diff --git a/checker/raw_result.go b/checker/raw_result.go index 15e35d38..7a370715 100644 --- a/checker/raw_result.go +++ b/checker/raw_result.go @@ -36,28 +36,9 @@ type RawResults struct { LicenseResults LicenseData } -// FuzzerName represents a fuzzing service. -type FuzzerName string - -const ( - // FuzzerNameCIFuzz is CIFuzz. - FuzzerNameCIFuzz FuzzerName = "CIFuzz" - // FuzzerNameOSSFuzz is OSSFuzz. - FuzzerNameOSSFuzz FuzzerName = "OSSFuzz" - // FuzzerNameGoBuiltin is the built-in Go fuzzer. - FuzzerNameGoBuiltin FuzzerName = "GoFuzzer" -) - // FuzzingData represents different fuzzing done. type FuzzingData struct { - Fuzzers []Fuzzer -} - -// Fuzzer represent the use of a fuzzer. -type Fuzzer struct { - Name FuzzerName - // TODO: CodeCoverage. - // TODO: (#1933) + Fuzzers []Tool } // MaintainedData contains the raw results @@ -161,16 +142,18 @@ type BranchProtectionData struct { // Tool represents a tool. type Tool struct { + URL *string + Desc *string + File *File + Name string // Runs of the tool. Runs []Run // Issues created by the tool. Issues []Issue // Merge requests created by the tool. MergeRequests []MergeRequest - Name string - URL string - Desc string - ConfigFiles []File + + // TODO: CodeCoverage, jsonWorkflowJob. } // Run represents a run. diff --git a/checks/evaluation/dependency_update_tool.go b/checks/evaluation/dependency_update_tool.go index ab11edc0..d906c257 100644 --- a/checks/evaluation/dependency_update_tool.go +++ b/checks/evaluation/dependency_update_tool.go @@ -49,18 +49,17 @@ func DependencyUpdateTool(name string, dl checker.DetailLogger, return checker.CreateRuntimeErrorResult(name, e) } - if len(r.Tools[0].ConfigFiles) != 1 { - e := sce.WithMessage(sce.ErrScorecardInternal, - fmt.Sprintf("found %d config files, expected 1", len(r.Tools[0].ConfigFiles))) + if r.Tools[0].File == nil { + e := sce.WithMessage(sce.ErrScorecardInternal, "File is nil") return checker.CreateRuntimeErrorResult(name, e) } // Note: only one file per tool is present, // so we do not iterate thru all entries. dl.Info(&checker.LogMessage{ - Path: r.Tools[0].ConfigFiles[0].Path, - Type: r.Tools[0].ConfigFiles[0].Type, - Offset: r.Tools[0].ConfigFiles[0].Offset, + Path: r.Tools[0].File.Path, + Type: r.Tools[0].File.Type, + Offset: r.Tools[0].File.Offset, Text: fmt.Sprintf("%s detected", r.Tools[0].Name), }) diff --git a/checks/evaluation/dependency_update_tool_test.go b/checks/evaluation/dependency_update_tool_test.go index 6fe38185..1155671f 100644 --- a/checks/evaluation/dependency_update_tool_test.go +++ b/checks/evaluation/dependency_update_tool_test.go @@ -88,16 +88,14 @@ func TestDependencyUpdateTool(t *testing.T) { Tools: []checker.Tool{ { Name: "DependencyUpdateTool", - ConfigFiles: []checker.File{ - { - Path: "/etc/dependency-update-tool.conf", - Snippet: ` + File: &checker.File{ + Path: "/etc/dependency-update-tool.conf", + Snippet: ` [dependency-update-tool] enabled = true `, - Offset: 0, - Type: 0, - }, + Offset: 0, + Type: 0, }, }, }, diff --git a/checks/evaluation/fuzzing.go b/checks/evaluation/fuzzing.go index dab3295f..69677309 100644 --- a/checks/evaluation/fuzzing.go +++ b/checks/evaluation/fuzzing.go @@ -15,6 +15,8 @@ package evaluation import ( + "fmt" + "github.com/ossf/scorecard/v4/checker" sce "github.com/ossf/scorecard/v4/errors" ) @@ -28,15 +30,10 @@ func Fuzzing(name string, dl checker.DetailLogger, return checker.CreateRuntimeErrorResult(name, e) } - for _, fuzzer := range r.Fuzzers { - switch fuzzer.Name { - case checker.FuzzerNameCIFuzz: - return checker.CreateMaxScoreResult(name, "project uses ClusterFuzzLite") - case checker.FuzzerNameOSSFuzz: - return checker.CreateMaxScoreResult(name, "project is fuzzed in OSS-Fuzz") - case checker.FuzzerNameGoBuiltin: - return checker.CreateMaxScoreResult(name, "project is fuzzed using Golang's fuzzing") - } + for i := range r.Fuzzers { + fuzzer := r.Fuzzers[i] + return checker.CreateMaxScoreResult(name, + fmt.Sprintf("project is fuzzed with %s", fuzzer.Name)) } return checker.CreateMinScoreResult(name, "project is not fuzzed") diff --git a/checks/raw/dependency_update_tool.go b/checks/raw/dependency_update_tool.go index a4bb2168..3ad79d9b 100644 --- a/checks/raw/dependency_update_tool.go +++ b/checks/raw/dependency_update_tool.go @@ -49,14 +49,12 @@ var checkDependencyFileExists fileparser.DoWhileTrueOnFilename = func(name strin case ".github/dependabot.yml", ".github/dependabot.yaml": *ptools = append(*ptools, checker.Tool{ Name: "Dependabot", - URL: "https://github.com/dependabot", - Desc: "Automated dependency updates built into GitHub", - ConfigFiles: []checker.File{ - { - Path: name, - Type: checker.FileTypeSource, - Offset: checker.OffsetDefault, - }, + URL: asPointer("https://github.com/dependabot"), + Desc: asPointer("Automated dependency updates built into GitHub"), + File: &checker.File{ + Path: name, + Type: checker.FileTypeSource, + Offset: checker.OffsetDefault, }, }) @@ -65,14 +63,12 @@ var checkDependencyFileExists fileparser.DoWhileTrueOnFilename = func(name strin "renovate.json5", ".renovaterc": *ptools = append(*ptools, checker.Tool{ Name: "Renovabot", - URL: "https://github.com/renovatebot/renovate", - Desc: "Automated dependency updates. Multi-platform and multi-language.", - ConfigFiles: []checker.File{ - { - Path: name, - Type: checker.FileTypeSource, - Offset: checker.OffsetDefault, - }, + URL: asPointer("https://github.com/renovatebot/renovate"), + Desc: asPointer("Automated dependency updates. Multi-platform and multi-language."), + File: &checker.File{ + Path: name, + Type: checker.FileTypeSource, + Offset: checker.OffsetDefault, }, }) default: @@ -83,3 +79,7 @@ var checkDependencyFileExists fileparser.DoWhileTrueOnFilename = func(name strin // We found a file, no need to continue iterating. return false, nil } + +func asPointer(s string) *string { + return &s +} diff --git a/checks/raw/fuzzing.go b/checks/raw/fuzzing.go index ac5eb555..75218d11 100644 --- a/checks/raw/fuzzing.go +++ b/checks/raw/fuzzing.go @@ -25,13 +25,20 @@ import ( // Fuzzing runs Fuzzing check. func Fuzzing(c *checker.CheckRequest) (checker.FuzzingData, error) { - var fuzzers []checker.Fuzzer + var fuzzers []checker.Tool usingCFLite, e := checkCFLite(c) if e != nil { return checker.FuzzingData{}, fmt.Errorf("%w", e) } if usingCFLite { - fuzzers = append(fuzzers, checker.Fuzzer{Name: checker.FuzzerNameCIFuzz}) + fuzzers = append(fuzzers, + checker.Tool{ + Name: "ClusterFuzzLite", + URL: asPointer("https://github.com/google/clusterfuzzlite"), + Desc: asPointer("continuous fuzzing solution that runs as part of Continuous Integration (CI) workflows"), + // TODO: File. + }, + ) } usingOSSFuzz, e := checkOSSFuzz(c) @@ -39,7 +46,14 @@ func Fuzzing(c *checker.CheckRequest) (checker.FuzzingData, error) { return checker.FuzzingData{}, fmt.Errorf("%w", e) } if usingOSSFuzz { - fuzzers = append(fuzzers, checker.Fuzzer{Name: checker.FuzzerNameOSSFuzz}) + fuzzers = append(fuzzers, + checker.Tool{ + Name: "OSS-Fuzz", + URL: asPointer("https://github.com/google/oss-fuzz"), + Desc: asPointer("Continuous Fuzzing for Open Source Software"), + // TODO: File. + }, + ) } return checker.FuzzingData{Fuzzers: fuzzers}, nil diff --git a/cron/format/json_raw_results.go b/cron/format/json_raw_results.go index 59f4c1e0..5109f85c 100644 --- a/cron/format/json_raw_results.go +++ b/cron/format/json_raw_results.go @@ -40,10 +40,10 @@ type jsonFile struct { } type jsonTool struct { - Name string `json:"name"` - URL string `json:"url"` - Desc string `json:"desc"` - ConfigFiles []jsonFile `json:"files"` + URL *string `json:"url"` + Desc *string `json:"desc"` + File *jsonFile `json:"file"` + Name string `json:"name"` // TODO: Runs, Issues, Merge requests. } @@ -201,20 +201,17 @@ func addDependencyUpdateToolRawResults(r *jsonScorecardRawResult, r.Results.DependencyUpdateTools = []jsonTool{} for i := range dut.Tools { t := dut.Tools[i] - offset := len(r.Results.DependencyUpdateTools) - r.Results.DependencyUpdateTools = append(r.Results.DependencyUpdateTools, jsonTool{ + jt := jsonTool{ Name: t.Name, URL: t.URL, Desc: t.Desc, - }) - for _, f := range t.ConfigFiles { - r.Results.DependencyUpdateTools[offset].ConfigFiles = append( - r.Results.DependencyUpdateTools[offset].ConfigFiles, - jsonFile{ - Path: f.Path, - }, - ) } + if t.File != nil { + jt.File = &jsonFile{ + Path: t.File.Path, + } + } + r.Results.DependencyUpdateTools = append(r.Results.DependencyUpdateTools, jt) } return nil } diff --git a/pkg/json_raw_results.go b/pkg/json_raw_results.go index 0bcbd1d4..1bf69ac9 100644 --- a/pkg/json_raw_results.go +++ b/pkg/json_raw_results.go @@ -44,10 +44,11 @@ type jsonFile struct { } type jsonTool struct { - Name string `json:"name"` - URL string `json:"url"` - Desc string `json:"desc"` - ConfigFiles []jsonFile `json:"files"` + URL *string `json:"url"` + Desc *string `json:"desc"` + Job *jsonWorkflowJob `json:"job,omitempty"` + File *jsonFile `json:"file,omitempty"` + Name string `json:"name"` // TODO: Runs, Issues, Merge requests. } @@ -176,13 +177,6 @@ type jsonWorkflowJob struct { ID *string `json:"id"` } -type jsonFuzzer struct { - Job *jsonWorkflowJob `json:"job,omitempty"` - File *jsonFile `json:"file,omitempty"` - Name string `json:"name"` - // TODO: (#1933) -} - //nolint type jsonRawResults struct { // Workflow results. @@ -214,24 +208,11 @@ type jsonRawResults struct { // Archived status of the repo. ArchivedStatus jsonArchivedStatus `json:"archived"` // Fuzzers. - Fuzzers []jsonFuzzer `json:"fuzzers"` + Fuzzers []jsonTool `json:"fuzzers"` // Releases. Releases []jsonRelease `json:"releases"` } -//nolint:unparam -func (r *jsonScorecardRawResult) addFuzzingRawResults(fd *checker.FuzzingData) error { - r.Results.Fuzzers = []jsonFuzzer{} - for _, f := range fd.Fuzzers { - fuzzer := jsonFuzzer{ - // TODO: Job, File, Coverage. - Name: string(f.Name), - } - r.Results.Fuzzers = append(r.Results.Fuzzers, fuzzer) - } - return nil -} - //nolint:unparam func (r *jsonScorecardRawResult) addDangerousWorkflowRawResults(df *checker.DangerousWorkflowData) error { r.Results.Workflows = []jsonWorkflow{} @@ -471,25 +452,42 @@ func (r *jsonScorecardRawResult) addSecurityPolicyRawResults(sp *checker.Securit return nil } +//nolint:unparam +func (r *jsonScorecardRawResult) addFuzzingRawResults(fd *checker.FuzzingData) error { + r.Results.Fuzzers = []jsonTool{} + for i := range fd.Fuzzers { + f := fd.Fuzzers[i] + jt := jsonTool{ + Name: f.Name, + URL: f.URL, + Desc: f.Desc, + } + if f.File != nil { + jt.File = &jsonFile{ + Path: f.File.Path, + } + } + r.Results.Fuzzers = append(r.Results.Fuzzers, jt) + } + return nil +} + //nolint:unparam func (r *jsonScorecardRawResult) addDependencyUpdateToolRawResults(dut *checker.DependencyUpdateToolData) error { r.Results.DependencyUpdateTools = []jsonTool{} for i := range dut.Tools { t := dut.Tools[i] - offset := len(r.Results.DependencyUpdateTools) - r.Results.DependencyUpdateTools = append(r.Results.DependencyUpdateTools, jsonTool{ + jt := jsonTool{ Name: t.Name, URL: t.URL, Desc: t.Desc, - }) - for _, f := range t.ConfigFiles { - r.Results.DependencyUpdateTools[offset].ConfigFiles = append( - r.Results.DependencyUpdateTools[offset].ConfigFiles, - jsonFile{ - Path: f.Path, - }, - ) } + if t.File != nil { + jt.File = &jsonFile{ + Path: t.File.Path, + } + } + r.Results.DependencyUpdateTools = append(r.Results.DependencyUpdateTools, jt) } return nil }