internal/scan: add -version flag

Only print the config block when -version is present
Change to be more verbose but more readable now it is not always printed.
Also don't print the usage just because there were no patterns.

Fixes #53867

Change-Id: I282a5332c11eef535286133fc2425afa7f46942b
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/519815
Run-TryBot: Ian Cottrell <iancottrell@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Maceo Thompson <maceothompson@google.com>
Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com>
Auto-Submit: Ian Cottrell <iancottrell@google.com>

Author: ianthehat

cmd/govulncheck/main_command_118_test.go

@@ -59,8 +59,8 @@ var fixups = []fixup{
 		pattern: `Scanning your code and (\d+) packages across (\d+)`,
 		replace: `Scanning your code and P packages across M`,
 	}, {
-		pattern: `govulncheck@v([^ ]*) `,
-		replace: `govulncheck@v0.0.0-00000000000-20000101010101 `,
+		pattern: `Scanner: govulncheck@v.*`,
+		replace: `Scanner: govulncheck@v1.0.0`,
 	}, {
 		pattern: `"([^"]*") is a file`,
 		replace: `govulncheck: myfile is a file`,
@@ -77,8 +77,8 @@ var fixups = []fixup{
 		pattern: `modified (.*)\)`,
 		replace: `modified 01 Jan 21 00:00 UTC)`,
 	}, {
-		pattern: `Using (go1.[\.\d]*|devel).* and`,
-		replace: `Using go1.18 and`,
+		pattern: `Go: (go1.[\.\d]*|devel).*`,
+		replace: `Go: go1.18`,
 	}, {
 		pattern: `"go_version": "go[^\s"]*"`,
 		replace: `"go_version": "go1.18"`,

cmd/govulncheck/testdata/binary_fail.ct

@@ -6,8 +6,6 @@ $ govulncheck -mode=binary notafile --> FAIL 2
 #####
 # Test of passing a non-binary file to -mode=binary
 $ govulncheck -mode=binary ${moddir}/vuln/go.mod --> FAIL 1
-Using govulncheck@v0.0.0-00000000000-20000101010101 with vulnerability data from testdata/vulndb-v1 (last modified 01 Jan 21 00:00 UTC).
-
 Scanning your binary for known vulnerabilities...
 
 govulncheck: could not parse provided binary: unrecognized file format

cmd/govulncheck/testdata/binary_text.ct

@@ -1,8 +1,6 @@
 #####
 # Test basic binary scanning with text output
 $ govulncheck -mode=binary ${vuln_binary} --> FAIL 3
-Using govulncheck@v0.0.0-00000000000-20000101010101 with vulnerability data from testdata/vulndb-v1 (last modified 01 Jan 21 00:00 UTC).
-
 Scanning your binary for known vulnerabilities...
 
 Vulnerability #1: GO-2021-0265

cmd/govulncheck/testdata/convert_text.ct

@@ -1,8 +1,6 @@
 #####
 # Test using the conversion from json on stdin to text on stdout
 $ govulncheck -mode=convert < convert_input.json
-Using go1.18 and govulncheck@v0.0.0-00000000000-20000101010101 with vulnerability data from testdata/vulndb-v1 (last modified 01 Jan 21 00:00 UTC).
-
 Scanning your code and P packages across M dependent modules for known vulnerabilities...
 
 Vulnerability #1: GO-2021-0265

cmd/govulncheck/testdata/source_fail.ct

@@ -1,8 +1,6 @@
 #####
 # Test of missing go.mod error message.
 $ govulncheck -C ${moddir}/nogomod . --> FAIL 1
-Using go1.18 and govulncheck@v0.0.0-00000000000-20000101010101 with vulnerability data from testdata/vulndb-v1 (last modified 01 Jan 21 00:00 UTC).
-
 govulncheck: no go.mod file
 
 govulncheck only works with Go modules. Try navigating to your module directory.
@@ -24,8 +22,6 @@ For details, run govulncheck -h.
 #####
 # Test of handing an invalid package pattern to source mode
 $ govulncheck -C ${moddir}/vuln blah --> FAIL 1
-Using go1.18 and govulncheck@v0.0.0-00000000000-20000101010101 with vulnerability data from testdata/vulndb-v1 (last modified 01 Jan 21 00:00 UTC).
-
 govulncheck: loading packages: 
 There are errors with the provided package patterns:
 

cmd/govulncheck/testdata/source_informational_text.ct

@@ -1,8 +1,6 @@
 #####
 # Test souce mode with no callstacks
 $ govulncheck -C ${moddir}/informational -show=traces .
-Using go1.18 and govulncheck@v0.0.0-00000000000-20000101010101 with vulnerability data from testdata/vulndb-v1 (last modified 01 Jan 21 00:00 UTC).
-
 Scanning your code and P packages across M dependent modules for known vulnerabilities...
 
 === Informational ===

cmd/govulncheck/testdata/source_multientry_text.ct

@@ -1,8 +1,6 @@
 #####
 # Test for multiple call stacks in source mode with expanded traces
 $ govulncheck -C ${moddir}/multientry . --> FAIL 3
-Using go1.18 and govulncheck@v0.0.0-00000000000-20000101010101 with vulnerability data from testdata/vulndb-v1 (last modified 01 Jan 21 00:00 UTC).
-
 Scanning your code and P packages across M dependent module for known vulnerabilities...
 
 Vulnerability #1: GO-2021-0113
@@ -25,8 +23,6 @@ Share feedback at https://go.dev/s/govulncheck-feedback.
 #####
 # Test for multple call stacks in source mode with expanded traces
 $ govulncheck -C ${moddir}/multientry -show=traces ./... --> FAIL 3
-Using go1.18 and govulncheck@v0.0.0-00000000000-20000101010101 with vulnerability data from testdata/vulndb-v1 (last modified 01 Jan 21 00:00 UTC).
-
 Scanning your code and P packages across M dependent module for known vulnerabilities...
 
 Vulnerability #1: GO-2021-0113

cmd/govulncheck/testdata/source_replace_text.ct

@@ -2,8 +2,6 @@
 # Test of source mode on a module with a replace directive.
 
 $ govulncheck -C ${moddir}/replace ./... --> FAIL 3
-Using go1.18 and govulncheck@v0.0.0-00000000000-20000101010101 with vulnerability data from testdata/vulndb-v1 (last modified 01 Jan 21 00:00 UTC).
-
 Scanning your code and P packages across M dependent module for known vulnerabilities...
 
 Vulnerability #1: GO-2021-0113

cmd/govulncheck/testdata/source_stdlib_text.ct

@@ -1,8 +1,6 @@
 #####
 # Test finding stdlib vulnerability in source mode
 $ govulncheck -C ${moddir}/stdlib . --> FAIL 3
-Using go1.18 and govulncheck@v0.0.0-00000000000-20000101010101 with vulnerability data from testdata/vulndb-v1 (last modified 01 Jan 21 00:00 UTC).
-
 Scanning your code and P packages across M dependent modules for known vulnerabilities...
 
 Vulnerability #1: GO-2022-0969
@@ -23,8 +21,6 @@ Share feedback at https://go.dev/s/govulncheck-feedback.
 #####
 # Test finding stdlib vulnerability in source mode with expanded traces
 $ govulncheck -C ${moddir}/stdlib -show=traces . --> FAIL 3
-Using go1.18 and govulncheck@v0.0.0-00000000000-20000101010101 with vulnerability data from testdata/vulndb-v1 (last modified 01 Jan 21 00:00 UTC).
-
 Scanning your code and P packages across M dependent modules for known vulnerabilities...
 
 Vulnerability #1: GO-2022-0969

cmd/govulncheck/testdata/source_subdir_text.ct

@@ -1,8 +1,6 @@
 #####
 # Test govulncheck runs on the subdirectory of a module
 $ govulncheck -C ${moddir}/vuln/subdir . --> FAIL 3
-Using go1.18 and govulncheck@v0.0.0-00000000000-20000101010101 with vulnerability data from testdata/vulndb-v1 (last modified 01 Jan 21 00:00 UTC).
-
 Scanning your code and P packages across M dependent module for known vulnerabilities...
 
 Vulnerability #1: GO-2021-0113
@@ -24,8 +22,6 @@ Share feedback at https://go.dev/s/govulncheck-feedback.
 #####
 # Test govulncheck runs on the subdirectory of a module
 $ govulncheck -C ${moddir}/vuln/subdir -show=traces . --> FAIL 3
-Using go1.18 and govulncheck@v0.0.0-00000000000-20000101010101 with vulnerability data from testdata/vulndb-v1 (last modified 01 Jan 21 00:00 UTC).
-
 Scanning your code and P packages across M dependent module for known vulnerabilities...
 
 Vulnerability #1: GO-2021-0113