зеркало из https://github.com/golang/vulndb.git
a79df1ecd0
Add tests to check contents of the update record and for error cases. This is to prep for a change to this function's behavior. Change-Id: I9380f661725aa4a50db0691906d3d6a5a925f8d1 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/589995 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Tatiana Bradley <tatianabradley@google.com> Reviewed-by: Damien Neil <dneil@google.com> |
||
|---|---|---|
| .. | ||
| log | ||
| static | ||
| store | ||
| testdata | ||
| README.md | ||
| config.go | ||
| false_positive_records.gen.go | ||
| false_positives.go | ||
| false_positives_test.go | ||
| gen_false_positives.go | ||
| server.go | ||
| server_test.go | ||
| update.go | ||
| update_test.go | ||
| util.go | ||
| worker.go | ||
| worker_test.go | ||
README.md
Go Vulnerability Worker
The vuln worker triages incoming security advisories and scans selected modules for vulnerabilities.
The Go security team runs the worker on Google Cloud Platform's Cloud Run
product. See the repo's terraform directory for more on the deployment setup.
The main program for the worker, in the repo's cmd/worker directory, can also
be used as a command-line tool for one-off executions of some of the server's
actions.
Browsing the worker
Accessing the worker server's home page from a browser requires authentication. We recommend cloud-run-proxy for painless browsing. Install it with
go install github.com/GoogleCloudPlatform/cloud-run-proxy@latest
Run it from the repo root with
./devtools/proxy_worker.sh prod