internal/worker: store package and reason in CVERecord

TriageCVE sometimes returns a packagePath and reasons in the
triageResult. Store this information in the CVE Record.

Change-Id: Ica027c5bbb7d8cf160ff67c9f35c889dc6bb661e
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/376475
Trust: Julie Qiu <julie@golang.org>
Run-TryBot: Julie Qiu <julie@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>
3 files changed
tree: 21319882fc84fee059b4c4973f2cee29caae19a4
  1. .github/
  2. cmd/
  3. deploy/
  4. devtools/
  5. doc/
  6. internal/
  7. reports/
  8. terraform/
  9. .gitignore
  10. all_test.go
  11. AUTHORS
  12. checks.bash
  13. CONTRIBUTING.md
  14. CONTRIBUTORS
  15. go.mod
  16. go.sum
  17. LICENSE
  18. PATENTS
  19. README.md
  20. tools_test.go
README.md

The Go Vulnerability Database

This repository contains the reports for the Go Vulnerability Database.

If you are interested accessing data from the Go Vulnerability Database, see x/vuln for information. This repository is only used for adding new vulnerabilities.

Reporting a vulnerability

We are not accepting new vulnerability reports at this time. We will update this README.md once we are ready to receive reports.

License

Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.

Database entries are distributed under the terms of the CC-BY 4.0 license. See x/vuln for information on how to access these entries.