Google’s Go programming language has added support for vulnerability management, which project developers said was an initial step toward helping Go developers learn about known vulnerabilities that could impact them.
In a blog post on September 6, the Go security team gave an overview of Go’s vulnerability management project, anchored by the Go vulnerability database, which contains data about vulnerabilities in importable packages in public Go modules. The database, which is curated by the security team, backs Go tools that will analyze a codebase and surface known vulnerabilities. These tools will only surface vulnerabilities in functions that the developer’s code is actually calling, thereby reducing noise in the results, the security team said.
Read the original article: