src/goVulncheck: add feedback link

https://go.dev/s/vsc-vulncheck-feedback Also, copy the phrase for the unaffecting vulnerabilities section from govulncheck. Change-Id: I5f5eac80f459227adea3e687db762beb97857fa4 Reviewed-on: https://go-review.googlesource.com/c/vscode-go/+/429235 Run-TryBot: Hyang-Ah Hana Kim <[email protected]> Reviewed-by: Jamal Carvalho <[email protected]> TryBot-Result: kokoro <[email protected]>
TTsyurka · Sep 12, 2022 · 4b658d3 · 4b658d3
1 parent 4b6ce1f
commit 4b658d3
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 2 deletions.
diff --git a/media/vulncheckView.js b/media/vulncheckView.js
@@ -156,7 +156,7 @@
 
 		unaffectingContainer.innerText = '';
 		if (unaffecting.length > 0) {
-			unaffectingContainer.innerHTML = '<hr></hr><p>These vulnerabilities exist in required modules, but no vulnerable symbols are used.<br>No action is required. For more information, visit <a href="https://pkg.go.dev/vuln">https://pkg.go.dev/vuln</a></p>';
+			unaffectingContainer.innerHTML = '<hr></hr><p>The vulnerabilities below are in packages that you import, but your code does not appear to call any vulnerable functions. You may not need to take any action. See <a href="https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck">https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck</a> for details.';
 
 			const details = document.createElement('table');
 			unaffecting.forEach((vuln) => {

diff --git a/src/goVulncheck.ts b/src/goVulncheck.ts
@@ -102,6 +102,9 @@ export class VulncheckResultViewProvider implements vscode.CustomTextEditorProvi
 				<title>Vulnerability Report - govulncheck</title>
 			</head>
 			<body>
+			    Vulncheck is an experimental tool.<br>
+				Share feedback at <a href="https://go.dev/s/vsc-vulncheck-feedback">go.dev/s/vsc-vulncheck-feedback</a>.
+
 				<div class="log"></div>
 				<div class="vulns"></div>
 				<div class="unaffecting"></div>
@@ -242,6 +245,7 @@ export class VulncheckProvider {
 		}
 
 		this.channel.clear();
+		this.channel.show();
 		this.channel.appendLine(`cd ${dir}; gopls vulncheck ${pattern}`);
 
 		try {
@@ -352,7 +356,7 @@ export async function vulncheck(
 						reject('analysis cancelled');
 					} else {
 						channel.appendLine(buf);
-						reject(`result in unexpected format: ${e}`);
+						reject('vulncheck failed: see govulncheck OUTPUT');
 					}
 				}
 			});