|
|
|
|
|
|
by jrockway
1357 days ago
|
|
|
From https://go.dev/security/vuln/: "A vulnerability database is populated with reports using information from the data pipeline. All reports in the database are reviewed and curated by the Go Security team." I would imagine that's what Semgrep is doing as well. You're paying for the analysis; the code is the easy part. |
|
|