Well simply speaking the govulncheck tool has adopted the OSV format which is relatively new and for quite some time, SARIF format has become the defacto standard for Security aggregators. Hence I decided to use the Go's vulncheck library to get the vulnerabilities and convert them into the SARIF format. This tool is mostly for educational purposes, as I wanted to learn about the hurdles tool adopters might have when thinking about supporting SARIF outputs.
A tool to scan for publicly known Go vulnerabilities using the Go vulnerability database
License
tjgurwara99/vulnny
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
About
A tool to scan for publicly known Go vulnerabilities using the Go vulnerability database
Resources
License
Stars
Watchers
Forks
Packages 0
No packages published