mirror of
https://github.com/ossf/scorecard.git
synced 2024-09-17 11:57:12 +03:00
⚠️ Rename top level package to scorecard and reduce name duplication (#4227)
* move files to scorecard package Signed-off-by: Spencer Schrock <sschrock@google.com> * remove repetition from ScorecardResult Signed-off-by: Spencer Schrock <sschrock@google.com> * update comments Signed-off-by: Spencer Schrock <sschrock@google.com> * remove RunScorecard function Signed-off-by: Spencer Schrock <sschrock@google.com> * add docstrings Signed-off-by: Spencer Schrock <sschrock@google.com> --------- Signed-off-by: Spencer Schrock <sschrock@google.com>
This commit is contained in:
parent
a9ab4a903f
commit
c368d8a682
1
.gitignore
vendored
1
.gitignore
vendored
@ -1,5 +1,6 @@
|
||||
# binary.
|
||||
scorecard
|
||||
!pkg/scorecard
|
||||
attestor/scorecard-attestor
|
||||
scorecard.docker
|
||||
scorecard.releaser
|
||||
|
@ -22,7 +22,7 @@ import (
|
||||
"github.com/ossf/scorecard/v5/attestor/policy"
|
||||
"github.com/ossf/scorecard/v5/checker"
|
||||
sclog "github.com/ossf/scorecard/v5/log"
|
||||
"github.com/ossf/scorecard/v5/pkg"
|
||||
"github.com/ossf/scorecard/v5/pkg/scorecard"
|
||||
)
|
||||
|
||||
type EmptyParameterError struct {
|
||||
@ -91,16 +91,16 @@ func RunCheckWithParams(repoURL, commitSHA, policyPath string) (policy.PolicyRes
|
||||
}
|
||||
}
|
||||
|
||||
repoResult, err := pkg.Run(ctx, repo,
|
||||
pkg.WithCommitSHA(commitSHA),
|
||||
pkg.WithChecks(enabledChecks),
|
||||
pkg.WithRepoClient(repoClient),
|
||||
pkg.WithOSSFuzzClient(ossFuzzRepoClient),
|
||||
pkg.WithOpenSSFBestPraticesClient(ciiClient),
|
||||
pkg.WithVulnerabilitiesClient(vulnsClient),
|
||||
repoResult, err := scorecard.Run(ctx, repo,
|
||||
scorecard.WithCommitSHA(commitSHA),
|
||||
scorecard.WithChecks(enabledChecks),
|
||||
scorecard.WithRepoClient(repoClient),
|
||||
scorecard.WithOSSFuzzClient(ossFuzzRepoClient),
|
||||
scorecard.WithOpenSSFBestPraticesClient(ciiClient),
|
||||
scorecard.WithVulnerabilitiesClient(vulnsClient),
|
||||
)
|
||||
if err != nil {
|
||||
return policy.Fail, fmt.Errorf("RunScorecard: %w", err)
|
||||
return policy.Fail, fmt.Errorf("scorecard.Run: %w", err)
|
||||
}
|
||||
|
||||
result, err := attestationPolicy.EvaluateResults(&repoResult.RawResults)
|
||||
|
@ -27,7 +27,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v5/cmd/internal/scdiff/app/compare"
|
||||
"github.com/ossf/scorecard/v5/cmd/internal/scdiff/app/format"
|
||||
"github.com/ossf/scorecard/v5/pkg"
|
||||
"github.com/ossf/scorecard/v5/pkg/scorecard"
|
||||
)
|
||||
|
||||
//nolint:gochecknoinits // common for cobra apps
|
||||
@ -93,14 +93,14 @@ func compareReaders(x, y io.Reader, output io.Writer) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func loadResults(x, y *bufio.Scanner) (pkg.ScorecardResult, pkg.ScorecardResult, error) {
|
||||
xResult, _, err := pkg.ExperimentalFromJSON2(strings.NewReader(x.Text()))
|
||||
func loadResults(x, y *bufio.Scanner) (scorecard.Result, scorecard.Result, error) {
|
||||
xResult, _, err := scorecard.ExperimentalFromJSON2(strings.NewReader(x.Text()))
|
||||
if err != nil {
|
||||
return pkg.ScorecardResult{}, pkg.ScorecardResult{}, fmt.Errorf("parsing first result: %w", err)
|
||||
return scorecard.Result{}, scorecard.Result{}, fmt.Errorf("parsing first result: %w", err)
|
||||
}
|
||||
yResult, _, err := pkg.ExperimentalFromJSON2(strings.NewReader(y.Text()))
|
||||
yResult, _, err := scorecard.ExperimentalFromJSON2(strings.NewReader(y.Text()))
|
||||
if err != nil {
|
||||
return pkg.ScorecardResult{}, pkg.ScorecardResult{}, fmt.Errorf("parsing second result: %w", err)
|
||||
return scorecard.Result{}, scorecard.Result{}, fmt.Errorf("parsing second result: %w", err)
|
||||
}
|
||||
format.Normalize(&xResult)
|
||||
format.Normalize(&yResult)
|
||||
|
@ -14,10 +14,10 @@
|
||||
|
||||
package compare
|
||||
|
||||
import "github.com/ossf/scorecard/v5/pkg"
|
||||
import "github.com/ossf/scorecard/v5/pkg/scorecard"
|
||||
|
||||
// results should be normalized before comparison.
|
||||
func Results(r1, r2 *pkg.ScorecardResult) bool {
|
||||
func Results(r1, r2 *scorecard.Result) bool {
|
||||
if r1 == nil && r2 == nil {
|
||||
return true
|
||||
}
|
||||
@ -40,7 +40,7 @@ func Results(r1, r2 *pkg.ScorecardResult) bool {
|
||||
return true
|
||||
}
|
||||
|
||||
func compareChecks(r1, r2 *pkg.ScorecardResult) bool {
|
||||
func compareChecks(r1, r2 *scorecard.Result) bool {
|
||||
if len(r1.Checks) != len(r2.Checks) {
|
||||
return false
|
||||
}
|
||||
|
@ -18,7 +18,7 @@ import (
|
||||
"testing"
|
||||
|
||||
"github.com/ossf/scorecard/v5/checker"
|
||||
"github.com/ossf/scorecard/v5/pkg"
|
||||
"github.com/ossf/scorecard/v5/pkg/scorecard"
|
||||
)
|
||||
|
||||
func TestResults(t *testing.T) {
|
||||
@ -26,7 +26,7 @@ func TestResults(t *testing.T) {
|
||||
//nolint:govet // field alignment
|
||||
tests := []struct {
|
||||
name string
|
||||
a, b *pkg.ScorecardResult
|
||||
a, b *scorecard.Result
|
||||
wantEqual bool
|
||||
}{
|
||||
{
|
||||
@ -38,18 +38,18 @@ func TestResults(t *testing.T) {
|
||||
{
|
||||
name: "one nil",
|
||||
a: nil,
|
||||
b: &pkg.ScorecardResult{},
|
||||
b: &scorecard.Result{},
|
||||
wantEqual: false,
|
||||
},
|
||||
{
|
||||
name: "different repo name",
|
||||
a: &pkg.ScorecardResult{
|
||||
Repo: pkg.RepoInfo{
|
||||
a: &scorecard.Result{
|
||||
Repo: scorecard.RepoInfo{
|
||||
Name: "a",
|
||||
},
|
||||
},
|
||||
b: &pkg.ScorecardResult{
|
||||
Repo: pkg.RepoInfo{
|
||||
b: &scorecard.Result{
|
||||
Repo: scorecard.RepoInfo{
|
||||
Name: "b",
|
||||
},
|
||||
},
|
||||
@ -57,7 +57,7 @@ func TestResults(t *testing.T) {
|
||||
},
|
||||
{
|
||||
name: "unequal amount of checks",
|
||||
a: &pkg.ScorecardResult{
|
||||
a: &scorecard.Result{
|
||||
Checks: []checker.CheckResult{
|
||||
{
|
||||
Name: "a1",
|
||||
@ -67,7 +67,7 @@ func TestResults(t *testing.T) {
|
||||
},
|
||||
},
|
||||
},
|
||||
b: &pkg.ScorecardResult{
|
||||
b: &scorecard.Result{
|
||||
Checks: []checker.CheckResult{
|
||||
{
|
||||
Name: "b",
|
||||
@ -78,14 +78,14 @@ func TestResults(t *testing.T) {
|
||||
},
|
||||
{
|
||||
name: "different check name",
|
||||
a: &pkg.ScorecardResult{
|
||||
a: &scorecard.Result{
|
||||
Checks: []checker.CheckResult{
|
||||
{
|
||||
Name: "a",
|
||||
},
|
||||
},
|
||||
},
|
||||
b: &pkg.ScorecardResult{
|
||||
b: &scorecard.Result{
|
||||
Checks: []checker.CheckResult{
|
||||
{
|
||||
Name: "b",
|
||||
@ -96,14 +96,14 @@ func TestResults(t *testing.T) {
|
||||
},
|
||||
{
|
||||
name: "different check score",
|
||||
a: &pkg.ScorecardResult{
|
||||
a: &scorecard.Result{
|
||||
Checks: []checker.CheckResult{
|
||||
{
|
||||
Score: 1,
|
||||
},
|
||||
},
|
||||
},
|
||||
b: &pkg.ScorecardResult{
|
||||
b: &scorecard.Result{
|
||||
Checks: []checker.CheckResult{
|
||||
{
|
||||
Score: 2,
|
||||
@ -114,14 +114,14 @@ func TestResults(t *testing.T) {
|
||||
},
|
||||
{
|
||||
name: "different check reason",
|
||||
a: &pkg.ScorecardResult{
|
||||
a: &scorecard.Result{
|
||||
Checks: []checker.CheckResult{
|
||||
{
|
||||
Reason: "a",
|
||||
},
|
||||
},
|
||||
},
|
||||
b: &pkg.ScorecardResult{
|
||||
b: &scorecard.Result{
|
||||
Checks: []checker.CheckResult{
|
||||
{
|
||||
Reason: "b",
|
||||
@ -132,14 +132,14 @@ func TestResults(t *testing.T) {
|
||||
},
|
||||
{
|
||||
name: "unequal number of details",
|
||||
a: &pkg.ScorecardResult{
|
||||
a: &scorecard.Result{
|
||||
Checks: []checker.CheckResult{
|
||||
{
|
||||
Details: []checker.CheckDetail{},
|
||||
},
|
||||
},
|
||||
},
|
||||
b: &pkg.ScorecardResult{
|
||||
b: &scorecard.Result{
|
||||
Checks: []checker.CheckResult{
|
||||
{
|
||||
Details: []checker.CheckDetail{
|
||||
@ -154,7 +154,7 @@ func TestResults(t *testing.T) {
|
||||
},
|
||||
{
|
||||
name: "details have different levels",
|
||||
a: &pkg.ScorecardResult{
|
||||
a: &scorecard.Result{
|
||||
Checks: []checker.CheckResult{
|
||||
{
|
||||
Details: []checker.CheckDetail{
|
||||
@ -165,7 +165,7 @@ func TestResults(t *testing.T) {
|
||||
},
|
||||
},
|
||||
},
|
||||
b: &pkg.ScorecardResult{
|
||||
b: &scorecard.Result{
|
||||
Checks: []checker.CheckResult{
|
||||
{
|
||||
Details: []checker.CheckDetail{
|
||||
@ -180,8 +180,8 @@ func TestResults(t *testing.T) {
|
||||
},
|
||||
{
|
||||
name: "equal results",
|
||||
a: &pkg.ScorecardResult{
|
||||
Repo: pkg.RepoInfo{
|
||||
a: &scorecard.Result{
|
||||
Repo: scorecard.RepoInfo{
|
||||
Name: "foo",
|
||||
},
|
||||
Checks: []checker.CheckResult{
|
||||
@ -195,8 +195,8 @@ func TestResults(t *testing.T) {
|
||||
},
|
||||
},
|
||||
},
|
||||
b: &pkg.ScorecardResult{
|
||||
Repo: pkg.RepoInfo{
|
||||
b: &scorecard.Result{
|
||||
Repo: scorecard.RepoInfo{
|
||||
Name: "foo",
|
||||
},
|
||||
Checks: []checker.CheckResult{
|
||||
|
@ -21,19 +21,19 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v5/docs/checks"
|
||||
"github.com/ossf/scorecard/v5/log"
|
||||
"github.com/ossf/scorecard/v5/pkg"
|
||||
"github.com/ossf/scorecard/v5/pkg/scorecard"
|
||||
)
|
||||
|
||||
const logLevel = log.DefaultLevel
|
||||
|
||||
func Normalize(r *pkg.ScorecardResult) {
|
||||
func Normalize(r *scorecard.Result) {
|
||||
if r == nil {
|
||||
return
|
||||
}
|
||||
|
||||
// these fields will change run-to-run, and aren't indicative of behavior changes.
|
||||
r.Repo.CommitSHA = ""
|
||||
r.Scorecard = pkg.ScorecardInfo{}
|
||||
r.Scorecard = scorecard.ScorecardInfo{}
|
||||
r.Date = time.Time{}
|
||||
|
||||
sort.Slice(r.Checks, func(i, j int) bool {
|
||||
@ -43,20 +43,20 @@ func Normalize(r *pkg.ScorecardResult) {
|
||||
for i := range r.Checks {
|
||||
check := &r.Checks[i]
|
||||
sort.Slice(check.Details, func(i, j int) bool {
|
||||
return pkg.DetailToString(&check.Details[i], logLevel) < pkg.DetailToString(&check.Details[j], logLevel)
|
||||
return scorecard.DetailToString(&check.Details[i], logLevel) < scorecard.DetailToString(&check.Details[j], logLevel)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
//nolint:wrapcheck
|
||||
func JSON(r *pkg.ScorecardResult, w io.Writer) error {
|
||||
func JSON(r *scorecard.Result, w io.Writer) error {
|
||||
const details = true
|
||||
docs, err := checks.Read()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
Normalize(r)
|
||||
o := &pkg.AsJSON2ResultOption{
|
||||
o := &scorecard.AsJSON2ResultOption{
|
||||
Details: details,
|
||||
LogLevel: logLevel,
|
||||
}
|
||||
|
@ -22,25 +22,25 @@ import (
|
||||
"github.com/google/go-cmp/cmp"
|
||||
|
||||
"github.com/ossf/scorecard/v5/checker"
|
||||
"github.com/ossf/scorecard/v5/pkg"
|
||||
"github.com/ossf/scorecard/v5/pkg/scorecard"
|
||||
)
|
||||
|
||||
func TestJSON(t *testing.T) {
|
||||
t.Parallel()
|
||||
tests := []struct {
|
||||
name string
|
||||
a, b pkg.ScorecardResult
|
||||
a, b scorecard.Result
|
||||
}{
|
||||
{
|
||||
name: "repo commit SHA standardized",
|
||||
a: pkg.ScorecardResult{
|
||||
Repo: pkg.RepoInfo{
|
||||
a: scorecard.Result{
|
||||
Repo: scorecard.RepoInfo{
|
||||
Name: "github.com/foo/bar",
|
||||
CommitSHA: "commit a",
|
||||
},
|
||||
},
|
||||
b: pkg.ScorecardResult{
|
||||
Repo: pkg.RepoInfo{
|
||||
b: scorecard.Result{
|
||||
Repo: scorecard.RepoInfo{
|
||||
Name: "github.com/foo/bar",
|
||||
CommitSHA: "commit b",
|
||||
},
|
||||
@ -48,23 +48,23 @@ func TestJSON(t *testing.T) {
|
||||
},
|
||||
{
|
||||
name: "dates standardized",
|
||||
a: pkg.ScorecardResult{
|
||||
a: scorecard.Result{
|
||||
Date: time.Now(),
|
||||
},
|
||||
b: pkg.ScorecardResult{
|
||||
b: scorecard.Result{
|
||||
Date: time.Now().AddDate(0, 0, -1),
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "scorecard info standardized",
|
||||
a: pkg.ScorecardResult{
|
||||
Scorecard: pkg.ScorecardInfo{
|
||||
a: scorecard.Result{
|
||||
Scorecard: scorecard.ScorecardInfo{
|
||||
Version: "version a",
|
||||
CommitSHA: "scorecard commit x",
|
||||
},
|
||||
},
|
||||
b: pkg.ScorecardResult{
|
||||
Scorecard: pkg.ScorecardInfo{
|
||||
b: scorecard.Result{
|
||||
Scorecard: scorecard.ScorecardInfo{
|
||||
Version: "version b",
|
||||
CommitSHA: "scorecard commit y",
|
||||
},
|
||||
@ -72,7 +72,7 @@ func TestJSON(t *testing.T) {
|
||||
},
|
||||
{
|
||||
name: "check order standardized",
|
||||
a: pkg.ScorecardResult{
|
||||
a: scorecard.Result{
|
||||
Checks: []checker.CheckResult{
|
||||
{
|
||||
Name: "Token-Permissions",
|
||||
@ -84,7 +84,7 @@ func TestJSON(t *testing.T) {
|
||||
},
|
||||
},
|
||||
},
|
||||
b: pkg.ScorecardResult{
|
||||
b: scorecard.Result{
|
||||
Checks: []checker.CheckResult{
|
||||
{
|
||||
Name: "License",
|
||||
@ -99,7 +99,7 @@ func TestJSON(t *testing.T) {
|
||||
},
|
||||
{
|
||||
name: "detail order standardized",
|
||||
a: pkg.ScorecardResult{
|
||||
a: scorecard.Result{
|
||||
Checks: []checker.CheckResult{
|
||||
{
|
||||
Name: "Token-Permissions",
|
||||
@ -121,7 +121,7 @@ func TestJSON(t *testing.T) {
|
||||
},
|
||||
},
|
||||
},
|
||||
b: pkg.ScorecardResult{
|
||||
b: scorecard.Result{
|
||||
Checks: []checker.CheckResult{
|
||||
{
|
||||
Name: "Token-Permissions",
|
||||
@ -167,7 +167,7 @@ func TestJSON(t *testing.T) {
|
||||
|
||||
func Test_normalize_nil_safe(t *testing.T) {
|
||||
t.Parallel()
|
||||
var x, y *pkg.ScorecardResult
|
||||
var x, y *scorecard.Result
|
||||
Normalize(x)
|
||||
Normalize(y)
|
||||
if !cmp.Equal(x, y) {
|
||||
|
@ -25,7 +25,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v5/cmd/internal/scdiff/app/format"
|
||||
"github.com/ossf/scorecard/v5/cmd/internal/scdiff/app/runner"
|
||||
"github.com/ossf/scorecard/v5/pkg"
|
||||
"github.com/ossf/scorecard/v5/pkg/scorecard"
|
||||
)
|
||||
|
||||
//nolint:gochecknoinits // common for cobra apps
|
||||
@ -71,7 +71,7 @@ var (
|
||||
)
|
||||
|
||||
type scorecardRunner interface {
|
||||
Run(repo string) (pkg.ScorecardResult, error)
|
||||
Run(repo string) (scorecard.Result, error)
|
||||
}
|
||||
|
||||
// Runs scorecard on each newline-delimited repo in repos, and writes the output.
|
||||
|
@ -21,7 +21,7 @@ import (
|
||||
"testing"
|
||||
|
||||
"github.com/ossf/scorecard/v5/checker"
|
||||
"github.com/ossf/scorecard/v5/pkg"
|
||||
"github.com/ossf/scorecard/v5/pkg/scorecard"
|
||||
)
|
||||
|
||||
var errFoo = errors.New("arbitrary error")
|
||||
@ -38,12 +38,12 @@ func (rc *resultCounter) Write(p []byte) (n int, err error) {
|
||||
|
||||
type stubRunner struct{}
|
||||
|
||||
func (s stubRunner) Run(repo string) (pkg.ScorecardResult, error) {
|
||||
func (s stubRunner) Run(repo string) (scorecard.Result, error) {
|
||||
switch repo {
|
||||
case "errorRepo":
|
||||
return pkg.ScorecardResult{}, errFoo
|
||||
return scorecard.Result{}, errFoo
|
||||
case "badCheck":
|
||||
return pkg.ScorecardResult{
|
||||
return scorecard.Result{
|
||||
Checks: []checker.CheckResult{
|
||||
{
|
||||
Name: "not a real check",
|
||||
@ -52,7 +52,7 @@ func (s stubRunner) Run(repo string) (pkg.ScorecardResult, error) {
|
||||
},
|
||||
}, nil
|
||||
default:
|
||||
return pkg.ScorecardResult{}, nil
|
||||
return scorecard.Result{}, nil
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -23,7 +23,7 @@ import (
|
||||
"github.com/ossf/scorecard/v5/clients/gitlabrepo"
|
||||
sce "github.com/ossf/scorecard/v5/errors"
|
||||
"github.com/ossf/scorecard/v5/log"
|
||||
"github.com/ossf/scorecard/v5/pkg"
|
||||
"github.com/ossf/scorecard/v5/pkg/scorecard"
|
||||
)
|
||||
|
||||
// Runner holds the clients and configuration needed to run Scorecard on multiple repos.
|
||||
@ -53,7 +53,7 @@ func New(enabledChecks []string) Runner {
|
||||
}
|
||||
|
||||
//nolint:wrapcheck
|
||||
func (r *Runner) Run(repoURI string) (pkg.ScorecardResult, error) {
|
||||
func (r *Runner) Run(repoURI string) (scorecard.Result, error) {
|
||||
r.log("processing repo: " + repoURI)
|
||||
repoClient := r.githubClient
|
||||
repo, err := githubrepo.MakeGithubRepo(repoURI)
|
||||
@ -62,11 +62,11 @@ func (r *Runner) Run(repoURI string) (pkg.ScorecardResult, error) {
|
||||
repoClient = r.gitlabClient
|
||||
}
|
||||
if err != nil {
|
||||
return pkg.ScorecardResult{}, err
|
||||
return scorecard.Result{}, err
|
||||
}
|
||||
return pkg.Run(r.ctx, repo,
|
||||
pkg.WithRepoClient(repoClient),
|
||||
pkg.WithChecks(r.enabledChecks),
|
||||
return scorecard.Run(r.ctx, repo,
|
||||
scorecard.WithRepoClient(repoClient),
|
||||
scorecard.WithChecks(r.enabledChecks),
|
||||
)
|
||||
}
|
||||
|
||||
|
@ -27,7 +27,7 @@ import (
|
||||
"github.com/spf13/cobra"
|
||||
|
||||
"github.com/ossf/scorecard/v5/checker"
|
||||
"github.com/ossf/scorecard/v5/pkg"
|
||||
"github.com/ossf/scorecard/v5/pkg/scorecard"
|
||||
)
|
||||
|
||||
//nolint:gochecknoinits // common for cobra apps
|
||||
@ -69,7 +69,7 @@ func countScores(input io.Reader, check string) ([12]int, error) {
|
||||
scanner := bufio.NewScanner(input)
|
||||
scanner.Buffer(nil, maxResultSize)
|
||||
for scanner.Scan() {
|
||||
result, aggregateScore, err := pkg.ExperimentalFromJSON2(strings.NewReader(scanner.Text()))
|
||||
result, aggregateScore, err := scorecard.ExperimentalFromJSON2(strings.NewReader(scanner.Text()))
|
||||
if err != nil {
|
||||
return [12]int{}, fmt.Errorf("parsing result: %w", err)
|
||||
}
|
||||
|
24
cmd/root.go
24
cmd/root.go
@ -36,7 +36,7 @@ import (
|
||||
sce "github.com/ossf/scorecard/v5/errors"
|
||||
sclog "github.com/ossf/scorecard/v5/log"
|
||||
"github.com/ossf/scorecard/v5/options"
|
||||
"github.com/ossf/scorecard/v5/pkg"
|
||||
"github.com/ossf/scorecard/v5/pkg/scorecard"
|
||||
"github.com/ossf/scorecard/v5/policy"
|
||||
)
|
||||
|
||||
@ -78,7 +78,7 @@ func New(o *options.Options) *cobra.Command {
|
||||
// rootCmd runs scorecard checks given a set of arguments.
|
||||
func rootCmd(o *options.Options) error {
|
||||
var err error
|
||||
var repoResult pkg.ScorecardResult
|
||||
var repoResult scorecard.Result
|
||||
|
||||
p := &pmc.PackageManagerClient{}
|
||||
// Set `repo` from package managers.
|
||||
@ -123,8 +123,8 @@ func rootCmd(o *options.Options) error {
|
||||
if !strings.EqualFold(o.Commit, clients.HeadSHA) {
|
||||
requiredRequestTypes = append(requiredRequestTypes, checker.CommitBased)
|
||||
}
|
||||
// this call to policy is different from the one in pkg.Run
|
||||
// this one is concerned with a policy file, while the pkg.Run call is
|
||||
// this call to policy is different from the one in scorecard.Run
|
||||
// this one is concerned with a policy file, while the scorecard.Run call is
|
||||
// more concerned with the supported request types
|
||||
enabledChecks, err := policy.GetEnabled(pol, o.Checks(), requiredRequestTypes)
|
||||
if err != nil {
|
||||
@ -144,15 +144,15 @@ func rootCmd(o *options.Options) error {
|
||||
}
|
||||
}
|
||||
|
||||
repoResult, err = pkg.Run(ctx, repo,
|
||||
pkg.WithLogLevel(sclog.ParseLevel(o.LogLevel)),
|
||||
pkg.WithCommitSHA(o.Commit),
|
||||
pkg.WithCommitDepth(o.CommitDepth),
|
||||
pkg.WithProbes(enabledProbes),
|
||||
pkg.WithChecks(checks),
|
||||
repoResult, err = scorecard.Run(ctx, repo,
|
||||
scorecard.WithLogLevel(sclog.ParseLevel(o.LogLevel)),
|
||||
scorecard.WithCommitSHA(o.Commit),
|
||||
scorecard.WithCommitDepth(o.CommitDepth),
|
||||
scorecard.WithProbes(enabledProbes),
|
||||
scorecard.WithChecks(checks),
|
||||
)
|
||||
if err != nil {
|
||||
return fmt.Errorf("RunScorecard: %w", err)
|
||||
return fmt.Errorf("scorecard.Run: %w", err)
|
||||
}
|
||||
|
||||
repoResult.Metadata = append(repoResult.Metadata, o.Metadata...)
|
||||
@ -170,7 +170,7 @@ func rootCmd(o *options.Options) error {
|
||||
}
|
||||
}
|
||||
|
||||
resultsErr := pkg.FormatResults(
|
||||
resultsErr := scorecard.FormatResults(
|
||||
o,
|
||||
&repoResult,
|
||||
checkDocs,
|
||||
|
10
cmd/serve.go
10
cmd/serve.go
@ -27,7 +27,7 @@ import (
|
||||
"github.com/ossf/scorecard/v5/clients/ossfuzz"
|
||||
"github.com/ossf/scorecard/v5/log"
|
||||
"github.com/ossf/scorecard/v5/options"
|
||||
"github.com/ossf/scorecard/v5/pkg"
|
||||
"github.com/ossf/scorecard/v5/pkg/scorecard"
|
||||
)
|
||||
|
||||
// TODO(cmd): Determine if this should be exported.
|
||||
@ -65,10 +65,10 @@ func serveCmd(o *options.Options) *cobra.Command {
|
||||
rw.WriteHeader(http.StatusInternalServerError)
|
||||
}
|
||||
defer ossFuzzRepoClient.Close()
|
||||
repoResult, err := pkg.Run(ctx, repo,
|
||||
pkg.WithCommitDepth(o.CommitDepth),
|
||||
pkg.WithRepoClient(repoClient),
|
||||
pkg.WithOSSFuzzClient(ossFuzzRepoClient),
|
||||
repoResult, err := scorecard.Run(ctx, repo,
|
||||
scorecard.WithCommitDepth(o.CommitDepth),
|
||||
scorecard.WithRepoClient(repoClient),
|
||||
scorecard.WithOSSFuzzClient(ossFuzzRepoClient),
|
||||
)
|
||||
if err != nil {
|
||||
logger.Error(err, "running enabled scorecard checks on repo")
|
||||
|
@ -23,7 +23,7 @@ import (
|
||||
docs "github.com/ossf/scorecard/v5/docs/checks"
|
||||
sce "github.com/ossf/scorecard/v5/errors"
|
||||
"github.com/ossf/scorecard/v5/log"
|
||||
"github.com/ossf/scorecard/v5/pkg"
|
||||
"github.com/ossf/scorecard/v5/pkg/scorecard"
|
||||
)
|
||||
|
||||
type jsonCheckResult struct {
|
||||
@ -83,7 +83,7 @@ type jsonScorecardResultV2 struct {
|
||||
}
|
||||
|
||||
// AsJSON exports results as JSON for new detail format.
|
||||
func AsJSON(r *pkg.ScorecardResult, showDetails bool, logLevel log.Level, writer io.Writer) error {
|
||||
func AsJSON(r *scorecard.Result, showDetails bool, logLevel log.Level, writer io.Writer) error {
|
||||
encoder := json.NewEncoder(writer)
|
||||
|
||||
out := jsonScorecardResult{
|
||||
@ -99,7 +99,7 @@ func AsJSON(r *pkg.ScorecardResult, showDetails bool, logLevel log.Level, writer
|
||||
if showDetails {
|
||||
for i := range checkResult.Details {
|
||||
d := checkResult.Details[i]
|
||||
m := pkg.DetailToString(&d, logLevel)
|
||||
m := scorecard.DetailToString(&d, logLevel)
|
||||
if m == "" {
|
||||
continue
|
||||
}
|
||||
@ -116,7 +116,7 @@ func AsJSON(r *pkg.ScorecardResult, showDetails bool, logLevel log.Level, writer
|
||||
}
|
||||
|
||||
// AsJSON2 exports results as JSON for the cron job and in the new detail format.
|
||||
func AsJSON2(r *pkg.ScorecardResult, showDetails bool,
|
||||
func AsJSON2(r *scorecard.Result, showDetails bool,
|
||||
logLevel log.Level, checkDocs docs.Doc, writer io.Writer,
|
||||
) error {
|
||||
score, err := r.GetAggregateScore(checkDocs)
|
||||
@ -159,7 +159,7 @@ func AsJSON2(r *pkg.ScorecardResult, showDetails bool,
|
||||
if showDetails {
|
||||
for i := range checkResult.Details {
|
||||
d := checkResult.Details[i]
|
||||
m := pkg.DetailToString(&d, logLevel)
|
||||
m := scorecard.DetailToString(&d, logLevel)
|
||||
if m == "" {
|
||||
continue
|
||||
}
|
||||
|
@ -21,7 +21,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v5/checker"
|
||||
sce "github.com/ossf/scorecard/v5/errors"
|
||||
"github.com/ossf/scorecard/v5/pkg"
|
||||
"github.com/ossf/scorecard/v5/pkg/scorecard"
|
||||
)
|
||||
|
||||
// Flat JSON structure to hold raw results.
|
||||
@ -263,7 +263,7 @@ func fillJSONRawResults(r *jsonScorecardRawResult, raw *checker.RawResults) erro
|
||||
}
|
||||
|
||||
// AsRawJSON exports results as JSON for raw results.
|
||||
func AsRawJSON(r *pkg.ScorecardResult, writer io.Writer) error {
|
||||
func AsRawJSON(r *scorecard.Result, writer io.Writer) error {
|
||||
encoder := json.NewEncoder(writer)
|
||||
out := jsonScorecardRawResult{
|
||||
Repo: jsonRepoV2{
|
||||
|
@ -28,7 +28,7 @@ import (
|
||||
"github.com/ossf/scorecard/v5/checker"
|
||||
"github.com/ossf/scorecard/v5/finding"
|
||||
"github.com/ossf/scorecard/v5/log"
|
||||
"github.com/ossf/scorecard/v5/pkg"
|
||||
"github.com/ossf/scorecard/v5/pkg/scorecard"
|
||||
)
|
||||
|
||||
func jsonMockDocRead() *mockDoc {
|
||||
@ -86,19 +86,19 @@ func TestJSONOutput(t *testing.T) {
|
||||
expected string
|
||||
showDetails bool
|
||||
logLevel log.Level
|
||||
result pkg.ScorecardResult
|
||||
result scorecard.Result
|
||||
}{
|
||||
{
|
||||
name: "check-1",
|
||||
showDetails: true,
|
||||
expected: "./testdata/check1.json",
|
||||
logLevel: log.DebugLevel,
|
||||
result: pkg.ScorecardResult{
|
||||
Repo: pkg.RepoInfo{
|
||||
result: scorecard.Result{
|
||||
Repo: scorecard.RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
},
|
||||
Scorecard: pkg.ScorecardInfo{
|
||||
Scorecard: scorecard.ScorecardInfo{
|
||||
Version: scorecardVersion,
|
||||
CommitSHA: scorecardCommit,
|
||||
},
|
||||
@ -130,12 +130,12 @@ func TestJSONOutput(t *testing.T) {
|
||||
showDetails: true,
|
||||
expected: "./testdata/check2.json",
|
||||
logLevel: log.DebugLevel,
|
||||
result: pkg.ScorecardResult{
|
||||
Repo: pkg.RepoInfo{
|
||||
result: scorecard.Result{
|
||||
Repo: scorecard.RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
},
|
||||
Scorecard: pkg.ScorecardInfo{
|
||||
Scorecard: scorecard.ScorecardInfo{
|
||||
Version: scorecardVersion,
|
||||
CommitSHA: scorecardCommit,
|
||||
},
|
||||
@ -166,12 +166,12 @@ func TestJSONOutput(t *testing.T) {
|
||||
showDetails: true,
|
||||
expected: "./testdata/check3.json",
|
||||
logLevel: log.InfoLevel,
|
||||
result: pkg.ScorecardResult{
|
||||
Repo: pkg.RepoInfo{
|
||||
result: scorecard.Result{
|
||||
Repo: scorecard.RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
},
|
||||
Scorecard: pkg.ScorecardInfo{
|
||||
Scorecard: scorecard.ScorecardInfo{
|
||||
Version: scorecardVersion,
|
||||
CommitSHA: scorecardCommit,
|
||||
},
|
||||
@ -256,12 +256,12 @@ func TestJSONOutput(t *testing.T) {
|
||||
showDetails: true,
|
||||
expected: "./testdata/check4.json",
|
||||
logLevel: log.DebugLevel,
|
||||
result: pkg.ScorecardResult{
|
||||
Repo: pkg.RepoInfo{
|
||||
result: scorecard.Result{
|
||||
Repo: scorecard.RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
},
|
||||
Scorecard: pkg.ScorecardInfo{
|
||||
Scorecard: scorecard.ScorecardInfo{
|
||||
Version: scorecardVersion,
|
||||
CommitSHA: scorecardCommit,
|
||||
},
|
||||
@ -346,12 +346,12 @@ func TestJSONOutput(t *testing.T) {
|
||||
showDetails: true,
|
||||
expected: "./testdata/check5.json",
|
||||
logLevel: log.WarnLevel,
|
||||
result: pkg.ScorecardResult{
|
||||
Repo: pkg.RepoInfo{
|
||||
result: scorecard.Result{
|
||||
Repo: scorecard.RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
},
|
||||
Scorecard: pkg.ScorecardInfo{
|
||||
Scorecard: scorecard.ScorecardInfo{
|
||||
Version: scorecardVersion,
|
||||
CommitSHA: scorecardCommit,
|
||||
},
|
||||
@ -383,12 +383,12 @@ func TestJSONOutput(t *testing.T) {
|
||||
showDetails: true,
|
||||
expected: "./testdata/check6.json",
|
||||
logLevel: log.WarnLevel,
|
||||
result: pkg.ScorecardResult{
|
||||
Repo: pkg.RepoInfo{
|
||||
result: scorecard.Result{
|
||||
Repo: scorecard.RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
},
|
||||
Scorecard: pkg.ScorecardInfo{
|
||||
Scorecard: scorecard.ScorecardInfo{
|
||||
Version: scorecardVersion,
|
||||
CommitSHA: scorecardCommit,
|
||||
},
|
||||
|
@ -41,7 +41,7 @@ import (
|
||||
docs "github.com/ossf/scorecard/v5/docs/checks"
|
||||
sce "github.com/ossf/scorecard/v5/errors"
|
||||
"github.com/ossf/scorecard/v5/log"
|
||||
"github.com/ossf/scorecard/v5/pkg"
|
||||
"github.com/ossf/scorecard/v5/pkg/scorecard"
|
||||
"github.com/ossf/scorecard/v5/policy"
|
||||
"github.com/ossf/scorecard/v5/stats"
|
||||
)
|
||||
@ -217,20 +217,20 @@ func processRequest(ctx context.Context,
|
||||
enabledChecks = append(enabledChecks, check)
|
||||
}
|
||||
|
||||
result, err := pkg.Run(ctx, repo,
|
||||
pkg.WithCommitSHA(commitSHA),
|
||||
pkg.WithChecks(enabledChecks),
|
||||
pkg.WithRepoClient(repoClient),
|
||||
pkg.WithOSSFuzzClient(ossFuzzRepoClient),
|
||||
pkg.WithOpenSSFBestPraticesClient(ciiClient),
|
||||
pkg.WithVulnerabilitiesClient(vulnsClient),
|
||||
result, err := scorecard.Run(ctx, repo,
|
||||
scorecard.WithCommitSHA(commitSHA),
|
||||
scorecard.WithChecks(enabledChecks),
|
||||
scorecard.WithRepoClient(repoClient),
|
||||
scorecard.WithOSSFuzzClient(ossFuzzRepoClient),
|
||||
scorecard.WithOpenSSFBestPraticesClient(ciiClient),
|
||||
scorecard.WithVulnerabilitiesClient(vulnsClient),
|
||||
)
|
||||
if errors.Is(err, sce.ErrRepoUnreachable) {
|
||||
// Not accessible repo - continue.
|
||||
continue
|
||||
}
|
||||
if err != nil {
|
||||
return fmt.Errorf("error during RunScorecard: %w", err)
|
||||
return fmt.Errorf("error during scorecard.Run: %w", err)
|
||||
}
|
||||
for checkIndex := range result.Checks {
|
||||
check := &result.Checks[checkIndex]
|
||||
|
@ -28,7 +28,7 @@ import (
|
||||
"github.com/ossf/scorecard/v5/attestor/policy"
|
||||
"github.com/ossf/scorecard/v5/clients/githubrepo"
|
||||
"github.com/ossf/scorecard/v5/internal/checknames"
|
||||
"github.com/ossf/scorecard/v5/pkg"
|
||||
"github.com/ossf/scorecard/v5/pkg/scorecard"
|
||||
)
|
||||
|
||||
var _ = Describe("E2E TEST PAT: scorecard-attestor policy", func() {
|
||||
@ -222,7 +222,7 @@ var _ = Describe("E2E TEST PAT: scorecard-attestor policy", func() {
|
||||
})
|
||||
})
|
||||
|
||||
func getScorecardResult(repoURL string) (pkg.ScorecardResult, error) {
|
||||
func getScorecardResult(repoURL string) (scorecard.Result, error) {
|
||||
ctx := context.Background()
|
||||
enabledChecks := []string{
|
||||
checknames.BinaryArtifacts,
|
||||
@ -232,7 +232,7 @@ func getScorecardResult(repoURL string) (pkg.ScorecardResult, error) {
|
||||
}
|
||||
repo, err := githubrepo.MakeGithubRepo(repoURL)
|
||||
if err != nil {
|
||||
return pkg.ScorecardResult{}, fmt.Errorf("couldn't set up repo: %w", err)
|
||||
return scorecard.Result{}, fmt.Errorf("couldn't set up repo: %w", err)
|
||||
}
|
||||
return pkg.Run(ctx, repo, pkg.WithChecks(enabledChecks))
|
||||
return scorecard.Run(ctx, repo, scorecard.WithChecks(enabledChecks))
|
||||
}
|
||||
|
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package pkg
|
||||
package scorecard
|
||||
|
||||
import (
|
||||
"fmt"
|
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package pkg
|
||||
package scorecard
|
||||
|
||||
import (
|
||||
"testing"
|
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package pkg
|
||||
package scorecard
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
@ -96,7 +96,7 @@ type AsJSON2ResultOption struct {
|
||||
}
|
||||
|
||||
// AsJSON exports results as JSON for new detail format.
|
||||
func (r *ScorecardResult) AsJSON(showDetails bool, logLevel log.Level, writer io.Writer) error {
|
||||
func (r *Result) AsJSON(showDetails bool, logLevel log.Level, writer io.Writer) error {
|
||||
encoder := json.NewEncoder(writer)
|
||||
|
||||
out := jsonScorecardResult{
|
||||
@ -129,7 +129,7 @@ func (r *ScorecardResult) AsJSON(showDetails bool, logLevel log.Level, writer io
|
||||
}
|
||||
|
||||
// AsJSON2 exports results as JSON for new detail format.
|
||||
func (r *ScorecardResult) AsJSON2(writer io.Writer, checkDocs docs.Doc, opt *AsJSON2ResultOption) error {
|
||||
func (r *Result) AsJSON2(writer io.Writer, checkDocs docs.Doc, opt *AsJSON2ResultOption) error {
|
||||
if opt == nil {
|
||||
opt = &AsJSON2ResultOption{
|
||||
LogLevel: log.DefaultLevel,
|
||||
@ -200,11 +200,11 @@ func (r *ScorecardResult) AsJSON2(writer io.Writer, checkDocs docs.Doc, opt *AsJ
|
||||
|
||||
// ExperimentalFromJSON2 is experimental. Do not depend on it, it may be removed at any point.
|
||||
// Also returns the aggregate score, as the ScorecardResult field does not contain it.
|
||||
func ExperimentalFromJSON2(r io.Reader) (result ScorecardResult, score float64, err error) {
|
||||
func ExperimentalFromJSON2(r io.Reader) (result Result, score float64, err error) {
|
||||
var jsr JSONScorecardResultV2
|
||||
decoder := json.NewDecoder(r)
|
||||
if err := decoder.Decode(&jsr); err != nil {
|
||||
return ScorecardResult{}, 0, fmt.Errorf("decode json: %w", err)
|
||||
return Result{}, 0, fmt.Errorf("decode json: %w", err)
|
||||
}
|
||||
|
||||
var parseErr *time.ParseError
|
||||
@ -213,10 +213,10 @@ func ExperimentalFromJSON2(r io.Reader) (result ScorecardResult, score float64,
|
||||
date, err = time.Parse("2006-01-02", jsr.Date)
|
||||
}
|
||||
if err != nil {
|
||||
return ScorecardResult{}, 0, fmt.Errorf("parse scorecard analysis time: %w", err)
|
||||
return Result{}, 0, fmt.Errorf("parse scorecard analysis time: %w", err)
|
||||
}
|
||||
|
||||
sr := ScorecardResult{
|
||||
sr := Result{
|
||||
Repo: RepoInfo{
|
||||
Name: jsr.Repo.Name,
|
||||
CommitSHA: jsr.Repo.Commit,
|
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package pkg
|
||||
package scorecard
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
@ -818,7 +818,7 @@ func (r *jsonScorecardRawResult) fillJSONRawResults(raw *checker.RawResults) err
|
||||
}
|
||||
|
||||
// AsRawJSON exports results as JSON for raw results.
|
||||
func (r *ScorecardResult) AsRawJSON(writer io.Writer) error {
|
||||
func (r *Result) AsRawJSON(writer io.Writer) error {
|
||||
encoder := json.NewEncoder(writer)
|
||||
out := jsonScorecardRawResult{
|
||||
Repo: jsonRepoV2{
|
@ -11,7 +11,7 @@
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
package pkg
|
||||
package scorecard
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
@ -1265,7 +1265,7 @@ func TestScorecardResult_AsRawJSON(t *testing.T) {
|
||||
tt := tt // capture range variable
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
t.Parallel()
|
||||
r := &ScorecardResult{
|
||||
r := &Result{
|
||||
Repo: tt.fields.Repo,
|
||||
Date: tt.fields.Date,
|
||||
Scorecard: tt.fields.Scorecard,
|
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package pkg
|
||||
package scorecard
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
@ -90,14 +90,14 @@ func TestJSONOutput(t *testing.T) {
|
||||
showDetails bool
|
||||
showAnnotations bool
|
||||
logLevel log.Level
|
||||
result ScorecardResult
|
||||
result Result
|
||||
}{
|
||||
{
|
||||
name: "check-1",
|
||||
showDetails: true,
|
||||
expected: "./testdata/check1.json",
|
||||
logLevel: log.DebugLevel,
|
||||
result: ScorecardResult{
|
||||
result: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
@ -135,7 +135,7 @@ func TestJSONOutput(t *testing.T) {
|
||||
showAnnotations: true,
|
||||
expected: "./testdata/check1_annotations.json",
|
||||
logLevel: log.DebugLevel,
|
||||
result: ScorecardResult{
|
||||
result: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
@ -183,7 +183,7 @@ func TestJSONOutput(t *testing.T) {
|
||||
showDetails: true,
|
||||
expected: "./testdata/check2.json",
|
||||
logLevel: log.DebugLevel,
|
||||
result: ScorecardResult{
|
||||
result: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
@ -219,7 +219,7 @@ func TestJSONOutput(t *testing.T) {
|
||||
showDetails: true,
|
||||
expected: "./testdata/check3.json",
|
||||
logLevel: log.InfoLevel,
|
||||
result: ScorecardResult{
|
||||
result: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
@ -309,7 +309,7 @@ func TestJSONOutput(t *testing.T) {
|
||||
showDetails: true,
|
||||
expected: "./testdata/check4.json",
|
||||
logLevel: log.DebugLevel,
|
||||
result: ScorecardResult{
|
||||
result: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
@ -399,7 +399,7 @@ func TestJSONOutput(t *testing.T) {
|
||||
showDetails: true,
|
||||
expected: "./testdata/check5.json",
|
||||
logLevel: log.WarnLevel,
|
||||
result: ScorecardResult{
|
||||
result: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
@ -436,7 +436,7 @@ func TestJSONOutput(t *testing.T) {
|
||||
showDetails: true,
|
||||
expected: "./testdata/check6.json",
|
||||
logLevel: log.WarnLevel,
|
||||
result: ScorecardResult{
|
||||
result: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package pkg
|
||||
package scorecard
|
||||
|
||||
import (
|
||||
"strings"
|
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package pkg_test
|
||||
package scorecard_test
|
||||
|
||||
import (
|
||||
"os"
|
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package pkg
|
||||
package scorecard
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
@ -39,7 +39,7 @@ type ProbeResultOption struct {
|
||||
|
||||
// AsProbe writes results as JSON for flat findings without checks.
|
||||
// It accepts an optional argument to configure the output.
|
||||
func (r *ScorecardResult) AsProbe(writer io.Writer, o *ProbeResultOption) error {
|
||||
func (r *Result) AsProbe(writer io.Writer, o *ProbeResultOption) error {
|
||||
encoder := json.NewEncoder(writer)
|
||||
out := JSONScorecardProbeResult{
|
||||
Repo: jsonRepoV2{
|
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package pkg
|
||||
package scorecard
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
@ -30,12 +30,12 @@ func TestAsProbe(t *testing.T) {
|
||||
tests := []struct {
|
||||
name string
|
||||
expected string
|
||||
result ScorecardResult
|
||||
result Result
|
||||
}{
|
||||
{
|
||||
name: "multiple findings displayed",
|
||||
expected: "./testdata/probe1.json",
|
||||
result: ScorecardResult{
|
||||
result: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: "foo",
|
||||
CommitSHA: "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
|
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package pkg
|
||||
package scorecard
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
@ -612,7 +612,7 @@ func toolName(opts *options.Options) string {
|
||||
}
|
||||
|
||||
// AsSARIF outputs ScorecardResult in SARIF 2.1.0 format.
|
||||
func (r *ScorecardResult) AsSARIF(showDetails bool, logLevel log.Level,
|
||||
func (r *Result) AsSARIF(showDetails bool, logLevel log.Level,
|
||||
writer io.Writer, checkDocs docs.Doc, policy *spol.ScorecardPolicy,
|
||||
opts *options.Options,
|
||||
) error {
|
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package pkg
|
||||
package scorecard
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
@ -121,7 +121,7 @@ func TestSARIFOutput(t *testing.T) {
|
||||
showDetails bool
|
||||
showAnotations bool
|
||||
logLevel log.Level
|
||||
result ScorecardResult
|
||||
result Result
|
||||
policy spol.ScorecardPolicy
|
||||
}{
|
||||
{
|
||||
@ -142,7 +142,7 @@ func TestSARIFOutput(t *testing.T) {
|
||||
},
|
||||
},
|
||||
},
|
||||
result: ScorecardResult{
|
||||
result: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
@ -196,7 +196,7 @@ func TestSARIFOutput(t *testing.T) {
|
||||
},
|
||||
},
|
||||
},
|
||||
result: ScorecardResult{
|
||||
result: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
@ -243,7 +243,7 @@ func TestSARIFOutput(t *testing.T) {
|
||||
},
|
||||
},
|
||||
},
|
||||
result: ScorecardResult{
|
||||
result: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
@ -303,7 +303,7 @@ func TestSARIFOutput(t *testing.T) {
|
||||
},
|
||||
},
|
||||
},
|
||||
result: ScorecardResult{
|
||||
result: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
@ -356,7 +356,7 @@ func TestSARIFOutput(t *testing.T) {
|
||||
},
|
||||
},
|
||||
},
|
||||
result: ScorecardResult{
|
||||
result: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
@ -463,7 +463,7 @@ func TestSARIFOutput(t *testing.T) {
|
||||
},
|
||||
},
|
||||
},
|
||||
result: ScorecardResult{
|
||||
result: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
@ -562,7 +562,7 @@ func TestSARIFOutput(t *testing.T) {
|
||||
},
|
||||
},
|
||||
},
|
||||
result: ScorecardResult{
|
||||
result: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
@ -610,7 +610,7 @@ func TestSARIFOutput(t *testing.T) {
|
||||
},
|
||||
},
|
||||
},
|
||||
result: ScorecardResult{
|
||||
result: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
@ -662,7 +662,7 @@ func TestSARIFOutput(t *testing.T) {
|
||||
},
|
||||
},
|
||||
},
|
||||
result: ScorecardResult{
|
||||
result: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
||||
@ -773,7 +773,7 @@ func TestSARIFOutput(t *testing.T) {
|
||||
},
|
||||
},
|
||||
},
|
||||
result: ScorecardResult{
|
||||
result: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: repoName,
|
||||
CommitSHA: repoCommit,
|
@ -12,8 +12,8 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
// Package pkg defines fns for running Scorecard checks on a Repo.
|
||||
package pkg
|
||||
// Package scorecard defines functions for running Scorecard checks on a Repo.
|
||||
package scorecard
|
||||
|
||||
import (
|
||||
"context"
|
||||
@ -97,16 +97,16 @@ func runScorecard(ctx context.Context,
|
||||
ciiClient clients.CIIBestPracticesClient,
|
||||
vulnsClient clients.VulnerabilitiesClient,
|
||||
projectClient packageclient.ProjectPackageClient,
|
||||
) (ScorecardResult, error) {
|
||||
) (Result, error) {
|
||||
if err := repoClient.InitRepo(repo, commitSHA, commitDepth); err != nil {
|
||||
// No need to call sce.WithMessage() since InitRepo will do that for us.
|
||||
//nolint:wrapcheck
|
||||
return ScorecardResult{}, err
|
||||
return Result{}, err
|
||||
}
|
||||
defer repoClient.Close()
|
||||
|
||||
versionInfo := version.GetVersionInfo()
|
||||
ret := ScorecardResult{
|
||||
ret := Result{
|
||||
Repo: RepoInfo{
|
||||
Name: repo.URI(),
|
||||
CommitSHA: commitSHA,
|
||||
@ -123,14 +123,14 @@ func runScorecard(ctx context.Context,
|
||||
if errors.Is(err, errEmptyRepository) {
|
||||
return ret, nil
|
||||
} else if err != nil {
|
||||
return ScorecardResult{}, err
|
||||
return Result{}, err
|
||||
}
|
||||
ret.Repo.CommitSHA = commitSHA
|
||||
|
||||
defaultBranch, err := repoClient.GetDefaultBranchName()
|
||||
if err != nil {
|
||||
if !errors.Is(err, clients.ErrUnsupportedFeature) {
|
||||
return ScorecardResult{},
|
||||
return Result{},
|
||||
sce.WithMessage(sce.ErrScorecardInternal, fmt.Sprintf("GetDefaultBranchName:%v", err.Error()))
|
||||
}
|
||||
defaultBranch = "unknown"
|
||||
@ -163,7 +163,7 @@ func runScorecard(ctx context.Context,
|
||||
if len(probesToRun) > 0 {
|
||||
err = runEnabledProbes(request, probesToRun, &ret)
|
||||
if err != nil {
|
||||
return ScorecardResult{}, err
|
||||
return Result{}, err
|
||||
}
|
||||
return ret, nil
|
||||
}
|
||||
@ -209,7 +209,7 @@ func findConfigFile(rc clients.RepoClient) (io.ReadCloser, string) {
|
||||
|
||||
func runEnabledProbes(request *checker.CheckRequest,
|
||||
probesToRun []string,
|
||||
ret *ScorecardResult,
|
||||
ret *Result,
|
||||
) error {
|
||||
// Add RawResults to request
|
||||
err := populateRawResults(request, probesToRun, ret)
|
||||
@ -239,32 +239,6 @@ func runEnabledProbes(request *checker.CheckRequest,
|
||||
return nil
|
||||
}
|
||||
|
||||
// RunScorecard runs enabled Scorecard checks on a Repo.
|
||||
func RunScorecard(ctx context.Context,
|
||||
repo clients.Repo,
|
||||
commitSHA string,
|
||||
commitDepth int,
|
||||
checksToRun checker.CheckNameToFnMap,
|
||||
repoClient clients.RepoClient,
|
||||
ossFuzzRepoClient clients.RepoClient,
|
||||
ciiClient clients.CIIBestPracticesClient,
|
||||
vulnsClient clients.VulnerabilitiesClient,
|
||||
projectClient packageclient.ProjectPackageClient,
|
||||
) (ScorecardResult, error) {
|
||||
return runScorecard(ctx,
|
||||
repo,
|
||||
commitSHA,
|
||||
commitDepth,
|
||||
checksToRun,
|
||||
[]string{},
|
||||
repoClient,
|
||||
ossFuzzRepoClient,
|
||||
ciiClient,
|
||||
vulnsClient,
|
||||
projectClient,
|
||||
)
|
||||
}
|
||||
|
||||
type runConfig struct {
|
||||
client clients.RepoClient
|
||||
vulnClient clients.VulnerabilitiesClient
|
||||
@ -280,6 +254,7 @@ type runConfig struct {
|
||||
|
||||
type Option func(*runConfig) error
|
||||
|
||||
// WithLogLevel configures the log level of the analysis.
|
||||
func WithLogLevel(level sclog.Level) Option {
|
||||
return func(c *runConfig) error {
|
||||
c.logLevel = level
|
||||
@ -287,6 +262,7 @@ func WithLogLevel(level sclog.Level) Option {
|
||||
}
|
||||
}
|
||||
|
||||
// WithCommitDepth configures the number of commits to analyze.
|
||||
func WithCommitDepth(depth int) Option {
|
||||
return func(c *runConfig) error {
|
||||
c.commitDepth = depth
|
||||
@ -294,6 +270,8 @@ func WithCommitDepth(depth int) Option {
|
||||
}
|
||||
}
|
||||
|
||||
// WithCommitSHA specifies the repository commit to analyze.
|
||||
// If this option is not used, the repository is analyzed at HEAD.
|
||||
func WithCommitSHA(sha string) Option {
|
||||
return func(c *runConfig) error {
|
||||
c.commit = sha
|
||||
@ -301,6 +279,8 @@ func WithCommitSHA(sha string) Option {
|
||||
}
|
||||
}
|
||||
|
||||
// WithChecks specifies checks which should be run during the analysis
|
||||
// of a project. If this option is not used, all checks are run.
|
||||
func WithChecks(checks []string) Option {
|
||||
return func(c *runConfig) error {
|
||||
c.checks = checks
|
||||
@ -308,6 +288,8 @@ func WithChecks(checks []string) Option {
|
||||
}
|
||||
}
|
||||
|
||||
// WithProbes specifies individual probes which should be run during the
|
||||
// analysis of a project.
|
||||
func WithProbes(probes []string) Option {
|
||||
return func(c *runConfig) error {
|
||||
c.probes = probes
|
||||
@ -315,6 +297,8 @@ func WithProbes(probes []string) Option {
|
||||
}
|
||||
}
|
||||
|
||||
// WithRepoClient will set the client used to query a repo host or forge
|
||||
// about the given project.
|
||||
func WithRepoClient(client clients.RepoClient) Option {
|
||||
return func(c *runConfig) error {
|
||||
c.client = client
|
||||
@ -322,6 +306,8 @@ func WithRepoClient(client clients.RepoClient) Option {
|
||||
}
|
||||
}
|
||||
|
||||
// WithOSSFuzzClient will set the client used to query OSS-Fuzz about a project's
|
||||
// integration with OSS-Fuzz.
|
||||
func WithOSSFuzzClient(client clients.RepoClient) Option {
|
||||
return func(c *runConfig) error {
|
||||
c.ossfuzzClient = client
|
||||
@ -329,6 +315,8 @@ func WithOSSFuzzClient(client clients.RepoClient) Option {
|
||||
}
|
||||
}
|
||||
|
||||
// WithVulnerabilitiesClient will set the client used to query vulnerabilities
|
||||
// present in a project.
|
||||
func WithVulnerabilitiesClient(client clients.VulnerabilitiesClient) Option {
|
||||
return func(c *runConfig) error {
|
||||
c.vulnClient = client
|
||||
@ -336,6 +324,8 @@ func WithVulnerabilitiesClient(client clients.VulnerabilitiesClient) Option {
|
||||
}
|
||||
}
|
||||
|
||||
// WithOpenSSFBestPraticesClient will set the client used to query the OpenSSF
|
||||
// Best Practice API for data about a project.
|
||||
func WithOpenSSFBestPraticesClient(client clients.CIIBestPracticesClient) Option {
|
||||
return func(c *runConfig) error {
|
||||
c.ciiClient = client
|
||||
@ -343,14 +333,17 @@ func WithOpenSSFBestPraticesClient(client clients.CIIBestPracticesClient) Option
|
||||
}
|
||||
}
|
||||
|
||||
func Run(ctx context.Context, repo clients.Repo, opts ...Option) (ScorecardResult, error) {
|
||||
// Run analyzes a given repository and returns the result. You can modify the
|
||||
// run behavior by passing in [Option] arguments. In the absence of a particular
|
||||
// option a default is used. Refer to the various Options for details.
|
||||
func Run(ctx context.Context, repo clients.Repo, opts ...Option) (Result, error) {
|
||||
c := runConfig{
|
||||
commit: clients.HeadSHA,
|
||||
logLevel: sclog.DefaultLevel,
|
||||
}
|
||||
for _, option := range opts {
|
||||
if err := option(&c); err != nil {
|
||||
return ScorecardResult{}, err
|
||||
return Result{}, err
|
||||
}
|
||||
}
|
||||
logger := sclog.NewLogger(c.logLevel)
|
||||
@ -383,7 +376,7 @@ func Run(ctx context.Context, repo clients.Repo, opts ...Option) (ScorecardResul
|
||||
if c.client == nil {
|
||||
c.client, err = gitlabrepo.CreateGitlabClient(ctx, repo.Host())
|
||||
if err != nil {
|
||||
return ScorecardResult{}, fmt.Errorf("creating gitlab client: %w", err)
|
||||
return Result{}, fmt.Errorf("creating gitlab client: %w", err)
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -394,7 +387,7 @@ func Run(ctx context.Context, repo clients.Repo, opts ...Option) (ScorecardResul
|
||||
|
||||
checksToRun, err := policy.GetEnabled(nil, c.checks, requiredRequestTypes)
|
||||
if err != nil {
|
||||
return ScorecardResult{}, fmt.Errorf("getting enabled checks: %w", err)
|
||||
return Result{}, fmt.Errorf("getting enabled checks: %w", err)
|
||||
}
|
||||
|
||||
return runScorecard(ctx, repo, c.commit, c.commitDepth, checksToRun, c.probes,
|
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package pkg
|
||||
package scorecard
|
||||
|
||||
import (
|
||||
"context"
|
||||
@ -29,7 +29,7 @@ import (
|
||||
sclog "github.com/ossf/scorecard/v5/log"
|
||||
)
|
||||
|
||||
func (r *ScorecardResult) normalize() {
|
||||
func (r *Result) normalize() {
|
||||
r.Date = time.Time{}
|
||||
sort.Slice(r.Checks, func(i, j int) bool {
|
||||
return r.Checks[i].Name < r.Checks[j].Name
|
||||
@ -51,7 +51,7 @@ func countDetails(c []checker.CheckDetail) (debug, info, warn int) {
|
||||
}
|
||||
|
||||
//nolint:gocritic // comparison was failing with pointer types
|
||||
func compareScorecardResults(a, b ScorecardResult) bool {
|
||||
func compareScorecardResults(a, b Result) bool {
|
||||
if a.Repo != b.Repo {
|
||||
fmt.Fprintf(GinkgoWriter, "Unequal repo details in results: %v vs %v\n", a.Repo, b.Repo)
|
||||
return false
|
||||
@ -95,7 +95,7 @@ func compareScorecardResults(a, b ScorecardResult) bool {
|
||||
return true
|
||||
}
|
||||
|
||||
var _ = Describe("E2E TEST: RunScorecard with re-used repoClient", func() {
|
||||
var _ = Describe("E2E TEST: scorecard.Run with re-used repoClient", func() {
|
||||
Context("E2E TEST: Validate results are identical regardless of order", func() {
|
||||
assertLastResultsIdentical := func(repos []string) {
|
||||
if len(repos) < 2 {
|
||||
@ -109,7 +109,7 @@ var _ = Describe("E2E TEST: RunScorecard with re-used repoClient", func() {
|
||||
isolatedResult, err := Run(ctx, repo, WithLogLevel(sclog.DebugLevel))
|
||||
Expect(err).Should(BeNil())
|
||||
|
||||
var sharedResult ScorecardResult
|
||||
var sharedResult Result
|
||||
for i := range repos {
|
||||
repo, err = githubrepo.MakeGithubRepo(repos[i])
|
||||
Expect(err).Should(BeNil())
|
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package pkg
|
||||
package scorecard
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
@ -52,8 +52,8 @@ type RepoInfo struct {
|
||||
CommitSHA string
|
||||
}
|
||||
|
||||
// ScorecardResult struct is returned on a successful Scorecard run.
|
||||
type ScorecardResult struct {
|
||||
// Result struct is returned on a successful Scorecard run.
|
||||
type Result struct {
|
||||
Repo RepoInfo
|
||||
Date time.Time
|
||||
Scorecard ScorecardInfo
|
||||
@ -79,7 +79,7 @@ func scoreToString(s float64) string {
|
||||
}
|
||||
|
||||
// GetAggregateScore returns the aggregate score.
|
||||
func (r *ScorecardResult) GetAggregateScore(checkDocs docChecks.Doc) (float64, error) {
|
||||
func (r *Result) GetAggregateScore(checkDocs docChecks.Doc) (float64, error) {
|
||||
// TODO: calculate the score and make it a field
|
||||
// of ScorecardResult
|
||||
weights := map[string]float64{"Critical": 10, "High": 7.5, "Medium": 5, "Low": 2.5}
|
||||
@ -121,7 +121,7 @@ func (r *ScorecardResult) GetAggregateScore(checkDocs docChecks.Doc) (float64, e
|
||||
// FormatResults formats scorecard results.
|
||||
func FormatResults(
|
||||
opts *options.Options,
|
||||
results *ScorecardResult,
|
||||
results *Result,
|
||||
doc docChecks.Doc,
|
||||
policy *spol.ScorecardPolicy,
|
||||
) error {
|
||||
@ -179,7 +179,7 @@ func FormatResults(
|
||||
}
|
||||
|
||||
// AsString returns ScorecardResult in string format.
|
||||
func (r *ScorecardResult) AsString(writer io.Writer, checkDocs docChecks.Doc, opt *AsStringResultOption) error {
|
||||
func (r *Result) AsString(writer io.Writer, checkDocs docChecks.Doc, opt *AsStringResultOption) error {
|
||||
if opt == nil {
|
||||
opt = &AsStringResultOption{
|
||||
LogLevel: log.DefaultLevel,
|
||||
@ -255,7 +255,7 @@ func (r *ScorecardResult) AsString(writer io.Writer, checkDocs docChecks.Doc, op
|
||||
}
|
||||
|
||||
//nolint:gocognit,gocyclo // nothing better to do right now
|
||||
func assignRawData(probeCheckName string, request *checker.CheckRequest, ret *ScorecardResult) error {
|
||||
func assignRawData(probeCheckName string, request *checker.CheckRequest, ret *Result) error {
|
||||
switch probeCheckName {
|
||||
case checks.CheckBinaryArtifacts:
|
||||
rawData, err := raw.BinaryArtifacts(request)
|
||||
@ -394,7 +394,7 @@ func assignRawData(probeCheckName string, request *checker.CheckRequest, ret *Sc
|
||||
return nil
|
||||
}
|
||||
|
||||
func populateRawResults(request *checker.CheckRequest, probesToRun []string, ret *ScorecardResult) error {
|
||||
func populateRawResults(request *checker.CheckRequest, probesToRun []string, ret *Result) error {
|
||||
seen := map[string]bool{}
|
||||
for _, probeName := range probesToRun {
|
||||
p, err := proberegistration.Get(probeName)
|
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package pkg
|
||||
package scorecard
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
@ -30,7 +30,7 @@ import (
|
||||
spol "github.com/ossf/scorecard/v5/policy"
|
||||
)
|
||||
|
||||
func mockScorecardResultCheck1(t *testing.T) *ScorecardResult {
|
||||
func mockScorecardResultCheck1(t *testing.T) *Result {
|
||||
t.Helper()
|
||||
// Helper variables to mock Scorecard results
|
||||
date, err := time.Parse(time.RFC3339, "2023-03-02T10:30:43-06:00")
|
||||
@ -39,7 +39,7 @@ func mockScorecardResultCheck1(t *testing.T) *ScorecardResult {
|
||||
}
|
||||
t.Logf("date: %v", date)
|
||||
|
||||
return &ScorecardResult{
|
||||
return &Result{
|
||||
Repo: RepoInfo{
|
||||
Name: "org/name",
|
||||
CommitSHA: "68bc59901773ab4c051dfcea0cc4201a1567ab32",
|
||||
@ -87,7 +87,7 @@ func Test_formatResults_outputToFile(t *testing.T) {
|
||||
t.Parallel()
|
||||
type args struct {
|
||||
opts *options.Options
|
||||
results *ScorecardResult
|
||||
results *Result
|
||||
doc checks.Doc
|
||||
policy *spol.ScorecardPolicy
|
||||
}
|
@ -11,7 +11,7 @@
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
package pkg
|
||||
package scorecard
|
||||
|
||||
import (
|
||||
"context"
|
||||
@ -141,7 +141,7 @@ func TestRun(t *testing.T) {
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
want ScorecardResult
|
||||
want Result
|
||||
wantErr bool
|
||||
}{
|
||||
{
|
||||
@ -150,7 +150,7 @@ func TestRun(t *testing.T) {
|
||||
uri: "github.com/ossf/scorecard",
|
||||
commitSHA: "",
|
||||
},
|
||||
want: ScorecardResult{
|
||||
want: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: "github.com/ossf/scorecard",
|
||||
},
|
||||
@ -193,10 +193,10 @@ func TestRun(t *testing.T) {
|
||||
WithRepoClient(mockRepoClient),
|
||||
)
|
||||
if (err != nil) != tt.wantErr {
|
||||
t.Errorf("RunScorecard() error = %v, wantErr %v", err, tt.wantErr)
|
||||
t.Errorf("Run() error = %v, wantErr %v", err, tt.wantErr)
|
||||
return
|
||||
}
|
||||
ignoreDate := cmpopts.IgnoreFields(ScorecardResult{}, "Date")
|
||||
ignoreDate := cmpopts.IgnoreFields(Result{}, "Date")
|
||||
if !cmp.Equal(got, tt.want, ignoreDate) {
|
||||
t.Errorf("expected %v, got %v", got, cmp.Diff(tt.want, got, ignoreDate))
|
||||
}
|
||||
@ -219,7 +219,7 @@ func TestRun_WithProbes(t *testing.T) {
|
||||
files []string
|
||||
name string
|
||||
args args
|
||||
want ScorecardResult
|
||||
want Result
|
||||
wantErr bool
|
||||
}{
|
||||
{
|
||||
@ -229,7 +229,7 @@ func TestRun_WithProbes(t *testing.T) {
|
||||
commitSHA: "1a17bb812fb2ac23e9d09e86e122f8b67563aed7",
|
||||
probes: []string{fuzzed.Probe},
|
||||
},
|
||||
want: ScorecardResult{
|
||||
want: Result{
|
||||
Repo: RepoInfo{
|
||||
Name: "github.com/ossf/scorecard",
|
||||
CommitSHA: "1a17bb812fb2ac23e9d09e86e122f8b67563aed7",
|
||||
@ -269,7 +269,7 @@ func TestRun_WithProbes(t *testing.T) {
|
||||
commitSHA: "1a17bb812fb2ac23e9d09e86e122f8b67563aed7",
|
||||
probes: []string{"nonExistentProbe"},
|
||||
},
|
||||
want: ScorecardResult{},
|
||||
want: Result{},
|
||||
wantErr: true,
|
||||
},
|
||||
}
|
||||
@ -331,11 +331,11 @@ func TestRun_WithProbes(t *testing.T) {
|
||||
WithProbes(tt.args.probes),
|
||||
)
|
||||
if (err != nil) != tt.wantErr {
|
||||
t.Errorf("RunScorecard() error = %v, wantErr %v", err, tt.wantErr)
|
||||
t.Errorf("Run() error = %v, wantErr %v", err, tt.wantErr)
|
||||
return
|
||||
}
|
||||
ignoreRemediationText := cmpopts.IgnoreFields(finding.Remediation{}, "Text", "Markdown")
|
||||
ignoreDate := cmpopts.IgnoreFields(ScorecardResult{}, "Date")
|
||||
ignoreDate := cmpopts.IgnoreFields(Result{}, "Date")
|
||||
ignoreUnexported := cmpopts.IgnoreUnexported(finding.Finding{})
|
||||
if !cmp.Equal(got, tt.want, ignoreDate, ignoreRemediationText, ignoreUnexported) {
|
||||
t.Errorf("expected %v, got %v", got, cmp.Diff(tt.want, got, ignoreDate,
|
Loading…
Reference in New Issue
Block a user