{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":423907006,"defaultBranch":"master","name":"vuln","ownerLogin":"golang","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2021-11-02T15:53:16.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/4314092?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1717689729.0","currentOid":""},"activityList":{"items":[{"before":"29462d73a2bf15636e29dc1e570ea0caa38dd5d5","after":"3740f5cb12a3f93b18dbe200c4bcb6256f8586e2","ref":"refs/heads/master","pushedAt":"2024-06-06T14:46:57.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/osv: add review status\n\nEcosystem metrics cannot pick up REVIEWED vs UNREVIWED unless\ngovulncheck produces it.\n\nChange-Id: Ia6ea1ef7cf681ac51e18dd32748dc658a72ebad9\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/591055\nReviewed-by: Tatiana Bradley \nTryBot-Result: Gopher Robot \nLUCI-TryBot-Result: Go LUCI \nRun-TryBot: Zvonimir Pavlinovic ","shortMessageHtmlLink":"internal/osv: add review status"}},{"before":"2736e1dc19ec039536007b7b7ab2cf1bd93052f6","after":"29462d73a2bf15636e29dc1e570ea0caa38dd5d5","ref":"refs/heads/master","pushedAt":"2024-06-05T20:36:05.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"vulncheck: update documentation for vex\n\nAdds documentation/updates some tests & comments to reflect the\nintroduction of the openVEX standard as a valid output format for\ngovulncheck.\n\nfixes golang/go#62486\n\nChange-Id: I88c6fc830439606441bb1855ba8b36642007738c\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/590575\nReviewed-by: Zvonimir Pavlinovic \nCommit-Queue: Maceo Thompson \nLUCI-TryBot-Result: Go LUCI ","shortMessageHtmlLink":"vulncheck: update documentation for vex"}},{"before":"65c6e2bf78af59b4e3eeb15616d10d2d93976c30","after":"2736e1dc19ec039536007b7b7ab2cf1bd93052f6","ref":"refs/heads/master","pushedAt":"2024-06-05T19:01:24.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"cmd/govulncheck/integration/stackrox-scanner: update expectations\n\nDue to a new addition of unreviewed reports.\n\nChange-Id: I4bbecf7bb600944cdec0fe61fce13372e6450f00\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/590636\nAuto-Submit: Zvonimir Pavlinovic \nReviewed-by: Maceo Thompson \nTryBot-Result: Gopher Robot \nRun-TryBot: Zvonimir Pavlinovic \nLUCI-TryBot-Result: Go LUCI ","shortMessageHtmlLink":"cmd/govulncheck/integration/stackrox-scanner: update expectations"}},{"before":"03e66a609a8e11ea10203ac2bb74977292163cf5","after":"65c6e2bf78af59b4e3eeb15616d10d2d93976c30","ref":"refs/heads/master","pushedAt":"2024-06-05T17:05:52.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"cmd/govulncheck/integration/k8s: update expectations\n\nDue to new entries in the db.\n\nChange-Id: I911bd9308fbae679a9c210e7a5f950a022087b65\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/590555\nAuto-Submit: Zvonimir Pavlinovic \nReviewed-by: Maceo Thompson \nRun-TryBot: Zvonimir Pavlinovic \nTryBot-Result: Gopher Robot \nLUCI-TryBot-Result: Go LUCI ","shortMessageHtmlLink":"cmd/govulncheck/integration/k8s: update expectations"}},{"before":"f30059cfb245502cc453bb54905db2f0b77492ef","after":"03e66a609a8e11ea10203ac2bb74977292163cf5","ref":"refs/heads/master","pushedAt":"2024-06-05T13:33:01.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/govulncheck: add more comments for emitted OSVs\n\nChange-Id: I268971d26368476c4eda5da032fdf56e5698042f\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/590515\nTryBot-Result: Gopher Robot \nLUCI-TryBot-Result: Go LUCI \nRun-TryBot: Zvonimir Pavlinovic \nReviewed-by: Maceo Thompson ","shortMessageHtmlLink":"internal/govulncheck: add more comments for emitted OSVs"}},{"before":"84735a3ac315d2ef79d1f31d1298d6b8dc9a9a8d","after":"f30059cfb245502cc453bb54905db2f0b77492ef","ref":"refs/heads/master","pushedAt":"2024-06-04T20:21:09.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"go.mod: update golang.org/x dependencies\n\nUpdate golang.org/x dependencies to their latest tagged versions.\n\nChange-Id: I4f364eef1535c02c9fe5c84e199eb45d823e3e29\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/590456\nReviewed-by: Than McIntosh \nAuto-Submit: Gopher Robot \nLUCI-TryBot-Result: Go LUCI \nReviewed-by: Dmitri Shuralyov ","shortMessageHtmlLink":"go.mod: update golang.org/x dependencies"}},{"before":"fb2a687c05601167d07f68c59e685fc7371bc176","after":"84735a3ac315d2ef79d1f31d1298d6b8dc9a9a8d","ref":"refs/heads/master","pushedAt":"2024-06-04T18:32:26.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/scan: increase telemetry counter for show flag\n\nChange-Id: I9bb24cb7943f8a6abd8a4c7128bfc1560b97f466\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/589415\nLUCI-TryBot-Result: Go LUCI \nReviewed-by: Maceo Thompson \nRun-TryBot: Zvonimir Pavlinovic \nTryBot-Result: Gopher Robot ","shortMessageHtmlLink":"internal/scan: increase telemetry counter for show flag"}},{"before":"f5e77b81ae7d803dfe37b80b919ebe9269cc0141","after":"fb2a687c05601167d07f68c59e685fc7371bc176","ref":"refs/heads/master","pushedAt":"2024-06-04T18:31:16.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/scan: add format and scan level telemetry\n\nChange-Id: I9564ea12001d0ae4c173e051394dee3c12f459f1\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/589395\nTryBot-Result: Gopher Robot \nLUCI-TryBot-Result: Go LUCI \nReviewed-by: Maceo Thompson \nRun-TryBot: Zvonimir Pavlinovic ","shortMessageHtmlLink":"internal/scan: add format and scan level telemetry"}},{"before":"1201340bf0daba4b0f59a0118ecd04144ad1ffa6","after":"f5e77b81ae7d803dfe37b80b919ebe9269cc0141","ref":"refs/heads/master","pushedAt":"2024-06-04T15:12:11.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/cmd/govulncheck: remove unnecessary binary dependency\n\nThis is simply not needed anymore.\n\nChange-Id: I02cf1459f060ce8522655107c641e7c3f972e231\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/590015\nRun-TryBot: Zvonimir Pavlinovic \nTryBot-Result: Gopher Robot \nLUCI-TryBot-Result: Go LUCI \nReviewed-by: Maceo Thompson ","shortMessageHtmlLink":"internal/cmd/govulncheck: remove unnecessary binary dependency"}},{"before":"ce0605bc84d98f89385c54ce5b0712dfb1f7e0b6","after":"1201340bf0daba4b0f59a0118ecd04144ad1ffa6","ref":"refs/heads/master","pushedAt":"2024-06-04T15:12:04.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"cmd/govulncheck/integration: update go in integration tests\n\nChange-Id: Ie85bcb40d8277b9e91bf08fe2b5d126350f4b76b\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/589915\nTryBot-Result: Gopher Robot \nRun-TryBot: Zvonimir Pavlinovic \nLUCI-TryBot-Result: Go LUCI \nReviewed-by: Maceo Thompson ","shortMessageHtmlLink":"cmd/govulncheck/integration: update go in integration tests"}},{"before":"745db65f35062023c5994fceb1931ef839777007","after":"ce0605bc84d98f89385c54ce5b0712dfb1f7e0b6","ref":"refs/heads/master","pushedAt":"2024-06-03T16:25:50.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/openvex: add hash for doc ID\n\nupdates golang/go#62486\n\nChange-Id: I741ee275288b978becb46d5072ae22857152f2b6\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/575860\nLUCI-TryBot-Result: Go LUCI \nReviewed-by: Zvonimir Pavlinovic ","shortMessageHtmlLink":"internal/openvex: add hash for doc ID"}},{"before":"ad5a6f82ec98d81af81c6c4ca5aa64a44d0959f4","after":"745db65f35062023c5994fceb1931ef839777007","ref":"refs/heads/master","pushedAt":"2024-06-03T16:25:43.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/openvex: add statements to handler\n\nChange-Id: I1b1b7c9dff24fab589d83c38f1dd0dab4f5322d6\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/575859\nReviewed-by: Zvonimir Pavlinovic \nLUCI-TryBot-Result: Go LUCI ","shortMessageHtmlLink":"internal/openvex: add statements to handler"}},{"before":"b6af8187a6daad754999d0867c631c76dd52cfb8","after":"ad5a6f82ec98d81af81c6c4ca5aa64a44d0959f4","ref":"refs/heads/master","pushedAt":"2024-06-03T16:25:32.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/openvex: add handler\n\nupdates golang/go#62486\n\nChange-Id: Ib1cd9281cf33fb84a8a3c0f3e7523cfb8d93e677\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/575858\nReviewed-by: Zvonimir Pavlinovic \nLUCI-TryBot-Result: Go LUCI ","shortMessageHtmlLink":"internal/openvex: add handler"}},{"before":"c68e251f9d2951481189878b0cdd4aafe03683be","after":"b6af8187a6daad754999d0867c631c76dd52cfb8","ref":"refs/heads/master","pushedAt":"2024-06-03T16:06:31.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"all: remove test that runs govulncheck on govulncheck\n\nThe only interesting vulnerabilities this test can find are stdlib ones.\nWe cannot really do much about those. On the other hand, whoever is\ndeveloping this module on a go version that is not the latest patch or\ntop will see a failure. This is annoying so we remove the test.\n\nChange-Id: I3236393354565eb9d682075948330b0612434606\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/589235\nReviewed-by: Maceo Thompson \nLUCI-TryBot-Result: Go LUCI ","shortMessageHtmlLink":"all: remove test that runs govulncheck on govulncheck"}},{"before":"9c23f018709359982e29af8eaa693f0f4f6b80e5","after":"c68e251f9d2951481189878b0cdd4aafe03683be","ref":"refs/heads/master","pushedAt":"2024-06-03T15:57:15.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/sarif: fix a typo\n\nChange-Id: I19ebf57adbd63e65a0eca160bcc06e91b76b5f6e\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/589435\nLUCI-TryBot-Result: Go LUCI \nTryBot-Result: Gopher Robot \nRun-TryBot: Zvonimir Pavlinovic \nReviewed-by: Maceo Thompson ","shortMessageHtmlLink":"internal/sarif: fix a typo"}},{"before":"c6f848552abbf1b592d566d225e207ed20cf2bc2","after":"9c23f018709359982e29af8eaa693f0f4f6b80e5","ref":"refs/heads/master","pushedAt":"2024-05-29T16:23:17.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/scan: limit number of binary traces shown\n\nTraces, e.g., symbols in binary mode are not as useful as they are in the\nsource mode. Users cannot directly act on the binary using this info.\nGiven potential future reports for vulnerabilities in the main module of\nbinaries, which won't have symbol info, and current precision levels for\nstripped binaries, there can be many traces shown. This can spam the\nuser without providing really useful information.\n\nWe hence limit the number of traces shown and provide annotation\ninstructing users on how to retrieve the remaining traces.\n\nChange-Id: Ib58b6d29df8a7b9cce5e16173db036f0183f2b85\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/587996\nRun-TryBot: Zvonimir Pavlinovic \nLUCI-TryBot-Result: Go LUCI \nTryBot-Result: Gopher Robot \nReviewed-by: Maceo Thompson ","shortMessageHtmlLink":"internal/scan: limit number of binary traces shown"}},{"before":"486fd2384a39a632a0e5b003e1840d49d1db7e86","after":"c6f848552abbf1b592d566d225e207ed20cf2bc2","ref":"refs/heads/master","pushedAt":"2024-05-24T19:44:39.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"cmd/govulncheck: record scan mode telemetry\n\nAdd the new `govulncheck/mode:{source,binary,convert,query,extract}` counter,\nand collect the crash report `crash/crash`.\n\nChange-Id: I53dfa5640bc38ae2a0d55302a3bd637c57a984e9\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/588255\nLUCI-TryBot-Result: Go LUCI \nReviewed-by: Zvonimir Pavlinovic ","shortMessageHtmlLink":"cmd/govulncheck: record scan mode telemetry"}},{"before":"6b0fd5601b4a69285e464ec05957800bf63e4d0e","after":"486fd2384a39a632a0e5b003e1840d49d1db7e86","ref":"refs/heads/master","pushedAt":"2024-05-21T21:23:13.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"all: remove unit tests for staticcheck, unparam, and spellcheck\n\nThose should not be unit tests and, more importantly, they should not be\nrunning on builders.\n\nChange-Id: I70504fedce3bad17ac408dc6f208d61fb7bd6071\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/587097\nTryBot-Result: Gopher Robot \nReviewed-by: Ian Cottrell \nRun-TryBot: Zvonimir Pavlinovic \nLUCI-TryBot-Result: Go LUCI ","shortMessageHtmlLink":"all: remove unit tests for staticcheck, unparam, and spellcheck"}},{"before":"7b455eea68df4fad0d78f08d7811f818426afc30","after":"6b0fd5601b4a69285e464ec05957800bf63e4d0e","ref":"refs/heads/master","pushedAt":"2024-05-21T21:02:17.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/sarif,cmd/govulncheck: publicize sarif\n\nAlso, add and improve documentation.\n\nFixes golang/go#61347\n\nChange-Id: Ia631615b40b9d23be6efa615b573be6c465fa36b\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/580955\nLUCI-TryBot-Result: Go LUCI \nTryBot-Result: Gopher Robot \nReviewed-by: Ian Cottrell \nRun-TryBot: Zvonimir Pavlinovic ","shortMessageHtmlLink":"internal/sarif,cmd/govulncheck: publicize sarif"}},{"before":"7ed0faae83da959585ab1226aedda8b2e1eff849","after":"7b455eea68df4fad0d78f08d7811f818426afc30","ref":"refs/heads/master","pushedAt":"2024-05-15T19:10:44.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/vulncheck: load source code for scan symbol mode only\n\nFor package and module scan mode, loading code is not needed and it just\ntakes longer. With this CL, the loading for these mode drops down by\n~40%.\n\nChange-Id: Ibdaa98c50e3e90ba1696d8b9706589ff4c279e17\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/585335\nLUCI-TryBot-Result: Go LUCI \nReviewed-by: Ian Cottrell \nRun-TryBot: Zvonimir Pavlinovic \nTryBot-Result: Gopher Robot ","shortMessageHtmlLink":"internal/vulncheck: load source code for scan symbol mode only"}},{"before":"122c809ebf2367fd3394cfcc7d9459ce708052c9","after":"7ed0faae83da959585ab1226aedda8b2e1eff849","ref":"refs/heads/master","pushedAt":"2024-05-15T18:35:16.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"all: update golang.org/x/tools\n\nThe addition of range-over-func to slices package is causing govulncheck\nto fail on gotip due to ssa not being able to handle the new Go feature.\nThe version of tools at master contains a temporary fix. We use it for\nnow until tools gets tagged.\n\nChange-Id: If1a7c196d950a8494f6ee7c4d59b539ee0020c35\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/585315\nRun-TryBot: Zvonimir Pavlinovic \nTryBot-Result: Gopher Robot \nReviewed-by: Ian Cottrell \nLUCI-TryBot-Result: Go LUCI ","shortMessageHtmlLink":"all: update golang.org/x/tools"}},{"before":"d837ff86426137299700241b0997c011091800ff","after":"122c809ebf2367fd3394cfcc7d9459ce708052c9","ref":"refs/heads/master","pushedAt":"2024-05-15T18:28:32.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/vulncheck: emit progress message instead of warning\n\nNow that progress messages are hidden under the verbose flag, we should\nnot be printing anything with fmt.\n\nChange-Id: I30b247ca1793ea7bcc6e4a68e1f0633d3262d7f1\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/581276\nLUCI-TryBot-Result: Go LUCI \nRun-TryBot: Zvonimir Pavlinovic \nTryBot-Result: Gopher Robot \nReviewed-by: Ian Cottrell ","shortMessageHtmlLink":"internal/vulncheck: emit progress message instead of warning"}},{"before":"4a8a6ffa0362e038bb7b9d56cc2fe09d0e4fd5ff","after":"d837ff86426137299700241b0997c011091800ff","ref":"refs/heads/master","pushedAt":"2024-05-15T18:27:46.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/scan: improve textual output for binary traces\n\nThere are no traces in binary mode, just vulnerable symbols detected.\n\nChange-Id: I9f1ccc83c0527537d8d42d7397de0562ed8d2842\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/577675\nReviewed-by: Ian Cottrell \nLUCI-TryBot-Result: Go LUCI \nRun-TryBot: Zvonimir Pavlinovic \nTryBot-Result: Gopher Robot ","shortMessageHtmlLink":"internal/scan: improve textual output for binary traces"}},{"before":"052eac784b099e7cc1a3864eb927288b196f2000","after":"4a8a6ffa0362e038bb7b9d56cc2fe09d0e4fd5ff","ref":"refs/heads/master","pushedAt":"2024-05-15T15:16:12.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/buildinfo: avoid panic on nil symbol for elf\n\nFor very old binaries or binaries built with forks of Go, looking up\nan elf symbol that does not exists might not return an error, yet\njust a nil symbol, resulting in a panic. We hence make an additional\ncheck. This is also consistent with other binary formats.\n\nChange-Id: I488eeca4ada27a0be48c7da82ca7b1391a7ce394\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/585336\nLUCI-TryBot-Result: Go LUCI \nTryBot-Result: Gopher Robot \nReviewed-by: Ian Cottrell \nRun-TryBot: Zvonimir Pavlinovic ","shortMessageHtmlLink":"internal/buildinfo: avoid panic on nil symbol for elf"}},{"before":"93d3090660cdfbfe5dfa57dfc366438d35283648","after":"052eac784b099e7cc1a3864eb927288b196f2000","ref":"refs/heads/master","pushedAt":"2024-05-08T21:38:39.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/sarif: improve GOMODCACHE relative paths\n\nThe paths are now indeed relative to %GOMODCACHE%.\n\nChange-Id: I445f95dfdcda4bf053b28917482f9a39866f9dd3\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/581235\nReviewed-by: Ian Cottrell \nRun-TryBot: Zvonimir Pavlinovic \nTryBot-Result: Gopher Robot \nLUCI-TryBot-Result: Go LUCI ","shortMessageHtmlLink":"internal/sarif: improve GOMODCACHE relative paths"}},{"before":"0e39fee41378bbb3678d501b1b19193c0060f540","after":"93d3090660cdfbfe5dfa57dfc366438d35283648","ref":"refs/heads/master","pushedAt":"2024-05-08T21:38:26.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/sarif: add version to module info for locations\n\nThis allows makes module information complete so that users can compute\nlocal paths.\n\nChange-Id: I8cedf77908b825d7e66ac9d7a9a075804f207c66\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/581195\nReviewed-by: Ian Cottrell \nRun-TryBot: Zvonimir Pavlinovic \nLUCI-TryBot-Result: Go LUCI \nTryBot-Result: Gopher Robot ","shortMessageHtmlLink":"internal/sarif: add version to module info for locations"}},{"before":"13badf9386e0b245c28f42973d1d0c413b00933a","after":"0e39fee41378bbb3678d501b1b19193c0060f540","ref":"refs/heads/master","pushedAt":"2024-05-08T21:38:11.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/sarif: remove originalURIBaseIds\n\nWe don't need it and it is not actually needed. Sarif validator is fine\nwithout it and so is Github Code scanning.\n\nUpdates golang/go#61347\n\nChange-Id: I1d368422935fddd6b9960917010287ae7bca2683\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/581076\nRun-TryBot: Zvonimir Pavlinovic \nAuto-Submit: Zvonimir Pavlinovic \nLUCI-TryBot-Result: Go LUCI \nReviewed-by: Ian Cottrell \nTryBot-Result: Gopher Robot ","shortMessageHtmlLink":"internal/sarif: remove originalURIBaseIds"}},{"before":"63adf478672df31518e0b86dce5b8fd1cc7811ae","after":"13badf9386e0b245c28f42973d1d0c413b00933a","ref":"refs/heads/master","pushedAt":"2024-05-06T19:09:05.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"go.mod: update golang.org/x dependencies\n\nUpdate golang.org/x dependencies to their latest tagged versions.\n\nChange-Id: I50adebd9351eb4551d4a34ecff85c4603cbe1721\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/583596\nAuto-Submit: Gopher Robot \nReviewed-by: Cherry Mui \nReviewed-by: Than McIntosh \nLUCI-TryBot-Result: Go LUCI ","shortMessageHtmlLink":"go.mod: update golang.org/x dependencies"}},{"before":"230480c89604dac471233326d383077451c95875","after":"63adf478672df31518e0b86dce5b8fd1cc7811ae","ref":"refs/heads/master","pushedAt":"2024-04-23T17:49:13.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/gosym: preallocate inlined call slice\n\nLineTable.InlineTree allocates a slice whose length is known in advance.\nPreallocate it to avoid reallocations.\n\nChange-Id: I1939f6d4e956ccb5d2b68e10695622784d8ced38\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/581135\nRun-TryBot: Quim Muntal \nReviewed-by: Joedian Reid \nTryBot-Result: Gopher Robot \nAuto-Submit: Quim Muntal \nLUCI-TryBot-Result: Go LUCI \nReviewed-by: Zvonimir Pavlinovic ","shortMessageHtmlLink":"internal/gosym: preallocate inlined call slice"}},{"before":"086b27baf0be2baae021afc6bce0b55e41683a81","after":"230480c89604dac471233326d383077451c95875","ref":"refs/heads/master","pushedAt":"2024-04-22T17:30:59.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"gopherbot","name":"GopherBot","path":"/gopherbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8566911?s=80&v=4"},"commit":{"message":"internal/vulncheck: improve progress message for binaries\n\nChange-Id: Ib5b4b335e44d3ca3e72f4772b7e03fca615e7ae7\nReviewed-on: https://go-review.googlesource.com/c/vuln/+/580158\nAuto-Submit: Zvonimir Pavlinovic \nReviewed-by: Maceo Thompson \nRun-TryBot: Zvonimir Pavlinovic \nLUCI-TryBot-Result: Go LUCI \nTryBot-Result: Gopher Robot ","shortMessageHtmlLink":"internal/vulncheck: improve progress message for binaries"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEXk-vewA","startCursor":null,"endCursor":null}},"title":"Activity ยท golang/vuln"}