You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Go will soon release a feature where versions of the main module and dependencies built from an untagged or dirty commit produce a valid Go version. Before, those versions were (devel). The new change is already at go tip, making some of the tests fail that expect (devel) version. We currently mask the dirty versions with (devel) too, but when all builders' go versions have this feature, we should just use the actual version.
The text was updated successfully, but these errors were encountered:
zpavlinovic
changed the title
x/vuln/cmd/govulncheck: unmask version of dependencies in SBOM
x/vuln/cmd/govulncheck: unmask module versions in SBOM
Nov 22, 2024
zpavlinovic
changed the title
x/vuln/cmd/govulncheck: unmask module versions in SBOM
x/vuln/cmd/govulncheck: unmask module versions in SBOM testdata
Nov 22, 2024
Using +dirty to match binary versions produced by new go build stamping
feature is not sufficient. In general, the build version will depend on
the git state and the vuln repo version. We hence only emit sbom
messages for the prebuild binaries.
Updates golang/go#70523
Change-Id: Id55307b4cef2af3f4ff4685bb34f001554fa4dd4
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/632155
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Ian Cottrell <iancottrell@google.com>
Go will soon release a feature where versions of the main module and dependencies built from an untagged or dirty commit produce a valid Go version. Before, those versions were
(devel)
. The new change is already at go tip, making some of the tests fail that expect(devel)
version. We currently mask the dirty versions with(devel)
too, but when all builders' go versions have this feature, we should just use the actual version.The text was updated successfully, but these errors were encountered: