Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/vuln/cmd/govulncheck: add module info to paths in text traces #69490

Closed
zpavlinovic opened this issue Sep 16, 2024 · 1 comment
Closed

x/vuln/cmd/govulncheck: add module info to paths in text traces #69490

zpavlinovic opened this issue Sep 16, 2024 · 1 comment
Assignees
@zpavlinovic
Labels
vulncheck or vulndb Issues for the x/vuln or x/vulndb repo
Milestone
vuln/unplanned

Comments

@zpavlinovic
Copy link
Contributor

govulncheck version

Go: go1.23.0
Scanner: [email protected]

Does this issue reproduce at the latest version of golang.org/x/vuln?

yes

Output of go env in your module/workspace:

Does not matter.

What did you do?

Run govulncheck -show trace on any module that has some symbol-level vulnerabilities.

What did you see happen?

Paths in traces do not contain any module info, which can be confusing.

src/sync/once.go:67:11: ...
pkg/store/cache/caching_bucket_test.go:442:12: ...

What did you expect to see?

Show the last segment of the module name, for example:

[email protected]/src/sync/once.go:67:11: ...
[email protected]/pkg/store/cache/caching_bucket_test.go:442:12: ...
@zpavlinovic zpavlinovic added the vulncheck or vulndb Issues for the x/vuln or x/vulndb repo label Sep 16, 2024
@zpavlinovic zpavlinovic self-assigned this Sep 16, 2024
@gopherbot gopherbot modified the milestones: Unreleased, vuln/unplanned Sep 16, 2024
@zpavlinovic zpavlinovic mentioned this issue Sep 16, 2024
Closed
@gopherbot
Copy link
Contributor

Change https://go.dev/cl/614135 mentions this issue: internal/scan: add module info to symbol paths in traces mode

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zpavlinovic zpavlinovic

Labels
vulncheck or vulndb Issues for the x/vuln or x/vulndb repo
Projects
None yet
Milestone
vuln/unplanned
Development

No branches or pull requests
2 participants
@zpavlinovic @gopherbot