commit 6d6e58f440348d57ac7ba1e6c53d57900969c1bd
author Jonathan Amsterdam <jba@google.com> Tue Nov 22 08:02:46 2022 -0500
committer Jonathan Amsterdam <jba@google.com> Tue Nov 22 18:14:22 2022 +0000
tree 03e4ecca0344d8e10823cdfff4a89e96159f4a90
parent 0397c865626946dcd24be153a67d1c5d8c374f3b

cmd/vulnreport: avoid displaying access token

The help text previously included the value of VULN_GITHUB_ACCESS_TOKEN.

Change-Id: Ie65506376acb4f5d5cc36f611235714d4a13ea30
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/452755
Run-TryBot: Jonathan Amsterdam <jba@google.com>
Reviewed-by: Tatiana Bradley <tatiana@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>

cmd/vulnreport/main.go

diff --git a/cmd/vulnreport/main.go b/cmd/vulnreport/main.go
index 36552ef..e876995 100644
--- a/cmd/vulnreport/main.go
+++ b/cmd/vulnreport/main.go
@@ -45,7 +45,7 @@
 var (
 	localRepoPath = flag.String("local-cve-repo", "", "path to local repo, instead of cloning remote")
 	issueRepo     = flag.String("issue-repo", "github.com/golang/vulndb", "repo to create issues in")
-	githubToken   = flag.String("ghtoken", os.Getenv("VULN_GITHUB_ACCESS_TOKEN"), "GitHub access token")
+	githubToken   = flag.String("ghtoken", "", "GitHub access token (default: value of VULN_GITHUB_ACCESS_TOKEN)")
 	skipSymbols   = flag.Bool("skip-symbols", false, "for lint and fix, don't load package for symbols checks")
 	alwaysFixGHSA = flag.Bool("always-fix-ghsa", false, "for fix, always update GHSAs")
 	updateIssue   = flag.Bool("up", false, "for commit, create a CL that updates (doesn't fix) the tracking bug")
@@ -76,6 +76,10 @@
 		log.Fatal("subcommand required")
 	}
 
+	if *githubToken == "" {
+		*githubToken = os.Getenv("VULN_GITHUB_ACCESS_TOKEN")
+	}
+
 	cmd := flag.Arg(0)
 
 	// Create-excluded has no args, so it is separated form the other commands.