diff --git a/cmd/govulncheck/testdata/common/testfiles/binary-call/binary_call_text.ct b/cmd/govulncheck/testdata/common/testfiles/binary-call/binary_call_text.ct index 81f0a473..2710d9ee 100644 --- a/cmd/govulncheck/testdata/common/testfiles/binary-call/binary_call_text.ct +++ b/cmd/govulncheck/testdata/common/testfiles/binary-call/binary_call_text.ct @@ -10,7 +10,7 @@ Vulnerability #1: GO-2021-0265 Module: github.com/tidwall/gjson Found in: github.com/tidwall/gjson@v1.6.5 Fixed in: github.com/tidwall/gjson@v1.9.3 - Example traces found: + Vulnerable symbols found: #1: gjson.Get #2: gjson.Result.Get @@ -23,7 +23,7 @@ Vulnerability #2: GO-2021-0113 Module: golang.org/x/text Found in: golang.org/x/text@v0.3.0 Fixed in: golang.org/x/text@v0.3.7 - Example traces found: + Vulnerable symbols found: #1: language.Parse Vulnerability #3: GO-2021-0054 @@ -34,7 +34,7 @@ Vulnerability #3: GO-2021-0054 Module: github.com/tidwall/gjson Found in: github.com/tidwall/gjson@v1.6.5 Fixed in: github.com/tidwall/gjson@v1.6.6 - Example traces found: + Vulnerable symbols found: #1: gjson.Result.ForEach Your code is affected by 3 vulnerabilities from 2 modules. diff --git a/cmd/govulncheck/testdata/common/testfiles/extract/binary_extract.ct b/cmd/govulncheck/testdata/common/testfiles/extract/binary_extract.ct index 98f8f795..207e74ba 100644 --- a/cmd/govulncheck/testdata/common/testfiles/extract/binary_extract.ct +++ b/cmd/govulncheck/testdata/common/testfiles/extract/binary_extract.ct @@ -10,7 +10,7 @@ Vulnerability #1: GO-2021-0265 Module: github.com/tidwall/gjson Found in: github.com/tidwall/gjson@v1.6.5 Fixed in: github.com/tidwall/gjson@v1.9.3 - Example traces found: + Vulnerable symbols found: #1: gjson.Get #2: gjson.Result.Get @@ -23,7 +23,7 @@ Vulnerability #2: GO-2021-0113 Module: golang.org/x/text Found in: golang.org/x/text@v0.3.0 Fixed in: golang.org/x/text@v0.3.7 - Example traces found: + Vulnerable symbols found: #1: language.Parse Vulnerability #3: GO-2021-0054 @@ -34,7 +34,7 @@ Vulnerability #3: GO-2021-0054 Module: github.com/tidwall/gjson Found in: github.com/tidwall/gjson@v1.6.5 Fixed in: github.com/tidwall/gjson@v1.6.6 - Example traces found: + Vulnerable symbols found: #1: gjson.Result.ForEach Your code is affected by 3 vulnerabilities from 2 modules. diff --git a/cmd/govulncheck/testdata/strip/testfiles/binary/strip.ct b/cmd/govulncheck/testdata/strip/testfiles/binary/strip.ct index 5bc8aa24..f4bb8982 100644 --- a/cmd/govulncheck/testdata/strip/testfiles/binary/strip.ct +++ b/cmd/govulncheck/testdata/strip/testfiles/binary/strip.ct @@ -12,7 +12,7 @@ Vulnerability #1: GO-2021-0113 Module: golang.org/x/text Found in: golang.org/x/text@v0.3.0 Fixed in: golang.org/x/text@v0.3.7 - Example traces found: + Vulnerable symbols found: #1: language.MatchStrings #2: language.MustParse #3: language.Parse @@ -24,7 +24,7 @@ Vulnerability #2: GO-2020-0015 Module: golang.org/x/text Found in: golang.org/x/text@v0.3.0 Fixed in: golang.org/x/text@v0.3.3 - Example traces found: + Vulnerable symbols found: #1: transform.String #2: unicode.bomOverride.Transform #3: unicode.utf16Decoder.Transform diff --git a/internal/scan/text.go b/internal/scan/text.go index 2050c667..d7b26c6c 100644 --- a/internal/scan/text.go +++ b/internal/scan/text.go @@ -38,6 +38,7 @@ type TextHandler struct { osvs []*osv.Entry findings []*findingSummary scanLevel govulncheck.ScanLevel + scanMode govulncheck.ScanMode err error @@ -84,9 +85,9 @@ func (h *TextHandler) Flush() error { // Config writes version information only if --version was set. func (h *TextHandler) Config(config *govulncheck.Config) error { - if config.ScanLevel != "" { - h.scanLevel = config.ScanLevel - } + h.scanLevel = config.ScanLevel + h.scanMode = config.ScanMode + if !h.showVersion { return nil } @@ -300,10 +301,14 @@ func (h *TextHandler) traces(traces []*findingSummary) { count := 1 for _, entry := range traces { if entry.Compact == "" { - continue + continue // skip package and module level traces } if first { - h.style(keyStyle, " Example traces found:\n") + if h.scanMode == govulncheck.ScanModeBinary { + h.style(keyStyle, " Vulnerable symbols found:\n") + } else { + h.style(keyStyle, " Example traces found:\n") + } } first = false