mirror
/
go
mirror of https://github.com/golang/go.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
The Go programming language
7,005 Commits 63 Branches 451 Tags 660 MiB
Go 94.3%
Assembly 5.3%
C 0.2%
Shell 0.1%
Go to file
Hana (Hyang-Ah) Kim fc039936a9 internal/lsp/mod: adjust vulncheck diagnostics suppression logic 
Vulnerabilities associated with a module should be suppressed
after the module is updated. Previously, we checked whether the
module version in go.mod 'require' matches the FoundVersion reported
by the vulncheck. However, we realized that we cannot always assume
the module version in require is the actually used module version
(due to how minimal version selection works, and how exclude/replace
affects). Instead check whether the module version is newer or equals
to the suggested fixed version and if this go.mod require is newer,
assume that the user updated the module already and suppress diagnostics
about the module. This is not perfect but a heuristic to reduce
confusion from the stale vulncheck report right after applying the
quick fixes and upgrading modules.

Change-Id: I40f4c3e70b19af3f6edd98f30de3ccb7a6bd7498
Reviewed-on: https://go-review.googlesource.com/c/tools/+/450277
Run-TryBot: Hyang-Ah Hana Kim <hyangah@gmail.com>
gopls-CI: kokoro <noreply+kokoro@google.com>
Reviewed-by: Suzy Mueller <suzmue@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Robert Findley <rfindley@google.com>
 		2022-11-18 21:37:48 +00:00
benchmark/parse
blog copyright: test that all files in the repo have copyright notices 2021-01-11 22:19:46 +00:00
cmd cmd/stringer: replace ioutil with os 2022-11-11 15:19:20 +00:00
container/intsets all: remove redundant type conversion 2022-09-07 17:33:19 +00:00
copyright gopls: migrate internal/lsp to gopls/internal/lsp 2022-09-07 16:44:44 +00:00
cover cover: add function to parse profiles from an io.Reader 2021-10-05 03:23:35 +00:00
go go/ssa: build generic function bodies 2022-11-18 18:55:10 +00:00
godoc godoc: fix some comments 2022-10-04 18:24:48 +00:00
gopls internal/lsp/mod: adjust vulncheck diagnostics suppression logic 2022-11-18 21:37:48 +00:00
imports all: gofmt 2022-04-12 17:53:17 +00:00
internal gopls/internal/lsp: simplify KnownPackages 2022-11-18 17:22:07 +00:00
playground playground/socket: eliminate an arbitrary timeout in TestLimiter 2022-11-17 19:28:33 +00:00
present all: fix a few function names on comments 2022-10-10 13:22:38 +00:00
refactor refactor/satisfy: fix visiting functions in the unsafe package 2022-10-17 12:57:23 +00:00
txtar all: gofmt 2022-04-12 17:53:17 +00:00
.gitattributes
.gitignore
.prettierrc all: add a section on JS/CSS formatting to README 2020-05-28 15:31:34 +00:00
CONTRIBUTING.md
LICENSE
PATENTS
README.md README: format install command 2022-10-12 14:51:54 +00:00
codereview.cfg
go.mod go.mod: update golang.org/x dependencies 2022-11-09 17:16:50 +00:00
go.sum go.mod: update golang.org/x dependencies 2022-11-09 17:16:50 +00:00

README.md

Go Tools

PkgGoDev

This repository provides the golang.org/x/tools module, comprising various tools and packages mostly for static analysis of Go programs, some of which are listed below. Use the "Go reference" link above for more information about any package.

It also contains the golang.org/x/tools/gopls module, whose root package is a language-server protocol (LSP) server for Go. An LSP server analyses the source code of a project and responds to requests from a wide range of editors such as VSCode and Vim, allowing them to support IDE-like functionality.

Selected commands:

  • cmd/goimports formats a Go program like go fmt and additionally inserts import statements for any packages required by the file after it is edited.
  • cmd/callgraph prints the call graph of a Go program.
  • cmd/digraph is a utility for manipulating directed graphs in textual notation.
  • cmd/stringer generates declarations (including a String method) for "enum" types.
  • cmd/toolstash is a utility to simplify working with multiple versions of the Go toolchain.

These commands may be fetched with a command such as

go install golang.org/x/tools/cmd/goimports@latest

Selected packages:

  • go/ssa provides a static single-assignment form (SSA) intermediate representation (IR) for Go programs, similar to a typical compiler, for use by analysis tools.

  • go/packages provides a simple interface for loading, parsing, and type checking a complete Go program from source code.

  • go/analysis provides a framework for modular static analysis of Go programs.

  • go/callgraph provides call graphs of Go programs using a variety of algorithms with different trade-offs.

  • go/ast/inspector provides an optimized means of traversing a Go parse tree for use in analysis tools.

  • go/cfg provides a simple control-flow graph (CFG) for a Go function.

  • go/expect reads Go source files used as test inputs and interprets special comments within them as queries or assertions for testing.

  • go/gcexportdata and go/gccgoexportdata read and write the binary files containing type information used by the standard and gccgo compilers.

  • go/types/objectpath provides a stable naming scheme for named entities ("objects") in the go/types API.

Numerous other packages provide more esoteric functionality.

Contributing

This repository uses Gerrit for code changes. To learn how to submit changes, see https://golang.org/doc/contribute.html.

The main issue tracker for the tools repository is located at https://github.com/golang/go/issues. Prefix your issue with "x/tools/(your subdir):" in the subject line, so it is easy to find.

JavaScript and CSS Formatting

This repository uses prettier to format JS and CSS files.

The version of prettier used is 1.18.2.

It is encouraged that all JS and CSS code be run through this before submitting a change. However, it is not a strict requirement enforced by CI.