Overview Repositories Revisions Requests Users Attributes Meta

govulncheck

Edit Package govulncheck
https://github.com/golang/vuln

govulncheck is a CLI tool to report known vulnerabilities that affect Go code. It uses static analysis of source code or a binary's symbol table to narrow down reports to only those that could affect the application.

By default, govulncheck makes requests to the Go vulnerability database at https://vuln.go.dev. Requests to the vulnerability database contain only module paths, not code or other properties of your program. See https://vuln.go.dev/privacy.html for more. Use the -db flag to specify a different database, which must implement the specification at https://go.dev/security/vuln/database.

  • Developed at devel:languages:go
  • Sources inherited from project openSUSE:Factory
  • 2 derived packages
  • Download package
  • osc -A https://api.opensuse.org checkout openSUSE:Factory:Rebuild/govulncheck && cd $_
  • Create Badge
Refresh
Refresh
Source Files
Filename Size Changed
_service 0000000711 711 Bytes
_servicedata 0000000232 232 Bytes
govulncheck-1.1.2.tar.gz 0001917468 1.83 MB
govulncheck.changes 0000011228 11 KB
govulncheck.spec 0000002004 1.96 KB
vendor.tar.gz 0000841009 821 KB
Revision 8 (latest revision is 10)
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1179096 from Jeff Kowalczyk's avatar Jeff Kowalczyk (jfkw) (revision 8) 
- Update to version 1.1.2:
  * internal/osv: add review status
  * vulncheck: update documentation for vex
  * cmd/govulncheck/integration/stackrox-scanner: update expectations
  * cmd/govulncheck/integration/k8s: update expectations
  * internal/govulncheck: add more comments for emitted OSVs
  * go.mod: update golang.org/x dependencies
  * internal/scan: increase telemetry counter for show flag
  * internal/scan: add format and scan level telemetry
  * internal/cmd/govulncheck: remove unnecessary binary dependency
  * cmd/govulncheck/integration: update go in integration tests
  * internal/openvex: add hash for doc ID
  * internal/openvex: add statements to handler
  * internal/openvex: add handler
  * all: remove test that runs govulncheck on govulncheck
  * internal/sarif: fix a typo
  * internal/scan: limit number of binary traces shown
  * cmd/govulncheck: record scan mode telemetry (forwarded request 1179095 from jfkw)
Comments 0
openSUSE Build Service is sponsored by
Places