future-architect · kotakanbe · Mar 17, 2026 · Mar 17, 2026 · Mar 17, 2026
diff --git a/cache/bolt.go b/cache/bolt.go
@@ -2,10 +2,10 @@ package cache
 
 import (
 	"encoding/json"
+	"fmt"
 	"time"
 
 	bolt "go.etcd.io/bbolt"
-	"golang.org/x/xerrors"
 
 	"github.com/future-architect/vuls/logging"
 	"github.com/future-architect/vuls/util"
@@ -53,7 +53,7 @@ func (b *Bolt) createBucketIfNotExists(name string) error {
 	return b.db.Update(func(tx *bolt.Tx) error {
 		_, err := tx.CreateBucketIfNotExists([]byte(name))
 		if err != nil {
-			return xerrors.Errorf("Failed to create bucket: %w", err)
+			return fmt.Errorf("Failed to create bucket: %w", err)
 		}
 		return nil
 	})
@@ -82,7 +82,7 @@ func (b Bolt) RefreshMeta(meta Meta) error {
 	meta.CreatedAt = time.Now()
 	jsonBytes, err := json.Marshal(meta)
 	if err != nil {
-		return xerrors.Errorf("Failed to marshal to JSON: %w", err)
+		return fmt.Errorf("Failed to marshal to JSON: %w", err)
 	}
 	return b.db.Update(func(tx *bolt.Tx) error {
 		bkt := tx.Bucket([]byte(metabucket))
@@ -98,7 +98,7 @@ func (b Bolt) RefreshMeta(meta Meta) error {
 func (b Bolt) EnsureBuckets(meta Meta) error {
 	jsonBytes, err := json.Marshal(meta)
 	if err != nil {
-		return xerrors.Errorf("Failed to marshal to JSON: %w", err)
+		return fmt.Errorf("Failed to marshal to JSON: %w", err)
 	}
 	return b.db.Update(func(tx *bolt.Tx) error {
 		b.Log.Debugf("Put to meta: %s", meta.Name)
@@ -147,7 +147,7 @@ func (b Bolt) GetChangelog(servername, packName string) (changelog string, err e
 	err = b.db.View(func(tx *bolt.Tx) error {
 		bkt := tx.Bucket([]byte(servername))
 		if bkt == nil {
-			return xerrors.Errorf("Failed to get Bucket: %s", servername)
+			return fmt.Errorf("Failed to get Bucket: %s", servername)
 		}
 		v := bkt.Get([]byte(packName))
 		if v == nil {
@@ -165,7 +165,7 @@ func (b Bolt) PutChangelog(servername, packName, changelog string) error {
 	return b.db.Update(func(tx *bolt.Tx) error {
 		bkt := tx.Bucket([]byte(servername))
 		if bkt == nil {
-			return xerrors.Errorf("Failed to get Bucket: %s", servername)
+			return fmt.Errorf("Failed to get Bucket: %s", servername)
 		}
 		return bkt.Put([]byte(packName), []byte(changelog))
 	})

diff --git a/config/azureconf.go b/config/azureconf.go
@@ -3,8 +3,6 @@ package config
 import (
 	"fmt"
 	"os"
-
-	"golang.org/x/xerrors"
 )
 
 // AzureConf is azure config
@@ -40,21 +38,21 @@ func (c *AzureConf) Validate() (errs []error) {
 		c.AccountName = os.Getenv(azureAccount)
 	}
 	if c.AccountName == "" {
-		errs = append(errs, xerrors.Errorf("Azure account name is required"))
+		errs = append(errs, fmt.Errorf("Azure account name is required"))
 	}
 	if os.Getenv(azureKey) != "" {
 		c.AccountKey = os.Getenv(azureKey)
 	}
 	if c.AccountKey == "" {
-		errs = append(errs, xerrors.Errorf("Azure account key is required"))
+		errs = append(errs, fmt.Errorf("Azure account key is required"))
 	}
 
 	if c.Endpoint == "" {
 		c.Endpoint = fmt.Sprintf("https://%s.blob.core.windows.net/", c.AccountName)
 	}
 
 	if c.ContainerName == "" {
-		errs = append(errs, xerrors.Errorf("Azure storage container name is required"))
+		errs = append(errs, fmt.Errorf("Azure storage container name is required"))
 	}
 	return
 }
diff --git a/config/chatworkconf.go b/config/chatworkconf.go
@@ -1,8 +1,9 @@
 package config
 
 import (
+	"errors"
+
 	"github.com/asaskevich/govalidator"
-	"golang.org/x/xerrors"
 )
 
 // ChatWorkConf is ChatWork config
@@ -18,11 +19,11 @@ func (c *ChatWorkConf) Validate() (errs []error) {
 		return
 	}
 	if len(c.Room) == 0 {
-		errs = append(errs, xerrors.New("chatWorkConf.room must not be empty"))
+		errs = append(errs, errors.New("chatWorkConf.room must not be empty"))
 	}
 
 	if len(c.APIToken) == 0 {
-		errs = append(errs, xerrors.New("chatWorkConf.ApiToken must not be empty"))
+		errs = append(errs, errors.New("chatWorkConf.ApiToken must not be empty"))
 	}
 
 	_, err := govalidator.ValidateStruct(c)

diff --git a/config/config.go b/config/config.go
@@ -1,13 +1,13 @@
 package config
 
 import (
+	"errors"
 	"fmt"
 	"os"
 	"strconv"
 	"strings"
 
 	"github.com/asaskevich/govalidator"
-	"golang.org/x/xerrors"
 
 	"github.com/future-architect/vuls/config/syslog"
 	"github.com/future-architect/vuls/constant"
@@ -113,7 +113,7 @@ func (c Config) ValidateOnScan() bool {
 	errs := c.checkSSHKeyExist()
 	if len(c.ResultsDir) != 0 {
 		if ok, _ := govalidator.IsFilePath(c.ResultsDir); !ok {
-			errs = append(errs, xerrors.Errorf(
+			errs = append(errs, fmt.Errorf(
 				"JSON base directory must be a *Absolute* file path. -results-dir: %s", c.ResultsDir))
 		}
 	}
@@ -147,7 +147,7 @@ func (c Config) checkSSHKeyExist() (errs []error) {
 		}
 		if v.KeyPath != "" {
 			if _, err := os.Stat(v.KeyPath); err != nil {
-				errs = append(errs, xerrors.Errorf(
+				errs = append(errs, fmt.Errorf(
 					"%s is invalid. keypath: %s not exists", serverName, v.KeyPath))
 			}
 		}
@@ -161,7 +161,7 @@ func (c *Config) ValidateOnReport() bool {
 
 	if len(c.ResultsDir) != 0 {
 		if ok, _ := govalidator.IsFilePath(c.ResultsDir); !ok {
-			errs = append(errs, xerrors.Errorf(
+			errs = append(errs, fmt.Errorf(
 				"JSON base directory must be a *Absolute* file path. -results-dir: %s", c.ResultsDir))
 		}
 	}
@@ -196,10 +196,10 @@ func (c *Config) ValidateOnReport() bool {
 		&Conf.Cti,
 	} {
 		if err := cnf.Validate(); err != nil {
-			errs = append(errs, xerrors.Errorf("Failed to validate %s: %+v", cnf.GetName(), err))
+			errs = append(errs, fmt.Errorf("Failed to validate %s: %+v", cnf.GetName(), err))
 		}
 		if err := cnf.CheckHTTPHealth(); err != nil {
-			errs = append(errs, xerrors.Errorf("Run %s as server mode before reporting: %+v", cnf.GetName(), err))
+			errs = append(errs, fmt.Errorf("Run %s as server mode before reporting: %+v", cnf.GetName(), err))
 		}
 	}
 
@@ -340,7 +340,7 @@ func (l Distro) MajorVersion() (int, error) {
 			return strconv.Atoi(strings.Split(l.Release, ".")[0])
 		}
 	}
-	return 0, xerrors.New("Release is empty")
+	return 0, errors.New("Release is empty")
 }
 
 // IsContainer returns whether this ServerInfo is about container

diff --git a/config/config_v1.go b/config/config_v1.go
@@ -8,7 +8,6 @@ import (
 	"strings"
 
 	"github.com/BurntSushi/toml"
-	"golang.org/x/xerrors"
 )
 
 // ConfV1 has old version Configuration for windows
@@ -68,10 +67,10 @@ func convertToLatestConfig(pathToToml string) error {
 		case "3":
 			server.WinUpdateSrcInt = LocalCab
 			if server.CabPath == "" {
-				return xerrors.Errorf("Failed to load CabPath. err: CabPath is empty")
+				return fmt.Errorf("Failed to load CabPath. err: CabPath is empty")
 			}
 		default:
-			return xerrors.Errorf(`Specify WindUpdateSrc in  "0"|"1"|"2"|"3"`)
+			return fmt.Errorf(`Specify WindUpdateSrc in  "0"|"1"|"2"|"3"`)
 		}
 
 		convertedServerConfig := ServerInfo{
@@ -90,11 +89,11 @@ func convertToLatestConfig(pathToToml string) error {
 
 	raw, err := os.ReadFile(pathToSaasJSON)
 	if err != nil {
-		return xerrors.Errorf("Failed to read saas-credential.json. err: %w", err)
+		return fmt.Errorf("Failed to read saas-credential.json. err: %w", err)
 	}
 	saasJSON := SaasConf{}
 	if err := json.Unmarshal(raw, &saasJSON); err != nil {
-		return xerrors.Errorf("Failed to unmarshal saas-credential.json. err: %w", err)
+		return fmt.Errorf("Failed to unmarshal saas-credential.json. err: %w", err)
 	}
 	Conf.Saas = SaasConf{
 		GroupID: saasJSON.GroupID,
@@ -117,21 +116,21 @@ func convertToLatestConfig(pathToToml string) error {
 	// rename the current config.toml to config.toml.bak
 	info, err := os.Lstat(pathToToml)
 	if err != nil {
-		return xerrors.Errorf("Failed to lstat %s: %w", pathToToml, err)
+		return fmt.Errorf("Failed to lstat %s: %w", pathToToml, err)
 	}
 	realPath := pathToToml
 	if info.Mode()&os.ModeSymlink == os.ModeSymlink {
 		if realPath, err = os.Readlink(pathToToml); err != nil {
-			return xerrors.Errorf("Failed to Read link %s: %w", pathToToml, err)
+			return fmt.Errorf("Failed to Read link %s: %w", pathToToml, err)
 		}
 	}
 	if err := os.Rename(realPath, realPath+".bak"); err != nil {
-		return xerrors.Errorf("Failed to rename %s: %w", pathToToml, err)
+		return fmt.Errorf("Failed to rename %s: %w", pathToToml, err)
 	}
 
 	var buf bytes.Buffer
 	if err := toml.NewEncoder(&buf).Encode(c); err != nil {
-		return xerrors.Errorf("Failed to encode to toml: %w", err)
+		return fmt.Errorf("Failed to encode to toml: %w", err)
 	}
 	str := strings.ReplaceAll(buf.String(), "\n  [", "\n\n  [")
 	str = fmt.Sprintf("%s\n\n%s",

diff --git a/config/googlechatconf.go b/config/googlechatconf.go
@@ -1,8 +1,9 @@
 package config
 
 import (
+	"errors"
+
 	"github.com/asaskevich/govalidator"
-	"golang.org/x/xerrors"
 )
 
 // GoogleChatConf is GoogleChat config
@@ -19,10 +20,10 @@ func (c *GoogleChatConf) Validate() (errs []error) {
 		return
 	}
 	if len(c.WebHookURL) == 0 {
-		errs = append(errs, xerrors.New("googleChatConf.webHookURL must not be empty"))
+		errs = append(errs, errors.New("googleChatConf.webHookURL must not be empty"))
 	}
 	if !govalidator.IsRegex(c.ServerNameRegexp) {
-		errs = append(errs, xerrors.New("googleChatConf.serverNameRegexp must be regex"))
+		errs = append(errs, errors.New("googleChatConf.serverNameRegexp must be regex"))
 	}
 	_, err := govalidator.ValidateStruct(c)
 	if err != nil {

diff --git a/config/jsonloader.go b/config/jsonloader.go
@@ -1,12 +1,12 @@
 package config
 
-import "golang.org/x/xerrors"
+import "errors"
 
 // JSONLoader loads configuration
 type JSONLoader struct {
 }
 
 // Load load the configuration JSON file specified by path arg.
 func (c JSONLoader) Load(_, _, _ string) (err error) {
-	return xerrors.New("Not implement yet")
+	return errors.New("Not implement yet")
 }
diff --git a/config/portscan.go b/config/portscan.go
@@ -1,14 +1,15 @@
 package config
 
 import (
+	"errors"
+	"fmt"
 	"os"
 	"os/exec"
 	"slices"
 	"strconv"
 	"strings"
 
 	"github.com/asaskevich/govalidator"
-	"golang.org/x/xerrors"
 )
 
 // PortScanConf is the setting for using an external port scanner
@@ -120,36 +121,36 @@ func (c *PortScanConf) Validate() (errs []error) {
 		if c.IsZero() {
 			return
 		}
-		errs = append(errs, xerrors.New("To enable the PortScan option, ScannerBinPath must be set."))
+		errs = append(errs, errors.New("to enable the PortScan option, ScannerBinPath must be set"))
 	}
 
 	if _, err := os.Stat(c.ScannerBinPath); err != nil {
-		errs = append(errs, xerrors.Errorf(
+		errs = append(errs, fmt.Errorf(
 			"scanner is not found. ScannerBinPath: %s not exists", c.ScannerBinPath))
 	}
 
 	scanTechniques := c.GetScanTechniques()
 	for _, scanTechnique := range scanTechniques {
 		if scanTechnique == NotSupportTechnique {
-			errs = append(errs, xerrors.New("There is an unsupported option in ScanTechniques."))
+			errs = append(errs, errors.New("there is an unsupported option in ScanTechniques"))
 		}
 	}
 
 	// It does not currently support multiple ScanTechniques.
 	// But if it supports UDP scanning, it will need to accept multiple ScanTechniques.
 	if len(scanTechniques) > 1 {
-		errs = append(errs, xerrors.New("Currently multiple ScanTechniques are not supported."))
+		errs = append(errs, errors.New("currently multiple ScanTechniques are not supported"))
 	}
 
 	if c.HasPrivileged {
 		if os.Geteuid() != 0 {
 			output, err := exec.Command("getcap", c.ScannerBinPath).Output()
 			if err != nil {
-				errs = append(errs, xerrors.Errorf("Failed to check capability of %s. error message: %w", c.ScannerBinPath, err))
+				errs = append(errs, fmt.Errorf("Failed to check capability of %s. error message: %w", c.ScannerBinPath, err))
 			} else {
 				parseOutput := strings.SplitN(string(output), "=", 2)
 				if len(parseOutput) != 2 {
-					errs = append(errs, xerrors.Errorf("Failed to parse getcap outputs. please execute this command: `$ getcap %s`. If the following string (`/usr/bin/nmap = ... `) is not displayed, you need to set the capability with the following command. `$ setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip %s`", c.ScannerBinPath, c.ScannerBinPath))
+					errs = append(errs, fmt.Errorf("Failed to parse getcap outputs. please execute this command: `$ getcap %s`. If the following string (`/usr/bin/nmap = ... `) is not displayed, you need to set the capability with the following command. `$ setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip %s`", c.ScannerBinPath, c.ScannerBinPath))
 				} else {
 					parseCapability := strings.Split(strings.TrimSpace(parseOutput[1]), "+")
 					capabilities := strings.Split(parseCapability[0], ",")
@@ -160,12 +161,12 @@ func (c *PortScanConf) Validate() (errs []error) {
 							continue
 						}
 
-						errs = append(errs, xerrors.Errorf("Not enough capability to execute. needs: ['cap_net_bind_service', 'cap_net_admin', 'cap_net_raw'], actual: %s. To fix this, run the following command. `$ setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip %s`", capabilities, c.ScannerBinPath))
+						errs = append(errs, fmt.Errorf("Not enough capability to execute. needs: ['cap_net_bind_service', 'cap_net_admin', 'cap_net_raw'], actual: %s. To fix this, run the following command. `$ setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip %s`", capabilities, c.ScannerBinPath))
 						break
 					}
 
 					if parseCapability[1] != "eip" {
-						errs = append(errs, xerrors.Errorf("Capability(`cap_net_bind_service,cap_net_admin,cap_net_raw`) must belong to the following capability set(need: eip, actual: %s). To fix this, run the following command. `$ setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip %s`", parseCapability[1], c.ScannerBinPath))
+						errs = append(errs, fmt.Errorf("Capability(`cap_net_bind_service,cap_net_admin,cap_net_raw`) must belong to the following capability set(need: eip, actual: %s). To fix this, run the following command. `$ setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip %s`", parseCapability[1], c.ScannerBinPath))
 					}
 				}
 			}
@@ -175,27 +176,27 @@ func (c *PortScanConf) Validate() (errs []error) {
 	if !c.HasPrivileged {
 		for _, scanTechnique := range scanTechniques {
 			if scanTechnique != TCPConnect && scanTechnique != NotSupportTechnique {
-				errs = append(errs, xerrors.New("If not privileged, only TCPConnect Scan(-sT) can be used."))
+				errs = append(errs, errors.New("if not privileged, only TCPConnect Scan(-sT) can be used"))
 				break
 			}
 		}
 	}
 
 	if c.SourcePort != "" {
 		if slices.Contains(scanTechniques, TCPConnect) {
-			errs = append(errs, xerrors.New("SourcePort Option(-g/--source-port) is incompatible with the default TCPConnect Scan(-sT)."))
+			errs = append(errs, errors.New("sourcePort option(-g/--source-port) is incompatible with the default TCPConnect Scan(-sT)"))
 		}
 
 		portNumber, err := strconv.Atoi(c.SourcePort)
 		if err != nil {
-			errs = append(errs, xerrors.Errorf("SourcePort conversion failed. %w", err))
+			errs = append(errs, fmt.Errorf("SourcePort conversion failed. %w", err))
 		} else {
 			if portNumber < 0 || 65535 < portNumber {
-				errs = append(errs, xerrors.Errorf("SourcePort(%s) must be between 0 and 65535.", c.SourcePort))
+				errs = append(errs, fmt.Errorf("sourcePort(%s) must be between 0 and 65535", c.SourcePort))
 			}
 
 			if portNumber == 0 {
-				errs = append(errs, xerrors.New("SourcePort(0) may not work on all systems."))
+				errs = append(errs, errors.New("sourcePort(0) may not work on all systems"))
 			}
 		}
 	}