Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

proposal: include metadata about modules in binaries #28784

Closed
tsaarni opened this issue Nov 13, 2018 · 1 comment

Comments

@tsaarni
Copy link

@tsaarni tsaarni commented Nov 13, 2018

There are many scanners for finding known vulnerabilities (CVEs). Typical scanner could be based on e.g. RPM index.

CVEs are reported also about go modules (see example here) but due to static linking it is difficult to recognize if a given binary has known vulnerability.

Go compiler could augment the binaries with metadata about included modules and their versions.
Implementers of vulnerability scanners could leverage this metadata for introducing support for go binary scanning.

@gopherbot gopherbot added this to the Proposal milestone Nov 13, 2018
@gopherbot gopherbot added the Proposal label Nov 13, 2018
@myitcv

This comment has been minimized.

Copy link
Member

@myitcv myitcv commented Nov 13, 2018

@myitcv myitcv closed this Nov 13, 2018
@golang golang locked and limited conversation to collaborators Nov 13, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
3 participants
You can’t perform that action at this time.