commit | 1daa2a6f4db43f1d2247b01558c2969caf85fdf3 | [log] [tgz] |
---|---|---|
author | Damien Neil <dneil@google.com> | Thu Jun 30 14:22:29 2022 -0700 |
committer | Damien Neil <dneil@google.com> | Fri Jul 01 15:44:00 2022 +0000 |
tree | 414e0a384854152ab0d59495ebd42dd4e5106b3f | |
parent | f485fa0ca603efc289d34710a387055d0405fa82 [diff] |
internal/report: refine lint checks for stdlib links Permit the commit link for a standard library report to reference any go.googlesource.com repo, allowing us to record a link to the original fix for packages vendored into the stdlib. Make the commit field optional. The pr and commit fields are for informational purposes. It's sufficient to link to the Gerrit CL; anyone who wants the specific commit can easily get to it from there. Improve fix while I'm in here to drop the redundant package when package==module. (Lint checks for it, fix can fix it.) Change-Id: I68473c674b82535da52a793b57343bd48fd5acf4 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/415535 Reviewed-by: Jonathan Amsterdam <jba@google.com> Run-TryBot: Damien Neil <dneil@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
This repository contains the reports for the Go Vulnerability Database.
If you are interested accessing data from the Go Vulnerability Database, see x/vuln for information. This repository is only used for adding new vulnerabilities.
We are not accepting new vulnerability reports at this time. We will update this README.md once we are ready to receive reports.
Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.
Database entries are distributed under the terms of the CC-BY 4.0 license. See x/vuln for information on how to access these entries.