Skip to content

x/vuln: output only vulnerabilities with used code #64556

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
audunmo opened this issue Dec 5, 2023 · 2 comments
Closed

x/vuln: output only vulnerabilities with used code #64556

audunmo opened this issue Dec 5, 2023 · 2 comments
Labels
FrozenDueToAge vulncheck or vulndb Issues for the x/vuln or x/vulndb repo WaitingForInfo Issue is not actionable because of missing required information, which needs to be provided.
Milestone
vuln/unplanned

Comments

@audunmo
Copy link

audunmo commented Dec 5, 2023
edited
Loading

Would be great to have a on output option which only prints the vulnerabilities that are in use, as in dropping the informational dependencies, in particular for the JSON output. This will allow for further automation, to dismiss the vulnerabilities where exposed code isn't in use.

Something like govulncheck -exposed-code ./...
@gopherbot gopherbot added the vulncheck or vulndb Issues for the x/vuln or x/vulndb repo label Dec 5, 2023
@gopherbot gopherbot modified the milestones: Unreleased, vuln/unplanned Dec 5, 2023
@seankhliao
Copy link
Member

isn't this already how it works?

@bcmills bcmills added the WaitingForInfo Issue is not actionable because of missing required information, which needs to be provided. label Dec 5, 2023
@gopherbot
Copy link
Contributor

Timed out in state WaitingForInfo. Closing.

(I am just a bot, though. Please speak up if this is a mistake or you have the requested information.)

@gopherbot gopherbot closed this as not planned Won't fix, can't repro, duplicate, stale Jan 5, 2024
@golang golang locked and limited conversation to collaborators Jan 4, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge vulncheck or vulndb Issues for the x/vuln or x/vulndb repo WaitingForInfo Issue is not actionable because of missing required information, which needs to be provided.
Projects
None yet
Milestone
vuln/unplanned
Development

No branches or pull requests
4 participants
@bcmills @audunmo @gopherbot @seankhliao