commit | db19ee9ad5c252e2b7facf09b5186589bde78507 | [log] [tgz] |
---|---|---|
author | Tatiana Bradley <tatianabradley@google.com> | Fri May 19 14:05:04 2023 -0400 |
committer | Tatiana Bradley <tatianabradley@google.com> | Tue May 23 21:03:16 2023 +0000 |
tree | 7036ed3128790bcfbe98b6d54915c559101dbb53 | |
parent | e68e5e46e8f933e04c75c4b149d4d5e9056ec344 [diff] |
internal/report: reuse OSV validation for version ranges Instead of validating YAML version ranges directly, convert them to OSV ranges and validate those to re-use the code. Also add a lint check to ensure the vulnerable_at version is inside the vulnerable range, and fix a report that had this error. Change-Id: I315fd3e62902c115ea56b3111e3d77983d5a74fb Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/495985 TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Damien Neil <dneil@google.com> Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
This repository contains the infrastructure and internal reports to create the Go Vulnerability Database.
Check out https://go.dev/security/vuln for more information about the Go vulnerability management system.
Click here to report a public vulnerability in the Go ecosystem, or give feedback about the project.
The privacy policy for govulncheck
can be found at https://vuln.go.dev/privacy.
Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.
Database entries are distributed under the terms of the CC-BY-4.0 license. See go.dev/security/vuln/database for information on how to access these entries.