEs, GHSAs, and then modules. |
| for _, fname := range sorted(maps.Keys(matches)) { |
| for _, id := range sorted(matches[fname]) { |
| fmt.Fprintf(out, "%v appears in %v", id, fname) |
| e := existingByFile[fname].Excluded |
| if e != "" { |
| fmt.Fprintf(out, " %v", e) |
| } |
| fmt.Fprintf(out, "\n") |
| } |
| } |
| return out.String() |
| } |
| |
| func sorted[E constraints.Ordered](s []E) []E { |
| s = slices.Clone(s) |
| slices.Sort(s) |
| return s |
| } |
