Text file src/cmd/go/testdata/script/mod_sum_absent.txt

Documentation: cmd/go/testdata/script

     1# When the sumdb returns a response which does not
     2# include a sum for the requested module,
     3# we should report an error.
     4# Verifies CVE-2026-42501.
     5env sumdb=$GOSUMDB
     6env proxy=$GOPROXY
     7env GOPROXY GONOPROXY GOSUMDB GONOSUMDB
     8
     9# /sumdb-redirect/ causes the sumdb to return /lookup/ responses
    10# for rsc.io/quote@v1.0.0, not for the requested module.
    11env GOSUMDB=$sumdb' '$proxy/sumdb-redirect/rsc.io/quote@v1.0.0:
    12
    13! go get rsc.io/fortune@v1.0.0
    14stderr 'SECURITY ERROR'
    15! grep rsc.io go.sum
    16-- go.mod --
    17module m

View as plain text