diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 9271c502..d69dae54 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -134,7 +134,7 @@ Each check is currently just a function of type `CheckFn`. The signature is: ```golang -type CheckFn func(c.Checker) CheckResult +type CheckFn func(*c.Checker) CheckResult ``` Checks are registered in an init function: diff --git a/checker/check_runner.go b/checker/check_runner.go index 956728e9..32fef69c 100644 --- a/checker/check_runner.go +++ b/checker/check_runner.go @@ -25,7 +25,7 @@ type Runner struct { CheckRequest CheckRequest } -type CheckFn func(CheckRequest) CheckResult +type CheckFn func(*CheckRequest) CheckResult type CheckNameToFnMap map[string]CheckFn @@ -44,13 +44,12 @@ func (r *Runner) Run(f CheckFn) CheckResult { checkRequest := r.CheckRequest l = logger{} checkRequest.Logf = l.Logf - res = f(checkRequest) + res = f(&checkRequest) if res.ShouldRetry && !strings.Contains(res.Error.Error(), "invalid header field value") { checkRequest.Logf("error, retrying: %s", res.Error) continue } break - } res.Details = l.messages return res @@ -64,7 +63,7 @@ func Bool2int(b bool) int { } func MultiCheck(fns ...CheckFn) CheckFn { - return func(c CheckRequest) CheckResult { + return func(c *CheckRequest) CheckResult { var maxResult CheckResult for _, fn := range fns { diff --git a/checks/active.go b/checks/active.go index 21936481..5f356d7d 100644 --- a/checks/active.go +++ b/checks/active.go @@ -30,13 +30,16 @@ func init() { registerCheck(activeStr, IsActive) } -func IsActive(c checker.CheckRequest) checker.CheckResult { +func IsActive(c *checker.CheckRequest) checker.CheckResult { commits, _, err := c.Client.Repositories.ListCommits(c.Ctx, c.Owner, c.Repo, &github.CommitsListOptions{}) if err != nil { return checker.MakeRetryResult(activeStr, err) } - tz, _ := time.LoadLocation("UTC") + tz, err := time.LoadLocation("UTC") + if err != nil { + return checker.MakeRetryResult(activeStr, err) + } threshold := time.Now().In(tz).AddDate(0, 0, -1*lookbackDays) totalCommits := 0 for _, commit := range commits { diff --git a/checks/branch_protected.go b/checks/branch_protected.go index c314f597..e07b688a 100644 --- a/checks/branch_protected.go +++ b/checks/branch_protected.go @@ -25,7 +25,7 @@ func init() { registerCheck(branchProtectionStr, BranchProtection) } -func BranchProtection(c checker.CheckRequest) checker.CheckResult { +func BranchProtection(c *checker.CheckRequest) checker.CheckResult { repo, _, err := c.Client.Repositories.Get(c.Ctx, c.Owner, c.Repo) if err != nil { return checker.MakeRetryResult(branchProtectionStr, err) @@ -48,10 +48,9 @@ func BranchProtection(c checker.CheckRequest) checker.CheckResult { } } return IsBranchProtected(protection, c) - } -func IsBranchProtected(protection *github.Protection, c checker.CheckRequest) checker.CheckResult { +func IsBranchProtected(protection *github.Protection, c *checker.CheckRequest) checker.CheckResult { totalChecks := 6 totalSuccess := 0 diff --git a/checks/branch_protected_test.go b/checks/branch_protected_test.go index a131c81f..f0e4d3a3 100644 --- a/checks/branch_protected_test.go +++ b/checks/branch_protected_test.go @@ -32,6 +32,7 @@ func (l *log) Logf(s string, f ...interface{}) { } func TestIsBranchProtected(t *testing.T) { + t.Parallel() type args struct { protection *github.Protection c checker.CheckRequest @@ -440,9 +441,11 @@ func TestIsBranchProtected(t *testing.T) { }, } for _, tt := range tests { + tt := tt // Re-initializing variable so it is not changed while executing the closure below l.messages = []string{} t.Run(tt.name, func(t *testing.T) { - got := IsBranchProtected(tt.args.protection, tt.args.c) + t.Parallel() + got := IsBranchProtected(tt.args.protection, &tt.args.c) got.Details = l.messages if got.Confidence != tt.want.Confidence || got.Pass != tt.want.Pass { t.Errorf("IsBranchProtected() = %s, %v, want %v", tt.name, got, tt.want) diff --git a/checks/checkforfile.go b/checks/checkforfile.go index 28b4878c..e8d76461 100644 --- a/checks/checkforfile.go +++ b/checks/checkforfile.go @@ -26,7 +26,7 @@ import ( // CheckIfFileExists downloads the tar of the repository and calls the predicate to check // for the occurrence. -func CheckIfFileExists(checkName string, c checker.CheckRequest, predicate func(name string, +func CheckIfFileExists(checkName string, c *checker.CheckRequest, predicate func(name string, Logf func(s string, f ...interface{})) bool) checker.CheckResult { r, _, err := c.Client.Repositories.Get(c.Ctx, c.Owner, c.Repo) if err != nil { diff --git a/checks/ci_tests.go b/checks/ci_tests.go index 52971abe..62922c2b 100644 --- a/checks/ci_tests.go +++ b/checks/ci_tests.go @@ -27,7 +27,7 @@ func init() { registerCheck(ciTestsStr, CITests) } -func CITests(c checker.CheckRequest) checker.CheckResult { +func CITests(c *checker.CheckRequest) checker.CheckResult { prs, _, err := c.Client.PullRequests.List(c.Ctx, c.Owner, c.Repo, &github.PullRequestListOptions{ State: "closed", }) diff --git a/checks/cii_best_practices.go b/checks/cii_best_practices.go index be5ce65d..8f07e651 100644 --- a/checks/cii_best_practices.go +++ b/checks/cii_best_practices.go @@ -32,7 +32,7 @@ type response struct { BadgeLevel string `json:"badge_level"` } -func CIIBestPractices(c checker.CheckRequest) checker.CheckResult { +func CIIBestPractices(c *checker.CheckRequest) checker.CheckResult { repoUrl := fmt.Sprintf("https://github.com/%s/%s", c.Owner, c.Repo) url := fmt.Sprintf("https://bestpractices.coreinfrastructure.org/projects.json?url=%s", repoUrl) resp, err := c.HttpClient.Get(url) diff --git a/checks/code_review.go b/checks/code_review.go index eafdc1bc..c2492270 100644 --- a/checks/code_review.go +++ b/checks/code_review.go @@ -32,7 +32,7 @@ func init() { // - Looking at the repo configuration to see if reviews are required // - Checking if most of the recent merged PRs were "Approved" // - Looking for other well-known review labels -func DoesCodeReview(c checker.CheckRequest) checker.CheckResult { +func DoesCodeReview(c *checker.CheckRequest) checker.CheckResult { return checker.MultiCheck( IsPrReviewRequired, GithubCodeReview, @@ -41,7 +41,7 @@ func DoesCodeReview(c checker.CheckRequest) checker.CheckResult { )(c) } -func GithubCodeReview(c checker.CheckRequest) checker.CheckResult { +func GithubCodeReview(c *checker.CheckRequest) checker.CheckResult { // Look at some merged PRs to see if they were reviewed prs, _, err := c.Client.PullRequests.List(c.Ctx, c.Owner, c.Repo, &github.PullRequestListOptions{ State: "closed", @@ -87,7 +87,6 @@ func GithubCodeReview(c checker.CheckRequest) checker.CheckResult { } } } - } if totalReviewed > 0 { @@ -96,7 +95,7 @@ func GithubCodeReview(c checker.CheckRequest) checker.CheckResult { return checker.MakeProportionalResult(codeReviewStr, totalReviewed, totalMerged, .75) } -func IsPrReviewRequired(c checker.CheckRequest) checker.CheckResult { +func IsPrReviewRequired(c *checker.CheckRequest) checker.CheckResult { // Look to see if review is enforced. r, _, err := c.Client.Repositories.Get(c.Ctx, c.Owner, c.Repo) if err != nil { @@ -120,7 +119,7 @@ func IsPrReviewRequired(c checker.CheckRequest) checker.CheckResult { return checker.MakeInconclusiveResult(codeReviewStr) } -func ProwCodeReview(c checker.CheckRequest) checker.CheckResult { +func ProwCodeReview(c *checker.CheckRequest) checker.CheckResult { // Look at some merged PRs to see if they were reviewed prs, _, err := c.Client.PullRequests.List(c.Ctx, c.Owner, c.Repo, &github.PullRequestListOptions{ State: "closed", @@ -151,7 +150,7 @@ func ProwCodeReview(c checker.CheckRequest) checker.CheckResult { return checker.MakeProportionalResult(codeReviewStr, totalReviewed, totalMerged, .75) } -func CommitMessageHints(c checker.CheckRequest) checker.CheckResult { +func CommitMessageHints(c *checker.CheckRequest) checker.CheckResult { commits, _, err := c.Client.Repositories.ListCommits(c.Ctx, c.Owner, c.Repo, &github.CommitsListOptions{}) if err != nil { return checker.MakeRetryResult(codeReviewStr, err) diff --git a/checks/contributors.go b/checks/contributors.go index dc6e7948..765e2668 100644 --- a/checks/contributors.go +++ b/checks/contributors.go @@ -31,7 +31,7 @@ func init() { registerCheck(contributorsStr, Contributors) } -func Contributors(c checker.CheckRequest) checker.CheckResult { +func Contributors(c *checker.CheckRequest) checker.CheckResult { contribs, _, err := c.Client.Repositories.ListContributors(c.Ctx, c.Owner, c.Repo, &github.ListContributorsOptions{}) if err != nil { return checker.MakeRetryResult(contributorsStr, err) @@ -40,29 +40,30 @@ func Contributors(c checker.CheckRequest) checker.CheckResult { companies := map[string]struct{}{} for _, contrib := range contribs { //nolint:nestif - if contrib.GetContributions() >= minContributionsPerUser { - u, _, err := c.Client.Users.Get(c.Ctx, contrib.GetLogin()) - if err != nil { - return checker.MakeRetryResult(contributorsStr, err) - } - orgs, _, err := c.Client.Organizations.List(c.Ctx, contrib.GetLogin(), nil) - if err != nil { - c.Logf("unable to get org members for %s", contrib.GetLogin()) - } else if len(orgs) > 0 { - companies[*orgs[0].Login] = struct{}{} - continue - } + if contrib.GetContributions() < minContributionsPerUser { + continue + } + u, _, err := c.Client.Users.Get(c.Ctx, contrib.GetLogin()) + if err != nil { + return checker.MakeRetryResult(contributorsStr, err) + } + orgs, _, err := c.Client.Organizations.List(c.Ctx, contrib.GetLogin(), nil) + if err != nil { + c.Logf("unable to get org members for %s", contrib.GetLogin()) + } else if len(orgs) > 0 { + companies[*orgs[0].Login] = struct{}{} + continue + } - company := u.GetCompany() - if company != "" { - company = strings.ToLower(company) - company = strings.ReplaceAll(company, "inc.", "") - company = strings.ReplaceAll(company, "llc", "") - company = strings.ReplaceAll(company, ",", "") - company = strings.TrimLeft(company, "@") - company = strings.Trim(company, " ") - companies[company] = struct{}{} - } + company := u.GetCompany() + if company != "" { + company = strings.ToLower(company) + company = strings.ReplaceAll(company, "inc.", "") + company = strings.ReplaceAll(company, "llc", "") + company = strings.ReplaceAll(company, ",", "") + company = strings.TrimLeft(company, "@") + company = strings.Trim(company, " ") + companies[company] = struct{}{} } } names := []string{} diff --git a/checks/frozen_deps.go b/checks/frozen_deps.go index bca59101..d7fed397 100644 --- a/checks/frozen_deps.go +++ b/checks/frozen_deps.go @@ -27,7 +27,7 @@ func init() { } // FrozenDeps will check the repository if it contains frozen dependecies. -func FrozenDeps(c checker.CheckRequest) checker.CheckResult { +func FrozenDeps(c *checker.CheckRequest) checker.CheckResult { return CheckIfFileExists(frozenDepsStr, c, filePredicate) } diff --git a/checks/fuzzing.go b/checks/fuzzing.go index 938f51f3..b533f117 100644 --- a/checks/fuzzing.go +++ b/checks/fuzzing.go @@ -27,7 +27,7 @@ func init() { registerCheck(fuzzingStr, Fuzzing) } -func Fuzzing(c checker.CheckRequest) checker.CheckResult { +func Fuzzing(c *checker.CheckRequest) checker.CheckResult { url := fmt.Sprintf("github.com/%s/%s", c.Owner, c.Repo) searchString := url + " repo:google/oss-fuzz in:file filename:project.yaml" results, _, err := c.Client.Search.Code(c.Ctx, searchString, &github.SearchOptions{}) diff --git a/checks/packaging.go b/checks/packaging.go index 74f02950..9ecc8aee 100644 --- a/checks/packaging.go +++ b/checks/packaging.go @@ -29,7 +29,7 @@ func init() { registerCheck(packagingStr, Packaging) } -func Packaging(c checker.CheckRequest) checker.CheckResult { +func Packaging(c *checker.CheckRequest) checker.CheckResult { _, dc, _, err := c.Client.Repositories.GetContents(c.Ctx, c.Owner, c.Repo, ".github/workflows", &github.RepositoryContentGetOptions{}) if err != nil { return checker.MakeRetryResult(packagingStr, err) @@ -78,11 +78,11 @@ func Packaging(c checker.CheckRequest) checker.CheckResult { } } -func isPackagingWorkflow(s string, fp string, c checker.CheckRequest) bool { +func isPackagingWorkflow(s, fp string, c *checker.CheckRequest) bool { // nodejs packages if strings.Contains(s, "uses: actions/setup-node@") { - r1, _ := regexp.Compile(`(?s)registry-url.*https://registry\.npmjs\.org`) - r2, _ := regexp.Compile(`(?s)npm.*publish`) + r1 := regexp.MustCompile(`(?s)registry-url.*https://registry\.npmjs\.org`) + r2 := regexp.MustCompile(`(?s)npm.*publish`) if r1.MatchString(s) && r2.MatchString(s) { c.Logf("found node packaging workflow using npm: %s", fp) @@ -92,14 +92,14 @@ func isPackagingWorkflow(s string, fp string, c checker.CheckRequest) bool { if strings.Contains(s, "uses: actions/setup-java@") { // java packages with maven - r1, _ := regexp.Compile(`(?s)mvn.*deploy`) + r1 := regexp.MustCompile(`(?s)mvn.*deploy`) if r1.MatchString(s) { c.Logf("found java packaging workflow using maven: %s", fp) return true } // java packages with gradle - r2, _ := regexp.Compile(`(?s)gradle.*publish`) + r2 := regexp.MustCompile(`(?s)gradle.*publish`) if r2.MatchString(s) { c.Logf("found java packaging workflow using gradle: %s", fp) return true diff --git a/checks/pull_requests.go b/checks/pull_requests.go index 48657598..d8908279 100644 --- a/checks/pull_requests.go +++ b/checks/pull_requests.go @@ -27,7 +27,7 @@ func init() { registerCheck(pullRequestsStr, PullRequests) } -func PullRequests(c checker.CheckRequest) checker.CheckResult { +func PullRequests(c *checker.CheckRequest) checker.CheckResult { commits, _, err := c.Client.Repositories.ListCommits(c.Ctx, c.Owner, c.Repo, &github.CommitsListOptions{}) if err != nil { return checker.MakeRetryResult(pullRequestsStr, err) diff --git a/checks/sast.go b/checks/sast.go index c87af892..9a7e9ef0 100644 --- a/checks/sast.go +++ b/checks/sast.go @@ -27,14 +27,14 @@ func init() { registerCheck(sastStr, SAST) } -func SAST(c checker.CheckRequest) checker.CheckResult { +func SAST(c *checker.CheckRequest) checker.CheckResult { return checker.MultiCheck( CodeQLInCheckDefinitions, SASTToolInCheckRuns, )(c) } -func SASTToolInCheckRuns(c checker.CheckRequest) checker.CheckResult { +func SASTToolInCheckRuns(c *checker.CheckRequest) checker.CheckResult { prs, _, err := c.Client.PullRequests.List(c.Ctx, c.Owner, c.Repo, &github.PullRequestListOptions{ State: "closed", }) @@ -76,7 +76,7 @@ func SASTToolInCheckRuns(c checker.CheckRequest) checker.CheckResult { return checker.MakeProportionalResult(sastStr, totalTested, totalMerged, .75) } -func CodeQLInCheckDefinitions(c checker.CheckRequest) checker.CheckResult { +func CodeQLInCheckDefinitions(c *checker.CheckRequest) checker.CheckResult { searchQuery := ("github/codeql-action path:/.github/workflows repo:" + c.Owner + "/" + c.Repo) results, _, err := c.Client.Search.Code(c.Ctx, searchQuery, &github.SearchOptions{}) if err != nil { diff --git a/checks/security_policy.go b/checks/security_policy.go index 285d7f24..d2e614c7 100644 --- a/checks/security_policy.go +++ b/checks/security_policy.go @@ -26,7 +26,7 @@ func init() { registerCheck(securityPolicyStr, SecurityPolicy) } -func SecurityPolicy(c checker.CheckRequest) checker.CheckResult { +func SecurityPolicy(c *checker.CheckRequest) checker.CheckResult { // check repository for repository-specific policy result := CheckIfFileExists(securityPolicyStr, c, func(name string, logf func(s string, f ...interface{})) bool { if strings.EqualFold(name, "security.md") { diff --git a/checks/signed_releases.go b/checks/signed_releases.go index 5c193a40..6342d516 100644 --- a/checks/signed_releases.go +++ b/checks/signed_releases.go @@ -30,7 +30,7 @@ func init() { registerCheck(signedReleasesStr, SignedReleases) } -func SignedReleases(c checker.CheckRequest) checker.CheckResult { +func SignedReleases(c *checker.CheckRequest) checker.CheckResult { releases, _, err := c.Client.Repositories.ListReleases(c.Ctx, c.Owner, c.Repo, &github.ListOptions{}) if err != nil { return checker.MakeRetryResult(signedReleasesStr, err) diff --git a/checks/signed_tags.go b/checks/signed_tags.go index 4318e81f..2e3807c3 100644 --- a/checks/signed_tags.go +++ b/checks/signed_tags.go @@ -28,7 +28,7 @@ func init() { registerCheck(signedTagsStr, SignedTags) } -func SignedTags(c checker.CheckRequest) checker.CheckResult { +func SignedTags(c *checker.CheckRequest) checker.CheckResult { type ref struct { Name githubv4.String Target struct { diff --git a/cmd/root.go b/cmd/root.go index 8feb5828..7c07dfa1 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -63,7 +63,10 @@ or ./scorecard --{npm,pypi,rubgems}= [--checks=check1,...] [--show Run: func(cmd *cobra.Command, args []string) { cfg := zap.NewProductionConfig() cfg.Level.SetLevel(*logLevel) - logger, _ := cfg.Build() + logger, err := cfg.Build() + if err != nil { + log.Fatalf("unable to construct logger: %v", err) + } // nolint defer logger.Sync() // flushes buffer, if any sugar := logger.Sugar() diff --git a/cmd/serve.go b/cmd/serve.go index 60a5da78..b4e1147f 100644 --- a/cmd/serve.go +++ b/cmd/serve.go @@ -42,7 +42,10 @@ var serveCmd = &cobra.Command{ Run: func(cmd *cobra.Command, args []string) { cfg := zap.NewProductionConfig() cfg.Level.SetLevel(*logLevel) - logger, _ := cfg.Build() + logger, err := cfg.Build() + if err != nil { + log.Fatalf("unable to construct logger: %v", err) + } //nolint defer logger.Sync() // flushes buffer, if any sugar := logger.Sugar() @@ -122,7 +125,7 @@ func encodeJson(repo string, results []checker.CheckResult) ([]byte, error) { } output, err := json.Marshal(or) if err != nil { - return nil, err + return nil, fmt.Errorf("failed to json encode results: %w", err) } return output, nil } diff --git a/e2e/active_test.go b/e2e/active_test.go index 5c8a2164..dbaad610 100644 --- a/e2e/active_test.go +++ b/e2e/active_test.go @@ -19,8 +19,8 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/checks" "github.com/ossf/scorecard/checker" + "github.com/ossf/scorecard/checks" ) var _ = Describe("E2E TEST:Active", func() { @@ -36,7 +36,7 @@ var _ = Describe("E2E TEST:Active", func() { GraphClient: graphClient, Logf: l.Logf, } - result := checks.IsActive(checkRequest) + result := checks.IsActive(&checkRequest) Expect(result.Error).Should(BeNil()) Expect(result.Pass).Should(BeTrue()) }) diff --git a/e2e/branchprotection_test.go b/e2e/branchprotection_test.go index 894c6d23..9747faf4 100644 --- a/e2e/branchprotection_test.go +++ b/e2e/branchprotection_test.go @@ -19,8 +19,8 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/checks" "github.com/ossf/scorecard/checker" + "github.com/ossf/scorecard/checks" ) var _ = Describe("E2E TEST:Branch Protection", func() { @@ -36,7 +36,7 @@ var _ = Describe("E2E TEST:Branch Protection", func() { GraphClient: graphClient, Logf: l.Logf, } - result := checks.BranchProtection(checkRequest) + result := checks.BranchProtection(&checkRequest) Expect(result.Error).ShouldNot(BeNil()) Expect(result.Pass).Should(BeFalse()) }) diff --git a/e2e/ci_tests_test.go b/e2e/ci_tests_test.go index 75b07826..049b755e 100644 --- a/e2e/ci_tests_test.go +++ b/e2e/ci_tests_test.go @@ -19,8 +19,8 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/checks" "github.com/ossf/scorecard/checker" + "github.com/ossf/scorecard/checks" ) var _ = Describe("E2E TEST:CITests", func() { @@ -36,7 +36,7 @@ var _ = Describe("E2E TEST:CITests", func() { GraphClient: graphClient, Logf: l.Logf, } - result := checks.CITests(checkRequest) + result := checks.CITests(&checkRequest) Expect(result.Error).Should(BeNil()) Expect(result.Pass).Should(BeTrue()) }) diff --git a/e2e/cii_best_practices_test.go b/e2e/cii_best_practices_test.go index ad90c22c..c81b9118 100644 --- a/e2e/cii_best_practices_test.go +++ b/e2e/cii_best_practices_test.go @@ -19,8 +19,8 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/checks" "github.com/ossf/scorecard/checker" + "github.com/ossf/scorecard/checks" ) var _ = Describe("E2E TEST:CIIBestPractices", func() { @@ -36,7 +36,7 @@ var _ = Describe("E2E TEST:CIIBestPractices", func() { GraphClient: graphClient, Logf: l.Logf, } - result := checks.CIIBestPractices(checkRequest) + result := checks.CIIBestPractices(&checkRequest) Expect(result.Error).Should(BeNil()) Expect(result.Pass).Should(BeTrue()) }) diff --git a/e2e/code_review_test.go b/e2e/code_review_test.go index f599340d..0117f4e3 100644 --- a/e2e/code_review_test.go +++ b/e2e/code_review_test.go @@ -19,8 +19,8 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/checks" "github.com/ossf/scorecard/checker" + "github.com/ossf/scorecard/checks" ) var _ = Describe("E2E TEST:CodeReview", func() { @@ -36,7 +36,7 @@ var _ = Describe("E2E TEST:CodeReview", func() { GraphClient: graphClient, Logf: l.Logf, } - result := checks.DoesCodeReview(checkRequest) + result := checks.DoesCodeReview(&checkRequest) Expect(result.Error).Should(BeNil()) Expect(result.Pass).Should(BeTrue()) }) diff --git a/e2e/contributors_test.go b/e2e/contributors_test.go index 8dd81fb5..9f1ddbc3 100644 --- a/e2e/contributors_test.go +++ b/e2e/contributors_test.go @@ -36,7 +36,7 @@ var _ = Describe("E2E TEST:CodeReview", func() { GraphClient: graphClient, Logf: l.Logf, } - result := checks.Contributors(checkRequest) + result := checks.Contributors(&checkRequest) Expect(result.Error).Should(BeNil()) Expect(result.Pass).Should(BeTrue()) }) @@ -51,7 +51,7 @@ var _ = Describe("E2E TEST:CodeReview", func() { GraphClient: graphClient, Logf: l.Logf, } - result := checks.Contributors(checkRequest) + result := checks.Contributors(&checkRequest) Expect(result.Error).Should(BeNil()) Expect(result.Pass).Should(BeTrue()) }) diff --git a/e2e/e2e_suite_test.go b/e2e/e2e_suite_test.go index 7bdcc4f4..657092f1 100644 --- a/e2e/e2e_suite_test.go +++ b/e2e/e2e_suite_test.go @@ -42,6 +42,7 @@ func (l *log) Logf(s string, f ...interface{}) { } func TestE2e(t *testing.T) { + t.Parallel() RegisterFailHandler(Fail) RunSpecs(t, "E2e Suite") } diff --git a/e2e/frozen_deps_test.go b/e2e/frozen_deps_test.go index dcc04ec9..7d491227 100644 --- a/e2e/frozen_deps_test.go +++ b/e2e/frozen_deps_test.go @@ -19,8 +19,8 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/checks" "github.com/ossf/scorecard/checker" + "github.com/ossf/scorecard/checks" ) var _ = Describe("E2E TEST:FrozenDeps", func() { @@ -36,7 +36,7 @@ var _ = Describe("E2E TEST:FrozenDeps", func() { GraphClient: graphClient, Logf: l.Logf, } - result := checks.FrozenDeps(checkRequest) + result := checks.FrozenDeps(&checkRequest) Expect(result.Error).Should(BeNil()) Expect(result.Pass).Should(BeTrue()) }) diff --git a/e2e/fuzzing_test.go b/e2e/fuzzing_test.go index 6aca7f90..e6097626 100644 --- a/e2e/fuzzing_test.go +++ b/e2e/fuzzing_test.go @@ -19,8 +19,8 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/checks" "github.com/ossf/scorecard/checker" + "github.com/ossf/scorecard/checks" ) var _ = Describe("E2E TEST:Fuzzing", func() { @@ -36,7 +36,7 @@ var _ = Describe("E2E TEST:Fuzzing", func() { GraphClient: graphClient, Logf: l.Logf, } - result := checks.Fuzzing(checkRequest) + result := checks.Fuzzing(&checkRequest) Expect(result.Error).Should(BeNil()) Expect(result.Pass).Should(BeTrue()) }) diff --git a/e2e/packaging_test.go b/e2e/packaging_test.go index 05aa4975..3a338653 100644 --- a/e2e/packaging_test.go +++ b/e2e/packaging_test.go @@ -36,7 +36,7 @@ var _ = Describe("E2E TEST:Packaging", func() { GraphClient: graphClient, Logf: l.Logf, } - result := checks.Packaging(checkRequest) + result := checks.Packaging(&checkRequest) Expect(result.Error).Should(BeNil()) Expect(result.Pass).Should(BeTrue()) }) @@ -51,7 +51,7 @@ var _ = Describe("E2E TEST:Packaging", func() { GraphClient: graphClient, Logf: l.Logf, } - result := checks.Packaging(checkRequest) + result := checks.Packaging(&checkRequest) Expect(result.Error).Should(BeNil()) Expect(result.Pass).Should(BeTrue()) }) diff --git a/e2e/pull_requests_test.go b/e2e/pull_requests_test.go index 2cba289a..467d899f 100644 --- a/e2e/pull_requests_test.go +++ b/e2e/pull_requests_test.go @@ -19,8 +19,8 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/checks" "github.com/ossf/scorecard/checker" + "github.com/ossf/scorecard/checks" ) var _ = Describe("E2E TEST:PullRequests", func() { @@ -36,7 +36,7 @@ var _ = Describe("E2E TEST:PullRequests", func() { GraphClient: graphClient, Logf: l.Logf, } - result := checks.PullRequests(checkRequest) + result := checks.PullRequests(&checkRequest) Expect(result.Error).Should(BeNil()) Expect(result.Pass).Should(BeTrue()) }) diff --git a/e2e/sast_test.go b/e2e/sast_test.go index 4b1ab5e1..1080529a 100644 --- a/e2e/sast_test.go +++ b/e2e/sast_test.go @@ -19,8 +19,8 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/checks" "github.com/ossf/scorecard/checker" + "github.com/ossf/scorecard/checks" ) var _ = Describe("E2E TEST:SAST", func() { @@ -36,7 +36,7 @@ var _ = Describe("E2E TEST:SAST", func() { GraphClient: graphClient, Logf: l.Logf, } - result := checks.SAST(checkRequest) + result := checks.SAST(&checkRequest) Expect(result.Error).Should(BeNil()) Expect(result.Pass).Should(BeTrue()) }) diff --git a/e2e/security_policy_test.go b/e2e/security_policy_test.go index fad1bd0b..a7ba848b 100644 --- a/e2e/security_policy_test.go +++ b/e2e/security_policy_test.go @@ -19,8 +19,8 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/checks" "github.com/ossf/scorecard/checker" + "github.com/ossf/scorecard/checks" ) var _ = Describe("E2E TEST:SecurityPolicy", func() { @@ -36,7 +36,7 @@ var _ = Describe("E2E TEST:SecurityPolicy", func() { GraphClient: graphClient, Logf: l.Logf, } - result := checks.SecurityPolicy(checkRequest) + result := checks.SecurityPolicy(&checkRequest) Expect(result.Error).Should(BeNil()) Expect(result.Pass).Should(BeTrue()) }) diff --git a/e2e/signedreleases_test.go b/e2e/signedreleases_test.go index d22d1640..fa53bc30 100644 --- a/e2e/signedreleases_test.go +++ b/e2e/signedreleases_test.go @@ -19,8 +19,8 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/checks" "github.com/ossf/scorecard/checker" + "github.com/ossf/scorecard/checks" ) var _ = Describe("E2E TEST:Signedreleases", func() { @@ -36,7 +36,7 @@ var _ = Describe("E2E TEST:Signedreleases", func() { GraphClient: graphClient, Logf: l.Logf, } - result := checks.SignedReleases(checkRequest) + result := checks.SignedReleases(&checkRequest) Expect(result.Error).Should(BeNil()) Expect(result.Pass).Should(BeTrue()) }) diff --git a/e2e/signedtags_test.go b/e2e/signedtags_test.go index ece9c60f..8a580ba8 100644 --- a/e2e/signedtags_test.go +++ b/e2e/signedtags_test.go @@ -20,8 +20,8 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/checks" "github.com/ossf/scorecard/checker" + "github.com/ossf/scorecard/checks" ) var _ = Describe("E2E TEST:Signedtags", func() { @@ -37,7 +37,7 @@ var _ = Describe("E2E TEST:Signedtags", func() { GraphClient: graphClient, Logf: l.Logf, } - result := checks.SignedTags(checkRequest) + result := checks.SignedTags(&checkRequest) Expect(result.Error).Should(BeNil()) Expect(result.Pass).Should(BeTrue()) }) diff --git a/pkg/scorecard.go b/pkg/scorecard.go index ff904e09..4d2b0d1e 100644 --- a/pkg/scorecard.go +++ b/pkg/scorecard.go @@ -50,7 +50,7 @@ func (r *RepoURL) Set(s string) error { u, e := url.Parse(s) if e != nil { - return e + return fmt.Errorf("failed to parse repo url: %w", e) } const splitLen = 2 @@ -59,7 +59,7 @@ func (r *RepoURL) Set(s string) error { log.Fatalf("invalid repo flag: [%s], pass the full repository URL", s) } - if len(strings.TrimSpace(split[0])) == 0 || len(strings.TrimSpace(split[1])) == 0 { + if strings.TrimSpace(split[0]) == "" || strings.TrimSpace(split[1]) == "" { log.Fatalf("invalid repo flag: [%s], pass the full repository URL", s) } diff --git a/pkg/scorecard_test.go b/pkg/scorecard_test.go index 2494c1ea..f62fa0d5 100644 --- a/pkg/scorecard_test.go +++ b/pkg/scorecard_test.go @@ -19,6 +19,7 @@ import ( ) func TestRepoURL_Set(t *testing.T) { + t.Parallel() type fields struct { Host string Owner string @@ -65,7 +66,9 @@ func TestRepoURL_Set(t *testing.T) { }, } for _, tt := range tests { + tt := tt // Re-initializing variable so it is not changed while executing the closure below t.Run(tt.name, func(t *testing.T) { + t.Parallel() r := &RepoURL{ Host: tt.fields.Host, Owner: tt.fields.Owner,