v1.0.4

This release brings an improved overhaul of the govulncheck textual output. Findings at each detected level of precision (symbol, package, or module) are communicated in their own section.

By default, only the section with the user-specified precision mode is shown followed by a summary of other sections. A detailed description with all of the sections can be obtained using a newly introduced -show verbose option.

This release also brings improvements and fixes for error messages and binaries (#59731).

Integration

govulncheck (streaming) JSON now includes the code position of the vulnerable symbol. Where applicable, the .Position of the last entry of a finding's trace is the code location defining the .Function.