Граф коммитов

4 Коммитов

Автор SHA1 Сообщение Дата
Tatiana Bradley f1409b0461 data: add lint check for ID and add ID to all YAML reports
Adds the ID field to all YAML reports and adds a lint check to enforce
that all reports have the correct value for the field. Also adds a
step to "vulnreport fix" to fix the ID if needed.

Change-Id: I51f4654e127528e1dbbfcb9c59da3658ad52098b
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/498281
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>
2023-05-31 21:30:23 +00:00
Maceo Thompson 881b1e909f internal/report, cmd/vulnreport, data/excluded: require excluded reports to have module information.
Modify report.Lint() so that it requires all excluded report (aside from Not Go Code) to also have module information. Also modifies createExcluded to be more robust against malformed and unreachable module paths in github issue titles.

This (in addition to go/dev/cl/446868) allows us to add some module information to every report. Ideally, this will allow us to check if anyone is importing the modules mentioned in the excluded reports for our metrics.

Change-Id: I783aea978760a70a0cccd30ad454d1fadfb85997
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/448837
Run-TryBot: Maceo Thompson <maceothompson@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tatiana Bradley <tatiana@golang.org>
2022-11-16 18:04:35 +00:00
Damien Neil c7d60a1cc5 data/excluded: regenerate all excluded reports
An earlier version of vulnreport wasn't filling in all CVE/GHSA IDs
from the GitHub issue. Regenerate to add these IDs.

Change-Id: I3e5cdb4d9acc20837c603454b72386a69a026624
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/430755
Reviewed-by: Tatiana Bradley <tatiana@golang.org>
Run-TryBot: Damien Neil <dneil@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2022-09-14 21:29:21 +00:00
Damien Neil 8075a18e06 data/excluded: create entries for excluded reports
Change-Id: I49b44a49eba4332601aaae38a2ce70ee2f9ba399
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/423494
Run-TryBot: Damien Neil <dneil@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Julie Qiu <julieqiu@google.com>
2022-08-15 21:01:21 +00:00