Tags: golang/vuln
Tags
cmd/govulncheck: fix exit code propagation for wrapped scan errors Previously, exit codes were masked improperly. Ensure that the original error codes are propagated. Fixes golang/go#78694 Cq-Include-Trybots: luci.golang.try:x_vuln-gotip-linux-amd64-longtest Change-Id: Id94878d231272a9a37817ece747692a1ad539cc6 Reviewed-on: https://go-review.googlesource.com/c/vuln/+/786440 Auto-Submit: Ethan Lee <ethanalee@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
go.mod: update golang.org/x dependencies Update golang.org/x dependencies to their latest tagged versions. Change-Id: I9dd9e27e85ad5a27c61bc13940f3cf20f2dc3c8b Reviewed-on: https://go-review.googlesource.com/c/vuln/+/769900 Reviewed-by: Hyang-Ah Hana Kim <hyangah@gmail.com> Auto-Submit: Gopher Robot <gobot@golang.org> LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Roland Shoemaker <roland@golang.org>
go.mod: update golang.org/x dependencies Update golang.org/x dependencies to their latest tagged versions. Change-Id: Icc6dd9750a9b5fabba1977e9921171fd2ea1a63b Reviewed-on: https://go-review.googlesource.com/c/vuln/+/764903 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: David Chase <drchase@google.com> Auto-Submit: Gopher Robot <gobot@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
go.mod: update golang.org/x dependencies Update golang.org/x dependencies to their latest tagged versions. Change-Id: Id2855137e0a9d4f22587cbae94f238a5fa37d14b Reviewed-on: https://go-review.googlesource.com/c/vuln/+/640696 Auto-Submit: Gopher Robot <gobot@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: David Chase <drchase@google.com>
internal/openvex: update handler test Updates handler tests to have more accurate package paths. This doesn't affect anything right now, but will be relevant for future features/testing. Change-Id: Ia72c749cdaf263d2a425f349f72630cda576b5f0 Reviewed-on: https://go-review.googlesource.com/c/vuln/+/598593 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com>
internal/osv: add review status Ecosystem metrics cannot pick up REVIEWED vs UNREVIWED unless govulncheck produces it. Change-Id: Ia6ea1ef7cf681ac51e18dd32748dc658a72ebad9 Reviewed-on: https://go-review.googlesource.com/c/vuln/+/591055 Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com>
all: remove unit tests for staticcheck, unparam, and spellcheck Those should not be unit tests and, more importantly, they should not be running on builders. Change-Id: I70504fedce3bad17ac408dc6f208d61fb7bd6071 Reviewed-on: https://go-review.googlesource.com/c/vuln/+/587097 TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Ian Cottrell <iancottrell@google.com> Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
internal/openvex: add vex types updates golang/go#62486 Change-Id: I550ca00f1209e21ee3fef91128d0522494b9d994 Reviewed-on: https://go-review.googlesource.com/c/vuln/+/575857 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com>
cmd/govulncheck: mask line numbers and columns These can in principle change for stdlib. Although we always pretend we are running against go1.18, the actual stdlib underneath can be different. This could result in different line numbers and columns. There currently does not exist a clean way of masking line position for stdlib paths, so we mask everything with placeholders. Change-Id: I08628acbf10aa3f36b969bac5745ae3b4d52f284 Reviewed-on: https://go-review.googlesource.com/c/vuln/+/562215 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Maceo Thompson <maceothompson@google.com> Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com>
internal/scan: add binary extract mode The extract mode spits out a json blob representing the minimal representation of a Go binary needed for govulncheck vulnerability detection. binary mode accepts both a Go binary and this representation as an input. The contents of extract should be regarded as a blob. The users of this flag should not rely on its representation. It might change in the future. Change-Id: I81027062d34609fed7541ad2092d4cbe5df0d118 Reviewed-on: https://go-review.googlesource.com/c/vuln/+/542035 Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Ian Cottrell <iancottrell@google.com> Reviewed-by: Maceo Thompson <maceothompson@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
PreviousNext