FreshPorts -- security/govulncheck: Database client and tools for the Go vulnerability database

Port details

govulncheck Database client and tools for the Go vulnerability database

1.1.4_4 security =0 1.1.4_1Version of this port present on the latest quarterly branch.

Maintainer: einar@isnic.is

Port Added: 2025-05-26 14:33:03

Last Update: 2025-09-04 17:53:24

Commit Hash: 31a5a22

License: BSD3CLAUSE

WWW:

https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck

Description:

Govulncheck reports known vulnerabilities that affect Go code. It uses static analysis of source code or a binary's symbol table to narrow down reports to only those that could affect the application. By default, govulncheck makes requests to the Go vulnerability database at https://vuln.go.dev. Requests to the vulnerability database contain only module paths with vulnerabilities already known to the database, not code or other properties of your program. See https://vuln.go.dev/privacy.html for more. Use the -db flag to specify a different database, which must implement the specification at https://go.dev/security/vuln/database. Govulncheck looks for vulnerabilities in Go programs using a specific build configuration. For analyzing source code, that configuration is the Go version specified by the "go" command found on the PATH. For binaries, the build configuration is the one used to build the binary. Note that different build configurations may have different known vulnerabilities.

¦ ¦ ¦ ¦

Manual pages:

FreshPorts has no man page information for this port.

pkg-plist: as obtained via: make generate-plist

Expand this list (4 items)

Collapse this list.

bin/govulncheck
/usr/local/share/licenses/govulncheck-1.1.4_4/catalog.mk
/usr/local/share/licenses/govulncheck-1.1.4_4/LICENSE
/usr/local/share/licenses/govulncheck-1.1.4_4/BSD3CLAUSE

Collapse this list.

USE_RC_SUBR (Service Scripts)

no SUBR information found for this port

Dependency lines:

govulncheck>0:security/govulncheck

To install the port:

cd /usr/ports/security/govulncheck/ && make install clean

To add the package, run one of these commands:

pkg install security/govulncheck
pkg install govulncheck

NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.

PKGNAME: govulncheck

Flavors: there is no flavor information for this port.

distinfo:

TIMESTAMP = 1742556049 SHA256 (go/security_govulncheck/govulncheck-v1.1.4/v1.1.4.mod) = 40e5fa329adbfd7dad2476465ba340d2531b4d33640b82c81c34ac90f36cbd2a SIZE (go/security_govulncheck/govulncheck-v1.1.4/v1.1.4.mod) = 387

Expand this list (2 items)

Collapse this list.

SHA256 (go/security_govulncheck/govulncheck-v1.1.4/v1.1.4.zip) = 115ff76fba8f73b27106eb2e59e3f30696f4f7faaeed55471b5b65c3994b503d SIZE (go/security_govulncheck/govulncheck-v1.1.4/v1.1.4.zip) = 853384

Collapse this list.

Packages (timestamps in pop-ups are UTC):

govulncheck
ABI	aarch64	amd64	armv6	armv7	i386	powerpc	powerpc64	powerpc64le
FreeBSD:13:latest	1.1.4_3	1.1.4_3	-	1.1.4_2	1.1.4_3	-	-	-
FreeBSD:13:quarterly	1.1.4_1	1.1.4_1	-	1.1.4_1	1.1.4_1	-	-	-
FreeBSD:14:latest	1.1.4_2	1.1.4_3	-	1.1.4_2	1.1.4_3	-	-	-
FreeBSD:14:quarterly	1.1.4_1	1.1.4_1	-	1.1.4_1	1.1.4_1	-	-	-
FreeBSD:15:latest	-	-	n/a	1.1.4_1	n/a	-	-	-

Dependencies

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:

go124 : lang/go124

Runtime dependencies:

go124 : lang/go124

Fetch dependencies:

go124 : lang/go124

There are no ports dependent upon this port

Configuration Options:

No options to configure

Options name:

security_govulncheck

USES:

go:modules,run zip

FreshPorts was unable to extract/find any pkg message

Master Sites:

Expand this list (1 items)

Collapse this list.

https://proxy.golang.org/golang.org/x/vuln/@v/

Collapse this list.

Number of commits found: 5

Commit	Credits	Log message
Commit History - (may be incomplete: for full details, see links to repositories near top of page)
1.1.4_4 04 Sep 2025 17:53:24	Adam Weinberger (adamw)	many: Bump go ports for go-1.24.7
1.1.4_3 07 Aug 2025 00:02:46	Adam Weinberger (adamw)	go ports: Bump for 1.24.6
1.1.4_2 09 Jul 2025 16:11:00	Adam Weinberger (adamw)	many: Bump PORTREVISION for go-1.24.5 update
1.1.4_1 06 Jun 2025 20:00:53	Adam Weinberger (adamw)	various: Bump PORTREVISION after go124-1.24.4 update
1.1.4 26 May 2025 14:30:11	Nuno Teixeira (eduardo) Author: Einar Bjarni Halldórsson	security/govulncheck: New port: Database client and tools for the Go vulnerability database Govulncheck reports known vulnerabilities that affect Go code. It uses static analysis of source code or a binary's symbol table to narrow down reports to only those that could affect the application. - Submitter becomes maintainer WWW: https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck PR: 285627

Number of commits found: 5

Login
User Login Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts? About the authors Issues FAQ How big is it? Security Policy Privacy Blog Contact

Search
Enter Keywords: more...

Latest Vulnerabilities

exiv2	Sep 04
exiv2	Sep 04
py-django42	Sep 04
py-django51	Sep 04
py-django52	Sep 04
linux-vieb	Sep 03
shibboleth-sp	Sep 03
gitlab	Aug 29
qt6-base	Aug 28
qt6-pdf	Aug 28
qt6-webengine	Aug 28
kea	Aug 27
kea-devel	Aug 27
linux-c7-sqlite3	Aug 27
sqlite3	Aug 27

11 vulnerabilities affecting 82 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities

Last processed:
2025-09-05 14:49:12 UTC

Ports
Home Categories Deleted ports Sanity Test Failures Newsfeeds

Statistics

Graphs
NEW Graphs (Javascript)

Calculated hourly:

Port count	33575
Broken	126
Deprecated	183
Ignore	243
Forbidden	0
Restricted	2
No CDROM	1
Vulnerable	36
Expired	14
Set to expire	123
Interactive	0
new 24 hours	5
new 48 hours	9
new 7 days	33
new fortnight	70
new month	122