-
Notifications
You must be signed in to change notification settings - Fork 17.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
x/vuln/cmd/govulncheck: govulncheck should exit with failure if it finds a vulnerability #51590
Comments
Would vet approach work: 0 for no issues and no findings, 3 for no issues but some findings, and 1 for issues? |
For my immediate purposes it doesn't matter, but I could imagine some people wanting to distinguish, so it sounds reasonable. |
Change https://go.dev/cl/393415 mentions this issue: |
In the above CL, I exit with a 1 if there are vulns and 0 if not. I don't think govulncheck currently distinguishes between findings and issues. |
Updates golang/go#51590 Change-Id: Ieffa62d753c0db79ec576368822831ab76cbdc6f Reviewed-on: https://go-review.googlesource.com/c/exp/+/393415 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com>
Change https://go.dev/cl/395239 mentions this issue: |
Updates golang/go#51590 Cherry-picked: https://go-review.googlesource.com/c/exp/+/393415 Change-Id: Ieffa62d753c0db79ec576368822831ab76cbdc6f Reviewed-on: https://go-review.googlesource.com/c/vuln/+/395239 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
Note: the new version of govulncheck is now in x/vuln/cmd/govulncheck. The previous version is not supported anymore and has been deleted. |
Updates golang/go#51590 Cherry-picked: https://go-review.googlesource.com/c/exp/+/393415 Change-Id: Ieffa62d753c0db79ec576368822831ab76cbdc6f Reviewed-on: https://go-review.googlesource.com/c/vuln/+/395239 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
Updates golang/go#51590 Cherry-picked: https://go-review.googlesource.com/c/exp/+/393415 Change-Id: Ieffa62d753c0db79ec576368822831ab76cbdc6f Reviewed-on: https://go-review.googlesource.com/c/vuln/+/395239 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
Updates golang/go#51590 Cherry-picked: https://go-review.googlesource.com/c/exp/+/393415 Change-Id: Ieffa62d753c0db79ec576368822831ab76cbdc6f Reviewed-on: https://go-review.googlesource.com/c/vuln/+/395239 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
Currently, the
govulncheck
command always exits with success (0), even if it finds a vulnerability. This makes it hard to use in any automated logic.The text was updated successfully, but these errors were encountered: