x/vuln/client: pseudo-module paths (stdlib, toolchain) need documentation #55875
Labels
Documentation
Issues describing a change to documentation.
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
vulncheck or vulndb
Issues for the x/vuln or x/vulndb repo
Milestone
The client API has hidden assumptions about the special module names used to retrieve vulnerabilities in Go standard libraries and tool chains. https://github.com/golang/vuln/blob/cbe0a6944b8b222c8d3af76d422695d0d486627b/client/client.go#L301-L308
They need to be documented.
BTW I found the use of
stdlib
andtoolchain
is not very intuitive.std
in go source https://go.googlesource.com/go/+/refs/heads/master/src/go.mod#1(and
cmd
for tools in src/cmd directory)std
for vulnerabilities in standard libs. https://github.com/golang/vulndb/blob/00e94d784786f9fbf3b6c7f3c7e3b45f97d1f288/data/reports/GO-2021-0317.yaml#L2The text was updated successfully, but these errors were encountered: