Google Git
Sign in
go / vulndb / cb65fb4068c7fb5551c3b6912c63938630895625
commitcb65fb4068c7fb5551c3b6912c63938630895625[log] [tgz]
authorJonathan Amsterdam <jba@google.com>Tue Mar 01 09:29:12 2022 -0500
committerJonathan Amsterdam <jba@google.com>Tue Mar 01 21:32:01 2022 +0000
treef375cf349203a6d8b7fc023e7e9bcbbf7544e49d
parent074a259630c2e9e38e88a7642cf8fd1b3f98d188 [diff]
internal/ghsa: support getting a nicer ID

The GitHub Security Advisory API uses some sort of internal uid for
the SecurityAdvisory.ID field. The nicer, human-readable ID is in the
Identifiers field, with type GHSA. Add code to extract that nicer ID,
falling back to the internal one.

Change-Id: I6a4bc55bde3b84ce7db2a4e3bc68ad19b1ef3bd6
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/388675
Trust: Jonathan Amsterdam <jba@google.com>
Run-TryBot: Jonathan Amsterdam <jba@google.com>
Reviewed-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
2 files changed
tree: f375cf349203a6d8b7fc023e7e9bcbbf7544e49d
  1. .github/
  2. cmd/
  3. deploy/
  4. devtools/
  5. doc/
  6. internal/
  7. reports/
  8. terraform/
  9. .gitignore
  10. all_test.go
  11. AUTHORS
  12. checks.bash
  13. CONTRIBUTING.md
  14. CONTRIBUTORS
  15. go.mod
  16. go.sum
  17. LICENSE
  18. PATENTS
  19. README.md
  20. tools_test.go
README.md

The Go Vulnerability Database

This repository contains the reports for the Go Vulnerability Database.

If you are interested accessing data from the Go Vulnerability Database, see x/vuln for information. This repository is only used for adding new vulnerabilities.

Reporting a vulnerability

We are not accepting new vulnerability reports at this time. We will update this README.md once we are ready to receive reports.

License

Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.

Database entries are distributed under the terms of the CC-BY 4.0 license. See x/vuln for information on how to access these entries.