diff --git a/cmd/govulncheck/testdata/testfiles/binary-module/binary_module_text.ct b/cmd/govulncheck/testdata/testfiles/binary-module/binary_module_text.ct index 39305fd..9a25bc7 100644 --- a/cmd/govulncheck/testdata/testfiles/binary-module/binary_module_text.ct +++ b/cmd/govulncheck/testdata/testfiles/binary-module/binary_module_text.ct @@ -44,5 +44,4 @@ Vulnerability #4: GO-2020-0015 Fixed in: golang.org/x/text@v0.3.3 Your code may be affected by 4 vulnerabilities. - Use '-scan symbol' for more fine grained vulnerability detection. diff --git a/cmd/govulncheck/testdata/testfiles/source-module/source_module_text.ct b/cmd/govulncheck/testdata/testfiles/source-module/source_module_text.ct index 108471d..8d9da27 100644 --- a/cmd/govulncheck/testdata/testfiles/source-module/source_module_text.ct +++ b/cmd/govulncheck/testdata/testfiles/source-module/source_module_text.ct @@ -26,7 +26,6 @@ Vulnerability #2: GO-2021-0113 Fixed in: golang.org/x/text@v0.3.7 Your code may be affected by 2 vulnerabilities. - Use '-scan symbol' for more fine grained vulnerability detection. ##### @@ -56,5 +55,4 @@ Vulnerability #2: GO-2021-0113 Fixed in: golang.org/x/text@v0.3.7 Your code may be affected by 2 vulnerabilities. - Use '-scan symbol' for more fine grained vulnerability detection. diff --git a/internal/scan/testdata/module-vuln.txt b/internal/scan/testdata/module-vuln.txt index f59ca71..d0a4366 100644 --- a/internal/scan/testdata/module-vuln.txt +++ b/internal/scan/testdata/module-vuln.txt @@ -9,5 +9,4 @@ Vulnerability #1: GO-0000-0001 Platforms: amd Your code may be affected by 1 vulnerability. - Use '-scan symbol' for more fine grained vulnerability detection. diff --git a/internal/scan/testdata/multi-stack-modlevel.txt b/internal/scan/testdata/multi-stack-modlevel.txt index 0857e87..e5a8473 100644 --- a/internal/scan/testdata/multi-stack-modlevel.txt +++ b/internal/scan/testdata/multi-stack-modlevel.txt @@ -16,5 +16,4 @@ Vulnerability #2: GO-0000-0001 Platforms: amd Your code may be affected by 2 vulnerabilities. - Use '-scan symbol' for more fine grained vulnerability detection. diff --git a/internal/scan/text.go b/internal/scan/text.go index bc2a589..29e1ece 100644 --- a/internal/scan/text.go +++ b/internal/scan/text.go @@ -319,6 +319,7 @@ func (h *TextHandler) traces(traces []*findingSummary) { } func (h *TextHandler) summary(c summaryCounters) { + // print short summary of findings identified at the desired level of scan precision var vulnCount int h.print("Your code ", choose(h.scanLevel.WantSymbols(), "is", "may be"), " affected by ") switch h.scanLevel { @@ -346,6 +347,20 @@ func (h *TextHandler) summary(c summaryCounters) { } h.print(".\n") + // print summary for vulnerabilities found at other levels of scan precision + if other := h.summaryOtherVulns(c); other != "" { + h.wrap("", other, 80) + h.print("\n") + } + + // print suggested flags for more/better info depending on scan level and if in verbose mode + if sugg := h.summarySuggestion(); sugg != "" { + h.wrap("", sugg, 80) + h.print("\n") + } +} + +func (h *TextHandler) summaryOtherVulns(c summaryCounters) string { var summary strings.Builder if c.VulnerabilitiesRequired+c.VulnerabilitiesImported == 0 { summary.WriteString("This scan found no other vulnerabilities in ") @@ -367,26 +382,26 @@ func (h *TextHandler) summary(c summaryCounters) { summary.WriteString(choose(h.scanLevel.WantSymbols(), ", but your code doesn't appear to call these vulnerabilities.", ".")) } } - h.wrap("", summary.String(), 80) - h.print("\n") - // print suggested flags for more/better info depending on scan level and if in verbose mode + return summary.String() +} + +func (h *TextHandler) summarySuggestion() string { + var sugg strings.Builder switch h.scanLevel { case govulncheck.ScanLevelSymbol: if !h.showAllVulns { - h.print("Use ", verboseMessage, ".") + sugg.WriteString("Use " + verboseMessage + ".") } case govulncheck.ScanLevelPackage: - var message strings.Builder - message.WriteString("Use " + symbolMessage) + sugg.WriteString("Use " + symbolMessage) if !h.showAllVulns { - message.WriteString(" and " + verboseMessage) + sugg.WriteString(" and " + verboseMessage) } - message.WriteString(".") - h.wrap("", message.String(), 80) + sugg.WriteString(".") case govulncheck.ScanLevelModule: - h.print("Use ", symbolMessage, ".") + sugg.WriteString("Use " + symbolMessage + ".") } - h.print("\n") + return sugg.String() } func (h *TextHandler) style(style style, values ...any) {