Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

govulncheck: adjust support to handle relative paths #3393

Open
zpavlinovic opened this issue May 15, 2024 · 1 comment
Open

govulncheck: adjust support to handle relative paths #3393

zpavlinovic opened this issue May 15, 2024 · 1 comment
Labels
gopls gopls related issues NeedsFix The path to resolution is known, but the work has not been done. vulncheck or vulndb Issues for vulncheck functionality

Comments

@zpavlinovic
Copy link

As of v1.1.0, govulncheck JSON paths are relative to their enclosing module, rather than being absolute as earlier. This change was done to increase portability and to not leak information about the user filesystem.

If vscode-go starts using govulncheck@v1.1.0 or newer, the chances are the relative paths will break things. However, each path is relative to their enclosing module (including stdlib) and the module information is available in JSON. This should be sufficient to compute absolute paths on the local machine.
@zpavlinovic zpavlinovic added the vulncheck or vulndb Issues for vulncheck functionality label May 15, 2024
@gopherbot gopherbot added this to the Untriaged milestone May 15, 2024
@hyangah hyangah modified the milestones: Untriaged, v0.43.0 May 16, 2024
@hyangah
Copy link
Contributor

hyangah commented May 16, 2024

This should be done before x/vuln dependency upgrade in gopls.

@hyangah hyangah added NeedsFix The path to resolution is known, but the work has not been done. gopls gopls related issues labels May 16, 2024
@hyangah hyangah removed this from the v0.43.0 milestone May 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
gopls gopls related issues NeedsFix The path to resolution is known, but the work has not been done. vulncheck or vulndb Issues for vulncheck functionality
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@zpavlinovic @hyangah @gopherbot