mirror of
https://github.com/ossf/scorecard.git
synced 2024-09-17 11:57:12 +03:00
parent
f153db5a4a
commit
6c1c789dc5
@ -17,7 +17,7 @@ package checker
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
)
|
)
|
||||||
|
|
||||||
// CheckRequest struct encapsulates all data to be passed into a CheckFn.
|
// CheckRequest struct encapsulates all data to be passed into a CheckFn.
|
||||||
|
@ -23,8 +23,8 @@ import (
|
|||||||
opencensusstats "go.opencensus.io/stats"
|
opencensusstats "go.opencensus.io/stats"
|
||||||
"go.opencensus.io/tag"
|
"go.opencensus.io/tag"
|
||||||
|
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
"github.com/ossf/scorecard/v2/stats"
|
"github.com/ossf/scorecard/v3/stats"
|
||||||
)
|
)
|
||||||
|
|
||||||
const checkRetries = 3
|
const checkRetries = 3
|
||||||
|
@ -15,7 +15,7 @@
|
|||||||
// Package checks defines all Scorecard checks.
|
// Package checks defines all Scorecard checks.
|
||||||
package checks
|
package checks
|
||||||
|
|
||||||
import "github.com/ossf/scorecard/v2/checker"
|
import "github.com/ossf/scorecard/v3/checker"
|
||||||
|
|
||||||
// AllChecks is the list of all security checks that will be run.
|
// AllChecks is the list of all security checks that will be run.
|
||||||
var AllChecks = checker.CheckNameToFnMap{}
|
var AllChecks = checker.CheckNameToFnMap{}
|
||||||
|
@ -22,8 +22,8 @@ import (
|
|||||||
"github.com/h2non/filetype"
|
"github.com/h2non/filetype"
|
||||||
"github.com/h2non/filetype/types"
|
"github.com/h2non/filetype/types"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
// CheckBinaryArtifacts is the exported name for Binary-Artifacts check.
|
// CheckBinaryArtifacts is the exported name for Binary-Artifacts check.
|
||||||
|
@ -19,9 +19,9 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"regexp"
|
"regexp"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -19,11 +19,11 @@ import (
|
|||||||
|
|
||||||
"github.com/golang/mock/gomock"
|
"github.com/golang/mock/gomock"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
"github.com/ossf/scorecard/v2/clients/mockrepo"
|
"github.com/ossf/scorecard/v3/clients/mockrepo"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
func getBranch(branches []*clients.BranchRef, name string) *clients.BranchRef {
|
func getBranch(branches []*clients.BranchRef, name string) *clients.BranchRef {
|
||||||
|
@ -18,9 +18,9 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
// States for which CI system is in use.
|
// States for which CI system is in use.
|
||||||
|
@ -21,8 +21,8 @@ import (
|
|||||||
"net/http"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
// CheckCIIBestPractices is the registered name for CIIBestPractices.
|
// CheckCIIBestPractices is the registered name for CIIBestPractices.
|
||||||
|
@ -18,8 +18,8 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
// CheckCodeReview is the registered name for DoesCodeReview.
|
// CheckCodeReview is the registered name for DoesCodeReview.
|
||||||
|
@ -18,8 +18,8 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -17,7 +17,7 @@ package checks
|
|||||||
import (
|
import (
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
)
|
)
|
||||||
|
|
||||||
// CheckDependencyUpdateTool is the exported name for Automatic-Depdendency-Update.
|
// CheckDependencyUpdateTool is the exported name for Automatic-Depdendency-Update.
|
||||||
|
@ -20,9 +20,9 @@ import (
|
|||||||
"path"
|
"path"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
// isMatchingPath uses 'pattern' to shell-match the 'path' and its filename
|
// isMatchingPath uses 'pattern' to shell-match the 'path' and its filename
|
||||||
|
@ -20,10 +20,10 @@ import (
|
|||||||
|
|
||||||
"go.uber.org/zap"
|
"go.uber.org/zap"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
// CheckFuzzing is the registered name for Fuzzing.
|
// CheckFuzzing is the registered name for Fuzzing.
|
||||||
|
@ -18,8 +18,8 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -20,8 +20,8 @@ import (
|
|||||||
"regexp"
|
"regexp"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
// CheckPackaging is the registered name for Packaging.
|
// CheckPackaging is the registered name for Packaging.
|
||||||
|
@ -20,8 +20,8 @@ import (
|
|||||||
|
|
||||||
"gopkg.in/yaml.v2"
|
"gopkg.in/yaml.v2"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
// CheckTokenPermissions is the exported name for Token-Permissions check.
|
// CheckTokenPermissions is the exported name for Token-Permissions check.
|
||||||
|
@ -19,8 +19,8 @@ import (
|
|||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
//nolint
|
//nolint
|
||||||
|
@ -23,8 +23,8 @@ import (
|
|||||||
"github.com/moby/buildkit/frontend/dockerfile/parser"
|
"github.com/moby/buildkit/frontend/dockerfile/parser"
|
||||||
"gopkg.in/yaml.v3"
|
"gopkg.in/yaml.v3"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
// CheckPinnedDependencies is the registered name for FrozenDeps.
|
// CheckPinnedDependencies is the registered name for FrozenDeps.
|
||||||
|
@ -23,8 +23,8 @@ import (
|
|||||||
"github.com/google/go-cmp/cmp"
|
"github.com/google/go-cmp/cmp"
|
||||||
"gopkg.in/yaml.v3"
|
"gopkg.in/yaml.v3"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestGithubWorkflowPinning(t *testing.T) {
|
func TestGithubWorkflowPinning(t *testing.T) {
|
||||||
|
@ -17,9 +17,9 @@ package checks
|
|||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
// CheckSAST is the registered name for SAST.
|
// CheckSAST is the registered name for SAST.
|
||||||
|
@ -20,9 +20,9 @@ import (
|
|||||||
|
|
||||||
"go.uber.org/zap"
|
"go.uber.org/zap"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
// CheckSecurityPolicy is the registred name for SecurityPolicy.
|
// CheckSecurityPolicy is the registred name for SecurityPolicy.
|
||||||
|
@ -27,8 +27,8 @@ import (
|
|||||||
|
|
||||||
"mvdan.cc/sh/v3/syntax"
|
"mvdan.cc/sh/v3/syntax"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
|
@ -18,8 +18,8 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -21,8 +21,8 @@ import (
|
|||||||
"net/http"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -22,8 +22,8 @@ import (
|
|||||||
"github.com/google/go-github/v38/github"
|
"github.com/google/go-github/v38/github"
|
||||||
"github.com/shurcooL/githubv4"
|
"github.com/shurcooL/githubv4"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -20,8 +20,8 @@ import (
|
|||||||
|
|
||||||
"github.com/google/go-github/v38/github"
|
"github.com/google/go-github/v38/github"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
type checkrunsHandler struct {
|
type checkrunsHandler struct {
|
||||||
|
@ -26,9 +26,9 @@ import (
|
|||||||
"go.uber.org/zap"
|
"go.uber.org/zap"
|
||||||
"go.uber.org/zap/zapcore"
|
"go.uber.org/zap/zapcore"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo/roundtripper"
|
"github.com/ossf/scorecard/v3/clients/githubrepo/roundtripper"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
var errInputRepoType = errors.New("input repo should be of type repoURL")
|
var errInputRepoType = errors.New("input repo should be of type repoURL")
|
||||||
|
@ -21,7 +21,7 @@ import (
|
|||||||
|
|
||||||
"github.com/google/go-github/v38/github"
|
"github.com/google/go-github/v38/github"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
)
|
)
|
||||||
|
|
||||||
type contributorsHandler struct {
|
type contributorsHandler struct {
|
||||||
|
@ -21,8 +21,8 @@ import (
|
|||||||
|
|
||||||
"github.com/shurcooL/githubv4"
|
"github.com/shurcooL/githubv4"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -21,8 +21,8 @@ import (
|
|||||||
|
|
||||||
"github.com/google/go-github/v38/github"
|
"github.com/google/go-github/v38/github"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
type releasesHandler struct {
|
type releasesHandler struct {
|
||||||
|
@ -19,8 +19,8 @@ import (
|
|||||||
"net/url"
|
"net/url"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -22,8 +22,8 @@ import (
|
|||||||
opencensusstats "go.opencensus.io/stats"
|
opencensusstats "go.opencensus.io/stats"
|
||||||
"go.opencensus.io/tag"
|
"go.opencensus.io/tag"
|
||||||
|
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
"github.com/ossf/scorecard/v2/stats"
|
"github.com/ossf/scorecard/v3/stats"
|
||||||
)
|
)
|
||||||
|
|
||||||
const fromCacheHeader = "X-From-Cache"
|
const fromCacheHeader = "X-From-Cache"
|
||||||
|
@ -22,7 +22,7 @@ import (
|
|||||||
|
|
||||||
"go.uber.org/zap"
|
"go.uber.org/zap"
|
||||||
|
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
// MakeRateLimitedTransport returns a RoundTripper which rate limits GitHub requests.
|
// MakeRateLimitedTransport returns a RoundTripper which rate limits GitHub requests.
|
||||||
|
@ -24,7 +24,7 @@ import (
|
|||||||
"go.opencensus.io/stats"
|
"go.opencensus.io/stats"
|
||||||
"go.opencensus.io/tag"
|
"go.opencensus.io/tag"
|
||||||
|
|
||||||
githubstats "github.com/ossf/scorecard/v2/clients/githubrepo/stats"
|
githubstats "github.com/ossf/scorecard/v3/clients/githubrepo/stats"
|
||||||
)
|
)
|
||||||
|
|
||||||
const expiryTimeInSec = 30
|
const expiryTimeInSec = 30
|
||||||
|
@ -22,7 +22,7 @@ import (
|
|||||||
|
|
||||||
"github.com/google/go-github/v38/github"
|
"github.com/google/go-github/v38/github"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
)
|
)
|
||||||
|
|
||||||
var errEmptyQuery = errors.New("search query is empty")
|
var errEmptyQuery = errors.New("search query is empty")
|
||||||
|
@ -18,7 +18,7 @@ import (
|
|||||||
"errors"
|
"errors"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestBuildQuery(t *testing.T) {
|
func TestBuildQuery(t *testing.T) {
|
||||||
|
@ -20,8 +20,8 @@ import (
|
|||||||
|
|
||||||
"github.com/google/go-github/v38/github"
|
"github.com/google/go-github/v38/github"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
type statusesHandler struct {
|
type statusesHandler struct {
|
||||||
|
@ -30,7 +30,7 @@ import (
|
|||||||
|
|
||||||
"github.com/google/go-github/v38/github"
|
"github.com/google/go-github/v38/github"
|
||||||
|
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -20,8 +20,8 @@ import (
|
|||||||
|
|
||||||
"github.com/google/go-github/v38/github"
|
"github.com/google/go-github/v38/github"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
type workflowsHandler struct {
|
type workflowsHandler struct {
|
||||||
|
@ -23,7 +23,7 @@ import (
|
|||||||
reflect "reflect"
|
reflect "reflect"
|
||||||
|
|
||||||
gomock "github.com/golang/mock/gomock"
|
gomock "github.com/golang/mock/gomock"
|
||||||
clients "github.com/ossf/scorecard/v2/clients"
|
clients "github.com/ossf/scorecard/v3/clients"
|
||||||
)
|
)
|
||||||
|
|
||||||
// MockRepoClient is a mock of RepoClient interface.
|
// MockRepoClient is a mock of RepoClient interface.
|
||||||
|
@ -23,7 +23,7 @@ import (
|
|||||||
reflect "reflect"
|
reflect "reflect"
|
||||||
|
|
||||||
gomock "github.com/golang/mock/gomock"
|
gomock "github.com/golang/mock/gomock"
|
||||||
clients "github.com/ossf/scorecard/v2/clients"
|
clients "github.com/ossf/scorecard/v3/clients"
|
||||||
)
|
)
|
||||||
|
|
||||||
// MockRepo is a mock of Repo interface.
|
// MockRepo is a mock of Repo interface.
|
||||||
|
16
cmd/root.go
16
cmd/root.go
@ -30,14 +30,14 @@ import (
|
|||||||
"github.com/spf13/cobra"
|
"github.com/spf13/cobra"
|
||||||
"go.uber.org/zap"
|
"go.uber.org/zap"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
docs "github.com/ossf/scorecard/v2/docs/checks"
|
docs "github.com/ossf/scorecard/v3/docs/checks"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
"github.com/ossf/scorecard/v2/pkg"
|
"github.com/ossf/scorecard/v3/pkg"
|
||||||
spol "github.com/ossf/scorecard/v2/policy"
|
spol "github.com/ossf/scorecard/v3/policy"
|
||||||
"github.com/ossf/scorecard/v2/repos"
|
"github.com/ossf/scorecard/v3/repos"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
|
@ -24,10 +24,10 @@ import (
|
|||||||
|
|
||||||
"github.com/spf13/cobra"
|
"github.com/spf13/cobra"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
"github.com/ossf/scorecard/v2/pkg"
|
"github.com/ossf/scorecard/v3/pkg"
|
||||||
"github.com/ossf/scorecard/v2/repos"
|
"github.com/ossf/scorecard/v3/repos"
|
||||||
)
|
)
|
||||||
|
|
||||||
//nolint:gochecknoinits
|
//nolint:gochecknoinits
|
||||||
|
@ -19,7 +19,7 @@ import (
|
|||||||
|
|
||||||
"github.com/spf13/cobra"
|
"github.com/spf13/cobra"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/pkg"
|
"github.com/ossf/scorecard/v3/pkg"
|
||||||
)
|
)
|
||||||
|
|
||||||
//nolint:gochecknoinits
|
//nolint:gochecknoinits
|
||||||
|
@ -28,8 +28,8 @@ import (
|
|||||||
|
|
||||||
"google.golang.org/protobuf/encoding/protojson"
|
"google.golang.org/protobuf/encoding/protojson"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/cron/config"
|
"github.com/ossf/scorecard/v3/cron/config"
|
||||||
"github.com/ossf/scorecard/v2/cron/data"
|
"github.com/ossf/scorecard/v3/cron/data"
|
||||||
)
|
)
|
||||||
|
|
||||||
type shardSummary struct {
|
type shardSummary struct {
|
||||||
|
@ -24,10 +24,10 @@ import (
|
|||||||
"google.golang.org/protobuf/encoding/protojson"
|
"google.golang.org/protobuf/encoding/protojson"
|
||||||
"google.golang.org/protobuf/types/known/timestamppb"
|
"google.golang.org/protobuf/types/known/timestamppb"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/cron/config"
|
"github.com/ossf/scorecard/v3/cron/config"
|
||||||
"github.com/ossf/scorecard/v2/cron/data"
|
"github.com/ossf/scorecard/v3/cron/data"
|
||||||
"github.com/ossf/scorecard/v2/cron/pubsub"
|
"github.com/ossf/scorecard/v3/cron/pubsub"
|
||||||
"github.com/ossf/scorecard/v2/pkg"
|
"github.com/ossf/scorecard/v3/pkg"
|
||||||
)
|
)
|
||||||
|
|
||||||
func publishToRepoRequestTopic(ctx context.Context, iter data.Iterator, datetime time.Time) (int32, error) {
|
func publishToRepoRequestTopic(ctx context.Context, iter data.Iterator, datetime time.Time) (int32, error) {
|
||||||
|
@ -20,8 +20,8 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"os"
|
"os"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/cron/data"
|
"github.com/ossf/scorecard/v3/cron/data"
|
||||||
"github.com/ossf/scorecard/v2/repos"
|
"github.com/ossf/scorecard/v3/repos"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Script to add new project repositories to the projects.csv file:
|
// Script to add new project repositories to the projects.csv file:
|
||||||
|
@ -21,8 +21,8 @@ import (
|
|||||||
"github.com/google/go-cmp/cmp"
|
"github.com/google/go-cmp/cmp"
|
||||||
"github.com/google/go-cmp/cmp/cmpopts"
|
"github.com/google/go-cmp/cmp/cmpopts"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/cron/data"
|
"github.com/ossf/scorecard/v3/cron/data"
|
||||||
"github.com/ossf/scorecard/v2/repos"
|
"github.com/ossf/scorecard/v3/repos"
|
||||||
)
|
)
|
||||||
|
|
||||||
func isLessThanRepoURL(x, y repos.RepoURL) bool {
|
func isLessThanRepoURL(x, y repos.RepoURL) bool {
|
||||||
|
@ -27,7 +27,7 @@ import (
|
|||||||
// Needed to link in GCP drivers.
|
// Needed to link in GCP drivers.
|
||||||
_ "gocloud.dev/blob/gcsblob"
|
_ "gocloud.dev/blob/gcsblob"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/cron/config"
|
"github.com/ossf/scorecard/v3/cron/config"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -22,7 +22,7 @@ import (
|
|||||||
|
|
||||||
"github.com/jszwec/csvutil"
|
"github.com/jszwec/csvutil"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/repos"
|
"github.com/ossf/scorecard/v3/repos"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Iterator interface is used to iterate through list of input repos for the cron job.
|
// Iterator interface is used to iterate through list of input repos for the cron job.
|
||||||
|
@ -21,7 +21,7 @@ import (
|
|||||||
|
|
||||||
"github.com/google/go-cmp/cmp"
|
"github.com/google/go-cmp/cmp"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/repos"
|
"github.com/ossf/scorecard/v3/repos"
|
||||||
)
|
)
|
||||||
|
|
||||||
type outcome struct {
|
type outcome struct {
|
||||||
|
@ -30,8 +30,8 @@ import (
|
|||||||
"github.com/google/go-github/v38/github"
|
"github.com/google/go-github/v38/github"
|
||||||
"golang.org/x/tools/go/vcs"
|
"golang.org/x/tools/go/vcs"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/cron/data"
|
"github.com/ossf/scorecard/v3/cron/data"
|
||||||
"github.com/ossf/scorecard/v2/repos"
|
"github.com/ossf/scorecard/v3/repos"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
|
@ -19,7 +19,7 @@ import (
|
|||||||
"bytes"
|
"bytes"
|
||||||
"os"
|
"os"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/cron/data"
|
"github.com/ossf/scorecard/v3/cron/data"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Adds "project=${PROJECT},dependency=true" to the repositories metadata.
|
// Adds "project=${PROJECT},dependency=true" to the repositories metadata.
|
||||||
|
@ -19,7 +19,7 @@ import (
|
|||||||
"log"
|
"log"
|
||||||
"os"
|
"os"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/cron/data"
|
"github.com/ossf/scorecard/v3/cron/data"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Validates data.Iterator used by production PubSub cron job.
|
// Validates data.Iterator used by production PubSub cron job.
|
||||||
|
@ -22,7 +22,7 @@ import (
|
|||||||
|
|
||||||
"github.com/jszwec/csvutil"
|
"github.com/jszwec/csvutil"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/repos"
|
"github.com/ossf/scorecard/v3/repos"
|
||||||
)
|
)
|
||||||
|
|
||||||
func repoFormatFromRepoURL(repoURLs []repos.RepoURL) []repoFormat {
|
func repoFormatFromRepoURL(repoURLs []repos.RepoURL) []repoFormat {
|
||||||
|
@ -18,7 +18,7 @@ import (
|
|||||||
"bytes"
|
"bytes"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/repos"
|
"github.com/ossf/scorecard/v3/repos"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestCsvWriter(t *testing.T) {
|
func TestCsvWriter(t *testing.T) {
|
||||||
|
@ -24,9 +24,9 @@ import (
|
|||||||
|
|
||||||
"go.uber.org/zap/zapcore"
|
"go.uber.org/zap/zapcore"
|
||||||
|
|
||||||
docs "github.com/ossf/scorecard/v2/docs/checks"
|
docs "github.com/ossf/scorecard/v3/docs/checks"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
"github.com/ossf/scorecard/v2/pkg"
|
"github.com/ossf/scorecard/v3/pkg"
|
||||||
)
|
)
|
||||||
|
|
||||||
//nolint
|
//nolint
|
||||||
|
@ -27,8 +27,8 @@ import (
|
|||||||
"github.com/xeipuuv/gojsonschema"
|
"github.com/xeipuuv/gojsonschema"
|
||||||
"go.uber.org/zap/zapcore"
|
"go.uber.org/zap/zapcore"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/pkg"
|
"github.com/ossf/scorecard/v3/pkg"
|
||||||
)
|
)
|
||||||
|
|
||||||
func jsonMockDocRead() *mockDoc {
|
func jsonMockDocRead() *mockDoc {
|
||||||
|
@ -17,7 +17,7 @@ package format
|
|||||||
import (
|
import (
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
docs "github.com/ossf/scorecard/v2/docs/checks"
|
docs "github.com/ossf/scorecard/v3/docs/checks"
|
||||||
)
|
)
|
||||||
|
|
||||||
type mockCheck struct {
|
type mockCheck struct {
|
||||||
|
@ -24,7 +24,7 @@ import (
|
|||||||
"contrib.go.opencensus.io/exporter/stackdriver/monitoredresource/gcp"
|
"contrib.go.opencensus.io/exporter/stackdriver/monitoredresource/gcp"
|
||||||
"go.opencensus.io/stats/view"
|
"go.opencensus.io/stats/view"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/cron/config"
|
"github.com/ossf/scorecard/v3/cron/config"
|
||||||
)
|
)
|
||||||
|
|
||||||
var errorUndefinedExporter = errors.New("unsupported exporterType")
|
var errorUndefinedExporter = errors.New("unsupported exporterType")
|
||||||
|
@ -29,7 +29,7 @@ import (
|
|||||||
_ "gocloud.dev/pubsub/gcppubsub"
|
_ "gocloud.dev/pubsub/gcppubsub"
|
||||||
"google.golang.org/protobuf/encoding/protojson"
|
"google.golang.org/protobuf/encoding/protojson"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/cron/data"
|
"github.com/ossf/scorecard/v3/cron/data"
|
||||||
)
|
)
|
||||||
|
|
||||||
var errorPublish = errors.New("total errors when publishing")
|
var errorPublish = errors.New("total errors when publishing")
|
||||||
|
@ -21,7 +21,7 @@ import (
|
|||||||
|
|
||||||
"gocloud.dev/pubsub"
|
"gocloud.dev/pubsub"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/cron/data"
|
"github.com/ossf/scorecard/v3/cron/data"
|
||||||
)
|
)
|
||||||
|
|
||||||
type mockSucceedTopic struct{}
|
type mockSucceedTopic struct{}
|
||||||
|
@ -21,7 +21,7 @@ import (
|
|||||||
|
|
||||||
"google.golang.org/protobuf/encoding/protojson"
|
"google.golang.org/protobuf/encoding/protojson"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/cron/data"
|
"github.com/ossf/scorecard/v3/cron/data"
|
||||||
)
|
)
|
||||||
|
|
||||||
// ErrorInParse indicates there was an error while unmarshalling the protocol buffer message.
|
// ErrorInParse indicates there was an error while unmarshalling the protocol buffer message.
|
||||||
|
@ -24,7 +24,7 @@ import (
|
|||||||
pubsub "cloud.google.com/go/pubsub/apiv1"
|
pubsub "cloud.google.com/go/pubsub/apiv1"
|
||||||
pubsubpb "google.golang.org/genproto/googleapis/pubsub/v1"
|
pubsubpb "google.golang.org/genproto/googleapis/pubsub/v1"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/cron/data"
|
"github.com/ossf/scorecard/v3/cron/data"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -24,7 +24,7 @@ import (
|
|||||||
// Needed to link in GCP drivers.
|
// Needed to link in GCP drivers.
|
||||||
_ "gocloud.dev/pubsub/gcppubsub"
|
_ "gocloud.dev/pubsub/gcppubsub"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/cron/data"
|
"github.com/ossf/scorecard/v3/cron/data"
|
||||||
)
|
)
|
||||||
|
|
||||||
type receiver interface {
|
type receiver interface {
|
||||||
|
@ -23,7 +23,7 @@ import (
|
|||||||
"google.golang.org/protobuf/encoding/protojson"
|
"google.golang.org/protobuf/encoding/protojson"
|
||||||
"google.golang.org/protobuf/proto"
|
"google.golang.org/protobuf/proto"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/cron/data"
|
"github.com/ossf/scorecard/v3/cron/data"
|
||||||
)
|
)
|
||||||
|
|
||||||
type mockReceiver struct {
|
type mockReceiver struct {
|
||||||
|
@ -26,7 +26,7 @@ import (
|
|||||||
"github.com/google/go-containerregistry/pkg/v1/google"
|
"github.com/google/go-containerregistry/pkg/v1/google"
|
||||||
"google.golang.org/protobuf/encoding/protojson"
|
"google.golang.org/protobuf/encoding/protojson"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/cron/data"
|
"github.com/ossf/scorecard/v3/cron/data"
|
||||||
)
|
)
|
||||||
|
|
||||||
const stableTag = "stable"
|
const stableTag = "stable"
|
||||||
|
@ -31,21 +31,21 @@ import (
|
|||||||
"go.uber.org/zap"
|
"go.uber.org/zap"
|
||||||
"go.uber.org/zap/zapcore"
|
"go.uber.org/zap/zapcore"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
githubstats "github.com/ossf/scorecard/v2/clients/githubrepo/stats"
|
githubstats "github.com/ossf/scorecard/v3/clients/githubrepo/stats"
|
||||||
"github.com/ossf/scorecard/v2/cron/config"
|
"github.com/ossf/scorecard/v3/cron/config"
|
||||||
"github.com/ossf/scorecard/v2/cron/data"
|
"github.com/ossf/scorecard/v3/cron/data"
|
||||||
format "github.com/ossf/scorecard/v2/cron/format"
|
format "github.com/ossf/scorecard/v3/cron/format"
|
||||||
"github.com/ossf/scorecard/v2/cron/monitoring"
|
"github.com/ossf/scorecard/v3/cron/monitoring"
|
||||||
"github.com/ossf/scorecard/v2/cron/pubsub"
|
"github.com/ossf/scorecard/v3/cron/pubsub"
|
||||||
docs "github.com/ossf/scorecard/v2/docs/checks"
|
docs "github.com/ossf/scorecard/v3/docs/checks"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
"github.com/ossf/scorecard/v2/pkg"
|
"github.com/ossf/scorecard/v3/pkg"
|
||||||
"github.com/ossf/scorecard/v2/repos"
|
"github.com/ossf/scorecard/v3/repos"
|
||||||
"github.com/ossf/scorecard/v2/stats"
|
"github.com/ossf/scorecard/v3/stats"
|
||||||
)
|
)
|
||||||
|
|
||||||
var ignoreRuntimeErrors = flag.Bool("ignoreRuntimeErrors", false, "if set to true any runtime errors will be ignored")
|
var ignoreRuntimeErrors = flag.Bool("ignoreRuntimeErrors", false, "if set to true any runtime errors will be ignored")
|
||||||
|
@ -20,8 +20,8 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/docs/checks/internal"
|
"github.com/ossf/scorecard/v3/docs/checks/internal"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
var errCheckNotExist = errors.New("check does not exist")
|
var errCheckNotExist = errors.New("check does not exist")
|
||||||
|
@ -18,7 +18,7 @@ import (
|
|||||||
"os"
|
"os"
|
||||||
"sort"
|
"sort"
|
||||||
|
|
||||||
docs "github.com/ossf/scorecard/v2/docs/checks"
|
docs "github.com/ossf/scorecard/v3/docs/checks"
|
||||||
)
|
)
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
|
@ -17,8 +17,8 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
docs "github.com/ossf/scorecard/v2/docs/checks"
|
docs "github.com/ossf/scorecard/v3/docs/checks"
|
||||||
)
|
)
|
||||||
|
|
||||||
var allowedRisks = map[string]bool{"Critical": true, "High": true, "Medium": true, "Low": true}
|
var allowedRisks = map[string]bool{"Critical": true, "High": true, "Medium": true, "Low": true}
|
||||||
|
@ -20,10 +20,10 @@ import (
|
|||||||
. "github.com/onsi/ginkgo"
|
. "github.com/onsi/ginkgo"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
// TODO: use dedicated repo that don't change.
|
// TODO: use dedicated repo that don't change.
|
||||||
|
@ -20,10 +20,10 @@ import (
|
|||||||
. "github.com/onsi/ginkgo"
|
. "github.com/onsi/ginkgo"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = Describe("E2E TEST:"+checks.CheckBranchProtection, func() {
|
var _ = Describe("E2E TEST:"+checks.CheckBranchProtection, func() {
|
||||||
|
@ -20,10 +20,10 @@ import (
|
|||||||
. "github.com/onsi/ginkgo"
|
. "github.com/onsi/ginkgo"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = Describe("E2E TEST:"+checks.CheckCITests, func() {
|
var _ = Describe("E2E TEST:"+checks.CheckCITests, func() {
|
||||||
|
@ -20,10 +20,10 @@ import (
|
|||||||
. "github.com/onsi/ginkgo"
|
. "github.com/onsi/ginkgo"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = Describe("E2E TEST:CIIBestPractices", func() {
|
var _ = Describe("E2E TEST:CIIBestPractices", func() {
|
||||||
|
@ -20,10 +20,10 @@ import (
|
|||||||
. "github.com/onsi/ginkgo"
|
. "github.com/onsi/ginkgo"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
// TODO: use dedicated repo that don't change.
|
// TODO: use dedicated repo that don't change.
|
||||||
|
@ -20,10 +20,10 @@ import (
|
|||||||
. "github.com/onsi/ginkgo"
|
. "github.com/onsi/ginkgo"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = Describe("E2E TEST:"+checks.CheckContributors, func() {
|
var _ = Describe("E2E TEST:"+checks.CheckContributors, func() {
|
||||||
|
@ -20,10 +20,10 @@ import (
|
|||||||
. "github.com/onsi/ginkgo"
|
. "github.com/onsi/ginkgo"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
// TODO: use dedicated repo that don't change.
|
// TODO: use dedicated repo that don't change.
|
||||||
|
@ -22,7 +22,7 @@ import (
|
|||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
"go.uber.org/zap"
|
"go.uber.org/zap"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
)
|
)
|
||||||
|
|
||||||
var logger *zap.Logger
|
var logger *zap.Logger
|
||||||
|
@ -21,7 +21,7 @@ import (
|
|||||||
. "github.com/onsi/ginkgo"
|
. "github.com/onsi/ginkgo"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
)
|
)
|
||||||
|
|
||||||
type scorecard struct {
|
type scorecard struct {
|
||||||
|
@ -20,10 +20,10 @@ import (
|
|||||||
. "github.com/onsi/ginkgo"
|
. "github.com/onsi/ginkgo"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = Describe("E2E TEST:"+checks.CheckFuzzing, func() {
|
var _ = Describe("E2E TEST:"+checks.CheckFuzzing, func() {
|
||||||
|
@ -21,10 +21,10 @@ import (
|
|||||||
. "github.com/onsi/ginkgo"
|
. "github.com/onsi/ginkgo"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = Describe("E2E TEST:"+checks.CheckMaintained, func() {
|
var _ = Describe("E2E TEST:"+checks.CheckMaintained, func() {
|
||||||
|
@ -20,10 +20,10 @@ import (
|
|||||||
. "github.com/onsi/ginkgo"
|
. "github.com/onsi/ginkgo"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = Describe("E2E TEST:"+checks.CheckPackaging, func() {
|
var _ = Describe("E2E TEST:"+checks.CheckPackaging, func() {
|
||||||
|
@ -19,10 +19,10 @@ import (
|
|||||||
. "github.com/onsi/ginkgo"
|
. "github.com/onsi/ginkgo"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = Describe("E2E TEST:"+checks.CheckTokenPermissions, func() {
|
var _ = Describe("E2E TEST:"+checks.CheckTokenPermissions, func() {
|
||||||
|
@ -19,10 +19,10 @@ import (
|
|||||||
. "github.com/onsi/ginkgo"
|
. "github.com/onsi/ginkgo"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
// TODO: use dedicated repo that don't change.
|
// TODO: use dedicated repo that don't change.
|
||||||
|
@ -20,10 +20,10 @@ import (
|
|||||||
. "github.com/onsi/ginkgo"
|
. "github.com/onsi/ginkgo"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = Describe("E2E TEST:"+checks.CheckSAST, func() {
|
var _ = Describe("E2E TEST:"+checks.CheckSAST, func() {
|
||||||
|
@ -19,10 +19,10 @@ import (
|
|||||||
. "github.com/onsi/ginkgo"
|
. "github.com/onsi/ginkgo"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = Describe("E2E TEST:SecurityPolicy", func() {
|
var _ = Describe("E2E TEST:SecurityPolicy", func() {
|
||||||
|
@ -20,10 +20,10 @@ import (
|
|||||||
. "github.com/onsi/ginkgo"
|
. "github.com/onsi/ginkgo"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = Describe("E2E TEST:"+checks.CheckSignedReleases, func() {
|
var _ = Describe("E2E TEST:"+checks.CheckSignedReleases, func() {
|
||||||
|
@ -20,10 +20,10 @@ import (
|
|||||||
. "github.com/onsi/ginkgo"
|
. "github.com/onsi/ginkgo"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
scut "github.com/ossf/scorecard/v2/utests"
|
scut "github.com/ossf/scorecard/v3/utests"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = Describe("E2E TEST:Vulnerabilities", func() {
|
var _ = Describe("E2E TEST:Vulnerabilities", func() {
|
||||||
|
2
go.mod
2
go.mod
@ -1,4 +1,4 @@
|
|||||||
module github.com/ossf/scorecard/v2
|
module github.com/ossf/scorecard/v3
|
||||||
|
|
||||||
go 1.17
|
go 1.17
|
||||||
|
|
||||||
|
2
main.go
2
main.go
@ -15,7 +15,7 @@
|
|||||||
// Package main of OSSF Scoreard.
|
// Package main of OSSF Scoreard.
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "github.com/ossf/scorecard/v2/cmd"
|
import "github.com/ossf/scorecard/v3/cmd"
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
cmd.Execute()
|
cmd.Execute()
|
||||||
|
@ -20,7 +20,7 @@ import (
|
|||||||
|
|
||||||
"go.uber.org/zap/zapcore"
|
"go.uber.org/zap/zapcore"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
)
|
)
|
||||||
|
|
||||||
func textToMarkdown(s string) string {
|
func textToMarkdown(s string) string {
|
||||||
|
@ -21,8 +21,8 @@ import (
|
|||||||
|
|
||||||
"go.uber.org/zap/zapcore"
|
"go.uber.org/zap/zapcore"
|
||||||
|
|
||||||
docs "github.com/ossf/scorecard/v2/docs/checks"
|
docs "github.com/ossf/scorecard/v3/docs/checks"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
//nolint
|
//nolint
|
||||||
|
@ -27,7 +27,7 @@ import (
|
|||||||
"github.com/xeipuuv/gojsonschema"
|
"github.com/xeipuuv/gojsonschema"
|
||||||
"go.uber.org/zap/zapcore"
|
"go.uber.org/zap/zapcore"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
)
|
)
|
||||||
|
|
||||||
func jsonMockDocRead() *mockDoc {
|
func jsonMockDocRead() *mockDoc {
|
||||||
|
@ -17,7 +17,7 @@ package pkg
|
|||||||
import (
|
import (
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
docs "github.com/ossf/scorecard/v2/docs/checks"
|
docs "github.com/ossf/scorecard/v3/docs/checks"
|
||||||
)
|
)
|
||||||
|
|
||||||
type mockCheck struct {
|
type mockCheck struct {
|
||||||
|
@ -23,10 +23,10 @@ import (
|
|||||||
|
|
||||||
"go.uber.org/zap/zapcore"
|
"go.uber.org/zap/zapcore"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
docs "github.com/ossf/scorecard/v2/docs/checks"
|
docs "github.com/ossf/scorecard/v3/docs/checks"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
spol "github.com/ossf/scorecard/v2/policy"
|
spol "github.com/ossf/scorecard/v3/policy"
|
||||||
)
|
)
|
||||||
|
|
||||||
type text struct {
|
type text struct {
|
||||||
|
@ -23,8 +23,8 @@ import (
|
|||||||
|
|
||||||
"go.uber.org/zap/zapcore"
|
"go.uber.org/zap/zapcore"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
spol "github.com/ossf/scorecard/v2/policy"
|
spol "github.com/ossf/scorecard/v3/policy"
|
||||||
)
|
)
|
||||||
|
|
||||||
func sarifMockDocRead() *mockDoc {
|
func sarifMockDocRead() *mockDoc {
|
||||||
|
@ -24,12 +24,12 @@ import (
|
|||||||
opencensusstats "go.opencensus.io/stats"
|
opencensusstats "go.opencensus.io/stats"
|
||||||
"go.opencensus.io/tag"
|
"go.opencensus.io/tag"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
"github.com/ossf/scorecard/v2/clients"
|
"github.com/ossf/scorecard/v3/clients"
|
||||||
"github.com/ossf/scorecard/v2/clients/githubrepo"
|
"github.com/ossf/scorecard/v3/clients/githubrepo"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
"github.com/ossf/scorecard/v2/repos"
|
"github.com/ossf/scorecard/v3/repos"
|
||||||
"github.com/ossf/scorecard/v2/stats"
|
"github.com/ossf/scorecard/v3/stats"
|
||||||
)
|
)
|
||||||
|
|
||||||
func logStats(ctx context.Context, startTime time.Time) {
|
func logStats(ctx context.Context, startTime time.Time) {
|
||||||
|
@ -23,9 +23,9 @@ import (
|
|||||||
"github.com/olekukonko/tablewriter"
|
"github.com/olekukonko/tablewriter"
|
||||||
"go.uber.org/zap/zapcore"
|
"go.uber.org/zap/zapcore"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checker"
|
"github.com/ossf/scorecard/v3/checker"
|
||||||
docs "github.com/ossf/scorecard/v2/docs/checks"
|
docs "github.com/ossf/scorecard/v3/docs/checks"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
// ScorecardInfo contains information about the scorecard code that was run.
|
// ScorecardInfo contains information about the scorecard code that was run.
|
||||||
|
@ -20,8 +20,8 @@ import (
|
|||||||
|
|
||||||
"gopkg.in/yaml.v3"
|
"gopkg.in/yaml.v3"
|
||||||
|
|
||||||
"github.com/ossf/scorecard/v2/checks"
|
"github.com/ossf/scorecard/v3/checks"
|
||||||
sce "github.com/ossf/scorecard/v2/errors"
|
sce "github.com/ossf/scorecard/v3/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user