package
0.0.0-20231024134211-210767f15cd2
Repository: https://github.com/khulnasoft-lab/go-vulndb.git
Documentation: pkg.go.dev

# README

Go Vulnerability Worker

The vuln worker triages incoming security advisories and scans selected modules for vulnerabilities.

The Go security team runs the worker on Google Cloud Platform's Cloud Run product. See the repo's terraform directory for more on the deployment setup.

The main program for the worker, in the repo's cmd/worker directory, can also be used as a command-line tool for one-off executions of some of the server's actions.

Browsing the worker

Accessing the worker server's home page from a browser requires authentication. We recommend cloud-run-proxy for painless browsing. Install it with

go install github.com/GoogleCloudPlatform/cloud-run-proxy@latest

Run it from the repo root with

./devtools/proxy_worker.sh prod

# Packages

No description provided by the author
Package store supports permanent data storage for the vuln worker.

# Functions

No description provided by the author
CreateIssues creates issues on the x/vulndb issue tracker for allReports.
No description provided by the author
No description provided by the author
ReadCVEAtPath reads file at path in commit, and JSON-decodes it into a CVE.
SetKnownModules provides a list of all known modules, so that no requests need to be made to pkg.go.dev.
TriageCVE reports whether the CVE refers to a Go module.
UpdateCVEsAtCommit performs an update on the store using the given commit.
UpdateGHSAs updates the store with the current state of GitHub's security advisories.

# Structs

CheckUpdateError is an error returned from UpdateCommit that can be avoided calling UpdateCommit with force set to true.
Config holds configuration information for the worker server.
No description provided by the author
No description provided by the author

# Type aliases

GHSAListFunc is the type of a function that lists GitHub security advisories.