This release fixes some minor govulncheck bugs (#70157) and introduces performance improvements, saving up to 15% of execution time for large programs in our experiments.
Govulncheck now emits an SBOM message in the JSON output, containing minimal information about the artifacts being scanned. This information is used to communicate a more informative progress message in the textual -show verbose mode.
This release also brings a new feature when scanning binaries. Govulncheck now also checks for known vulnerabilities in the main module of the binary, in addition to transitive dependencies. This is useful when, say, one downloads and wants to check a binary developed in a third-party module that might have its own vulnerabilities.