cmd/vulnreport: avoid displaying access token
The help text previously included the value of VULN_GITHUB_ACCESS_TOKEN.
Change-Id: Ie65506376acb4f5d5cc36f611235714d4a13ea30
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/452755
Run-TryBot: Jonathan Amsterdam <jba@google.com>
Reviewed-by: Tatiana Bradley <tatiana@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
diff --git a/cmd/vulnreport/main.go b/cmd/vulnreport/main.go
index 36552ef..e876995 100644
--- a/cmd/vulnreport/main.go
+++ b/cmd/vulnreport/main.go
@@ -45,7 +45,7 @@
var (
localRepoPath = flag.String("local-cve-repo", "", "path to local repo, instead of cloning remote")
issueRepo = flag.String("issue-repo", "github.com/golang/vulndb", "repo to create issues in")
- githubToken = flag.String("ghtoken", os.Getenv("VULN_GITHUB_ACCESS_TOKEN"), "GitHub access token")
+ githubToken = flag.String("ghtoken", "", "GitHub access token (default: value of VULN_GITHUB_ACCESS_TOKEN)")
skipSymbols = flag.Bool("skip-symbols", false, "for lint and fix, don't load package for symbols checks")
alwaysFixGHSA = flag.Bool("always-fix-ghsa", false, "for fix, always update GHSAs")
updateIssue = flag.Bool("up", false, "for commit, create a CL that updates (doesn't fix) the tracking bug")
@@ -76,6 +76,10 @@
log.Fatal("subcommand required")
}
+ if *githubToken == "" {
+ *githubToken = os.Getenv("VULN_GITHUB_ACCESS_TOKEN")
+ }
+
cmd := flag.Arg(0)
// Create-excluded has no args, so it is separated form the other commands.