From af7f865b9de0c9ba0a037af2ac1e1e33e0757ce0 Mon Sep 17 00:00:00 2001
From: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
Date: Fri, 20 May 2022 08:59:53 -0700
Subject: [PATCH] update (#1926)

---
 checker/raw_result.go   |  8 ++++----
 pkg/json_raw_results.go | 21 ++-------------------
 2 files changed, 6 insertions(+), 23 deletions(-)

diff --git a/checker/raw_result.go b/checker/raw_result.go
index 37892160..15e35d38 100644
--- a/checker/raw_result.go
+++ b/checker/raw_result.go
@@ -332,13 +332,13 @@ type CIIBestPracticesData struct {
 }
 
 // DangerousWorkflowType represents a type of dangerous workflow.
-type DangerousWorkflowType int
+type DangerousWorkflowType string
 
 const (
 	// DangerousWorkflowScriptInjection represents a script injection.
-	DangerousWorkflowScriptInjection DangerousWorkflowType = iota
+	DangerousWorkflowScriptInjection DangerousWorkflowType = "scriptInjection"
 	// DangerousWorkflowUntrustedCheckout represents an untrusted checkout.
-	DangerousWorkflowUntrustedCheckout
+	DangerousWorkflowUntrustedCheckout DangerousWorkflowType = "untrustedCheckout"
 )
 
 // DangerousWorkflowData contains raw results
@@ -350,8 +350,8 @@ type DangerousWorkflowData struct {
 // DangerousWorkflow represents a dangerous workflow.
 type DangerousWorkflow struct {
 	Job  *WorkflowJob
-	File File
 	Type DangerousWorkflowType
+	File File
 }
 
 // WorkflowJob reprresents a workflow job.
diff --git a/pkg/json_raw_results.go b/pkg/json_raw_results.go
index b436435e..0bcbd1d4 100644
--- a/pkg/json_raw_results.go
+++ b/pkg/json_raw_results.go
@@ -16,7 +16,6 @@ package pkg
 
 import (
 	"encoding/json"
-	"errors"
 	"fmt"
 	"io"
 	"time"
@@ -28,8 +27,6 @@ import (
 // TODO: add a "check" field to all results so that they can be linked to a check.
 // TODO(#1874): Add a severity field in all results.
 
-var errorInvalidType = errors.New("invalid type")
-
 // Flat JSON structure to hold raw results.
 type jsonScorecardRawResult struct {
 	Date      string          `json:"date"`
@@ -167,13 +164,6 @@ type jsonLicense struct {
 	// TODO: add fields, like type of license, etc.
 }
 
-type dangerousPatternType string
-
-const (
-	patternUntrustedCheckout dangerousPatternType = "untrustedCheckout"
-	patternScriptInjection   dangerousPatternType = "scriptInjection"
-)
-
 type jsonWorkflow struct {
 	Job  *jsonWorkflowJob `json:"job"`
 	File *jsonFile        `json:"file"`
@@ -242,6 +232,7 @@ func (r *jsonScorecardRawResult) addFuzzingRawResults(fd *checker.FuzzingData) e
 	return nil
 }
 
+//nolint:unparam
 func (r *jsonScorecardRawResult) addDangerousWorkflowRawResults(df *checker.DangerousWorkflowData) error {
 	r.Results.Workflows = []jsonWorkflow{}
 	for _, e := range df.Workflows {
@@ -250,6 +241,7 @@ func (r *jsonScorecardRawResult) addDangerousWorkflowRawResults(df *checker.Dang
 				Path:   e.File.Path,
 				Offset: int(e.File.Offset),
 			},
+			Type: string(e.Type),
 		}
 		if e.File.Snippet != "" {
 			v.File.Snippet = &e.File.Snippet
@@ -261,15 +253,6 @@ func (r *jsonScorecardRawResult) addDangerousWorkflowRawResults(df *checker.Dang
 			}
 		}
 
-		switch e.Type {
-		case checker.DangerousWorkflowUntrustedCheckout:
-			v.Type = string(patternUntrustedCheckout)
-		case checker.DangerousWorkflowScriptInjection:
-			v.Type = string(patternScriptInjection)
-		default:
-			return fmt.Errorf("%w: %d", errorInvalidType, e.Type)
-		}
-
 		r.Results.Workflows = append(r.Results.Workflows, v)
 	}