Google Git
Sign in
go / vulndb / 421e78b1885ec4a2ffd279d1ababc302a6b17a63
commit421e78b1885ec4a2ffd279d1ababc302a6b17a63[log] [tgz]
authorTatiana Bradley <tatiana@golang.org>Tue Apr 26 14:30:06 2022 -0400
committerTatiana Bradley <tatiana@golang.org>Tue Apr 26 19:05:50 2022 +0000
tree9c16756aaba5cd4ff92b02082b31fc914135d981
parentf4619b1028c9b9f4fe6ee86f0c040484c459d36a [diff]
x/vulndb: add link to importers of a package in new automated issues

The worker now includes a link in the automated issue description to pkg.go.dev/?tab=importedby for the affected module, as a starting point in detecting false positive vulnerability reports.

For golang/go#51944

Change-Id: I3caaaba69c07e7a3e24977cf5ea5e92559ce8628
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/402394
Reviewed-by: Julie Qiu <julieqiu@google.com>
2 files changed
tree: 9c16756aaba5cd4ff92b02082b31fc914135d981
  1. .github/
  2. cmd/
  3. deploy/
  4. devtools/
  5. doc/
  6. internal/
  7. reports/
  8. terraform/
  9. .gitignore
  10. all_test.go
  11. AUTHORS
  12. checks.bash
  13. CONTRIBUTING.md
  14. CONTRIBUTORS
  15. go.mod
  16. go.sum
  17. LICENSE
  18. PATENTS
  19. README.md
  20. tools_test.go
README.md

The Go Vulnerability Database

This repository contains the reports for the Go Vulnerability Database.

If you are interested accessing data from the Go Vulnerability Database, see x/vuln for information. This repository is only used for adding new vulnerabilities.

Reporting a vulnerability

We are not accepting new vulnerability reports at this time. We will update this README.md once we are ready to receive reports.

License

Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.

Database entries are distributed under the terms of the CC-BY 4.0 license. See x/vuln for information on how to access these entries.