)]}' { "commit": "8621c06babd739e8bbc86efe793e38daabd20baa", "tree": "ddb46391f99c3b9748b57af084849c3ea4a516d7", "parents": [ "1f59111d4218ed75a30eb135611d7d58900e6e00" ], "author": { "name": "Jonathan Amsterdam", "email": "jba@google.com", "time": "Tue Mar 15 16:21:31 2022 -0400" }, "committer": { "name": "Jonathan Amsterdam", "email": "jba@google.com", "time": "Wed Mar 16 22:37:40 2022 +0000" }, "message": "internal/worker: scan modules for vulnerabilities\n\nThis is the first CL for a new task for the vuln worker: to scan\na selected set of modules for vulnerabilities.\n\nEstablish a new server endpoint, /scan-modules, to do that.\nCurrently visiting that endpoint scans the list of modules unconditionally.\nA future CL will skip the scan if the vuln DB hasn\u0027t changed.\n\nHardcode a list of modules in the golang.org/x namespace.\nFetch each one from the proxy, and run vulncheck on it.\n\nAt present we just log any vulnerabilities we find. Later we\u0027ll\nfile issues to a GitHub repo.\n\nLastly, change the base image for the service to one that\nhas the go toolchain, since go/packages requires it.\n\nChange-Id: I1de571d24d683b080542c5c40b55767967dbe8a5\nReviewed-on: https://go-review.googlesource.com/c/vulndb/+/393174\nTrust: Jonathan Amsterdam \u003cjba@google.com\u003e\nRun-TryBot: Jonathan Amsterdam \u003cjba@google.com\u003e\nTryBot-Result: Gopher Robot \u003cgobot@golang.org\u003e\nReviewed-by: Damien Neil \u003cdneil@google.com\u003e\n", "tree_diff": [ { "type": "modify", "old_id": "07a93083b873aa203764a785e440e292811b9c62", "old_mode": 33188, "old_path": "cmd/worker/Dockerfile", "new_id": "8632d90d6936270dfb548b68fd342ee920402f54", "new_mode": 33188, "new_path": "cmd/worker/Dockerfile" }, { "type": "modify", "old_id": "07d28072e584b225dc6e8fb29fdd737426017555", "old_mode": 33188, "old_path": "go.mod", "new_id": "8e3d688ada0cbb09effe2e6710536ec228b19a92", "new_mode": 33188, "new_path": "go.mod" }, { "type": "add", "old_id": "0000000000000000000000000000000000000000", "old_mode": 0, "old_path": "/dev/null", "new_id": "5c94bfd90895f39cf791c7dde51898daf63cee67", "new_mode": 33188, "new_path": "internal/worker/module_proxy.go" }, { "type": "add", "old_id": "0000000000000000000000000000000000000000", "old_mode": 0, "old_path": "/dev/null", "new_id": "c82050097e4db02f17749b6890a46696e1dc5d87", "new_mode": 33188, "new_path": "internal/worker/module_proxy_test.go" }, { "type": "add", "old_id": "0000000000000000000000000000000000000000", "old_mode": 0, "old_path": "/dev/null", "new_id": "b5384d49b15387f7586e8e13bb1cea3d465e9bc8", "new_mode": 33188, "new_path": "internal/worker/scan_modules.go" }, { "type": "add", "old_id": "0000000000000000000000000000000000000000", "old_mode": 0, "old_path": "/dev/null", "new_id": "9cca86c8d82147f3aa65e38855487f2c6f144d27", "new_mode": 33188, "new_path": "internal/worker/scan_modules_test.go" }, { "type": "modify", "old_id": "de5d8c83ef2c5c5a25bac2198575653c7268a816", "old_mode": 33188, "old_path": "internal/worker/server.go", "new_id": "628ac7e6d23af2f25941693db84e87a7d4eaf7a0", "new_mode": 33188, "new_path": "internal/worker/server.go" } ] }