Package client provides an interface for accessing vulnerability databases, via either HTTP or local filesystem access.

Package derrors defines internal error values to categorize the different types error semantics supported by x/vuln.

Package gosym implements access to the Go symbol and line number tables embedded in Go binaries generated by the gc compilers.

Package goversion reports the Go version used to build program executables.

Package govulncheck contains the JSON output structs for govulncheck.

Package vex defines the Vulnerability EXchange Format (VEX) types supported by govulncheck.

Package osv implements the Go OSV vulnerability format (https://go.dev/security/vuln/database#schema), which is a subset of the OSV shared vulnerability format (https://ossf.github.io/osv-schema), with database and ecosystem-specific meanings and fields.

Package sarif defines Static Analysis Results Interchange Format (SARIF) types supported by govulncheck.

Copyright 2022 The Go Authors.

Package semver provides shared utilities for manipulating Go semantic versions.

Package vulncheck detects uses of known vulnerabilities in Go programs.

GoCmdModulePath is the internal Go module path string used when listing vulnerabilities in the go command.

GoStdModulePath is the internal Go module path string used when listing vulnerabilities in standard library.

IDDirectory is the name of the directory that contains entries listed by their IDs.

UnknownModulePath is a special module path for when we cannot work out the module for a package.

UnknownPackagePath is a special package path for when we cannot work out the packagUnknownModulePath = "unknown".