MCPcopy
hub / github.com/golang/tools / osvsByModule

Function osvsByModule

gopls/internal/cache/mod_vuln.go:335–366  ·  view source on GitHub ↗

osvsByModule runs a govulncheck database query.

(ctx context.Context, db, moduleVersion string)

Source from the content-addressed store, hash-verified

333
334// osvsByModule runs a govulncheck database query.
335func osvsByModule(ctx context.Context, db, moduleVersion string) ([]*osv.Entry, error) {
336 var args []string
337 args = append(args, "-mode=query", "-json")
338 if db != "" {
339 args = append(args, "-db="+db)
340 }
341 args = append(args, moduleVersion)
342
343 ir, iw := io.Pipe()
344 handler := &osvReader{}
345
346 var g errgroup.Group
347 g.Go(func() error {
348 defer iw.Close() // scan API doesn't close cmd.Stderr/cmd.Stdout.
349 cmd := scan.Command(ctx, args...)
350 cmd.Stdout = iw
351 // TODO(hakim): Do we need to set cmd.Env = getEnvSlices(),
352 // or is the process environment good enough?
353 if err := cmd.Start(); err != nil {
354 return err
355 }
356 return cmd.Wait()
357 })
358 g.Go(func() error {
359 return govulncheck.HandleJSON(ir, handler)
360 })
361
362 if err := g.Wait(); err != nil {
363 return nil, err
364 }
365 return handler.entry, nil
366}
367
368// osvReader implements govulncheck.Handler.
369type osvReader struct {

Callers 1

modVulnImplFunction · 0.85

Calls 7

GoMethod · 0.95
HandleJSONFunction · 0.92
appendFunction · 0.85
CloseMethod · 0.65
CommandMethod · 0.65
StartMethod · 0.45
WaitMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…