cmd/vulnreport: various vulnreport changes for batch automation

* When creating or unexcluding a report, add a note to the report that
an error occurred in addition to logging a warning.
* When unexcluding reports, fix and lint the report before writing it.
* In Fix, attempt to add an advisory if the report needs one.

All of these changes are intended to make it easier to batch create &
unexclude reports, and notice when there are issues in the automated
process.

Change-Id: I33ec94a619cf0b89112a682386439a11381b6c57
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/562246
Reviewed-by: Damien Neil <dneil@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
5 files changed
tree: ba6656bd8a11eec1bfa6882c0e5608f4a3f54235
  1. .github/
  2. cmd/
  3. data/
  4. deploy/
  5. devtools/
  6. doc/
  7. internal/
  8. terraform/
  9. webconfig/
  10. .gitignore
  11. all_test.go
  12. checks.bash
  13. CONTRIBUTING.md
  14. go.mod
  15. go.sum
  16. LICENSE
  17. PATENTS
  18. README.md
  19. tools_test.go
README.md

The Go Vulnerability Database

Go Reference

This repository contains the infrastructure and internal reports to create the Go Vulnerability Database.

Check out https://go.dev/security/vuln for more information about the Go vulnerability management system.

Reporting a vulnerability or feedback

Click here to report a public vulnerability in the Go ecosystem, or give feedback about the project.

Privacy Policy

The privacy policy for govulncheck can be found at https://vuln.go.dev/privacy.

License

Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.

Database entries are distributed under the terms of the CC-BY-4.0 license. See go.dev/security/vuln/database for information on how to access these entries.