govulncheck
https://github.com/golang/vuln
govulncheck is a CLI tool to report known vulnerabilities that affect Go code. It uses static analysis of source code or a binary's symbol table to narrow down reports to only those that could affect the application.
By default, govulncheck makes requests to the Go vulnerability database at https://vuln.go.dev. Requests to the vulnerability database contain only module paths, not code or other properties of your program. See https://vuln.go.dev/privacy.html for more. Use the -db flag to specify a different database, which must implement the specification at https://go.dev/security/vuln/database.
- Developed at devel:languages:go
- Sources inherited from project openSUSE:Factory
-
2
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout home:seife:Factory/govulncheck && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
_service | 0000000711 711 Bytes | |
_servicedata | 0000000232 232 Bytes | |
govulncheck-1.0.1.tar.gz | 0000277786 271 KB | |
govulncheck.changes | 0000001341 1.31 KB | |
govulncheck.spec | 0000002004 1.96 KB | |
vendor.tar.gz | 0000434722 425 KB |
Revision 3 (latest revision is 7)
Ana Guerrero (anag+factory)
accepted
request 1113319
from
Jeff Kowalczyk (jfkw)
(revision 3)
- Update to version 1.0.1: * all: go get golang.org/x/tools@74c255b * internal/scan: change the way convert mode works * internal/scan: add -version flag * internal/vulncheck/internal/gosym: fix typo * internal/gosym: update binary mode version parsing * internal/scan: refactor to remove redundant code * vulncheck/internal/gosym: add support for go versions > 1.20 * internal/vulncheck/internal/buildinfo: skip failing tests * cmd/govulncheck: skip TestCommand in short mode - _service add setversion to automatically update spec Version (forwarded request 1113318 from jfkw)
Comments 0