go-vulndb

module

v0.0.0-...-210767f Latest Latest Go to latest Published: Oct 24, 2023 License: MIT

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/khulnasoft-lab/go-vulndb

Links

Open Source Insights

README ¶

The Go Vulnerability Database

This repository contains the infrastructure and internal reports to create the Go Vulnerability Database.

Check out https://go.dev/security/vuln for more information about the Go vulnerability management system.

Reporting a vulnerability or feedback

Click here to report a public vulnerability in the Go ecosystem, or give feedback about the project.

Privacy Policy

The privacy policy for govulncheck can be found at https://vuln.go.dev/privacy.

License

Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.

Database entries are distributed under the terms of the CC-BY-4.0 license. See go.dev/security/vuln/database for information on how to access these entries.

Directories ¶

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Path	Synopsis
cmd
checkdb
checkdeploy
cve
dbdiff
gendb
indexdb
inspect
issue
modinfo
modinfo/internal/pkgsitedb
vulnreport Command vulnreport provides a tool for creating a YAML vulnerability report for x/vulndb.	Command vulnreport provides a tool for creating a YAML vulnerability report for x/vulndb.
vulnreport/internal/vulnentries
worker Command worker runs the vuln worker server.	Command worker runs the vuln worker server.
devtools
cmd/populate_firestore
internal Package internal contains functionality for x/vulndb.	Package internal contains functionality for x/vulndb.
cveclient Package cveclient implements a client for interacting with MITRE CVE Services API as described at https://cveawg.mitre.org/api-docs/openapi.json.	Package cveclient implements a client for interacting with MITRE CVE Services API as described at https://cveawg.mitre.org/api-docs/openapi.json.
cvelistrepo Package cvelistrepo supports working with the repo containing the list of CVEs.	Package cvelistrepo supports working with the repo containing the list of CVEs.
cveschema Package cveschema contains the schema for a CVE, as derived from https://github.com/CVEProject/automation-working-group/tree/master/cve_json_schema.	Package cveschema contains the schema for a CVE, as derived from https://github.com/CVEProject/automation-working-group/tree/master/cve_json_schema.
cveschema5 Package cveschema5 contains the schema for a CVE Record in CVE JSON 5.0 format.	Package cveschema5 contains the schema for a CVE Record in CVE JSON 5.0 format.
database Package database provides functionality for reading, writing, and validating Go vulnerability databases according to the v1 schema.	Package database provides functionality for reading, writing, and validating Go vulnerability databases according to the v1 schema.
database/legacydb Package legacydb provides functionality for generating, reading, writing, and validating vulnerability databases according to the legacy schema.	Package legacydb provides functionality for generating, reading, writing, and validating vulnerability databases according to the legacy schema.
derrors Package derrors defines internal error values to categorize the different types error semantics supported by x/vulndb.	Package derrors defines internal error values to categorize the different types error semantics supported by x/vulndb.
genericosv Package genericosv provides utilities for working with generic OSV structs (not specialized for Go).	Package genericosv provides utilities for working with generic OSV structs (not specialized for Go).
ghsa Package ghsa supports GitHub security advisories.	Package ghsa supports GitHub security advisories.
ghsarepo Package ghsarepo provides a client and utilities for reading GitHub security advisories directly from the Git repo https://github.com/github/advisory-database.	Package ghsarepo provides a client and utilities for reading GitHub security advisories directly from the Git repo https://github.com/github/advisory-database.
gitrepo Package gitrepo provides operations on git repos.	Package gitrepo provides operations on git repos.
issues Package issues provides a general way to interact with issues, and a client for interacting with the GitHub issues API.	Package issues provides a general way to interact with issues, and a client for interacting with the GitHub issues API.
issues/githubtest Package githubtest provides a test client and server for testing the GitHub API client.	Package githubtest provides a test client and server for testing the GitHub API client.
observe Package observe provides metric and tracing support for Go servers.	Package observe provides metric and tracing support for Go servers.
osv Package osv implements the Go OSV vulnerability format (https://go.dev/security/vuln/database#schema), which is a subset of the OSV shared vulnerability format (https://ossf.github.io/osv-schema), with database and ecosystem-specific meanings and fields.	Package osv implements the Go OSV vulnerability format (https://go.dev/security/vuln/database#schema), which is a subset of the OSV shared vulnerability format (https://ossf.github.io/osv-schema), with database and ecosystem-specific meanings and fields.
osvutils Package osvutils provides utilities for working with Go OSV entries.	Package osvutils provides utilities for working with Go OSV entries.
palmapi Package palmapi provides a client and utilities for interacting with the PaLM API (https://developers.generativeai.google/guide/palm_api_overview).	Package palmapi provides a client and utilities for interacting with the PaLM API (https://developers.generativeai.google/guide/palm_api_overview).
palmapi/gen_examples Command gen_examples generates and stores examples that can be used to create prompts / training inputs for the PaLM API.	Command gen_examples generates and stores examples that can be used to create prompts / training inputs for the PaLM API.
proxy Package proxy provides a client and utilities for accessing the Go module proxy.	Package proxy provides a client and utilities for accessing the Go module proxy.
report Package report contains functionality for parsing and linting YAML reports in reports/.	Package report contains functionality for parsing and linting YAML reports in reports/.
stdlib Package stdlib contains functionality relevant to the Go Standard Library.	Package stdlib contains functionality relevant to the Go Standard Library.
test
version
worker
worker/log
worker/store Package store supports permanent data storage for the vuln worker.	Package store supports permanent data storage for the vuln worker.
vuln module