From f2c57d25904136af97836801cd6da32e9bf77e92 Mon Sep 17 00:00:00 2001 From: Azeem Shaikh Date: Wed, 12 Jan 2022 11:49:01 -0800 Subject: [PATCH] :sparkles: Migrate to v4 --- .golangci.yml | 2 +- Makefile | 16 +++++------ checker/check_request.go | 2 +- checker/check_runner.go | 4 +-- checks/all_checks.go | 2 +- checks/binary_artifact.go | 8 +++--- checks/branch_protection.go | 8 +++--- checks/branch_protection_test.go | 10 +++---- checks/ci_tests.go | 6 ++-- checks/ci_tests_test.go | 8 +++--- checks/cii_best_practices.go | 6 ++-- checks/cii_best_practices_test.go | 10 +++---- checks/code_review.go | 4 +-- checks/contributors.go | 4 +-- checks/contributors_test.go | 8 +++--- checks/dangerous_workflow.go | 6 ++-- checks/dangerous_workflow_test.go | 4 +-- checks/dependency_update_tool.go | 8 +++--- checks/evaluation/binary_artifacts.go | 4 +-- checks/evaluation/branch_protection.go | 4 +-- checks/evaluation/branch_protection_test.go | 4 +-- checks/evaluation/dependency_update_tool.go | 4 +-- checks/evaluation/security_policy.go | 4 +-- checks/fileparser/github_workflow.go | 4 +-- checks/fileparser/listing.go | 6 ++-- checks/fuzzing.go | 8 +++--- checks/license.go | 4 +-- checks/license_test.go | 8 +++--- checks/maintained.go | 4 +-- checks/maintained_test.go | 8 +++--- checks/packaging.go | 6 ++-- checks/packaging_test.go | 2 +- checks/permissions.go | 6 ++-- checks/permissions_test.go | 4 +-- checks/pinned_dependencies.go | 6 ++-- checks/pinned_dependencies_test.go | 4 +-- checks/raw/binary_artifact.go | 8 +++--- checks/raw/branch_protection.go | 6 ++-- checks/raw/dependency_update_tool.go | 6 ++-- checks/raw/security_policy.go | 8 +++--- checks/sast.go | 6 ++-- checks/security_policy.go | 8 +++--- checks/shell_download_validate.go | 4 +-- checks/shell_download_validate_test.go | 2 +- checks/signed_releases.go | 4 +-- checks/signed_releases_test.go | 8 +++--- checks/vulnerabilities.go | 6 ++-- checks/vulnerabilities_test.go | 6 ++-- clients/githubrepo/branches.go | 4 +-- clients/githubrepo/checkruns.go | 4 +-- clients/githubrepo/client.go | 6 ++-- clients/githubrepo/contributors.go | 2 +- clients/githubrepo/graphql.go | 4 +-- clients/githubrepo/releases.go | 4 +-- clients/githubrepo/repo.go | 4 +-- clients/githubrepo/roundtripper/census.go | 4 +-- clients/githubrepo/roundtripper/rate_limit.go | 2 +- .../githubrepo/roundtripper/roundtripper.go | 2 +- .../roundtripper/tokens/server/main.go | 2 +- clients/githubrepo/roundtripper/transport.go | 4 +-- clients/githubrepo/search.go | 2 +- clients/githubrepo/search_test.go | 2 +- clients/githubrepo/statuses.go | 4 +-- clients/githubrepo/tarball.go | 2 +- clients/githubrepo/workflows.go | 4 +-- clients/localdir/client.go | 2 +- clients/localdir/client_test.go | 2 +- clients/localdir/repo.go | 2 +- clients/mockclients/cii_client.go | 2 +- clients/mockclients/repo.go | 2 +- clients/mockclients/repo_client.go | 2 +- clients/mockclients/vulnerabilities.go | 2 +- clients/vulnerabilities.go | 2 +- cmd/root.go | 18 ++++++------ cmd/serve.go | 8 +++--- cmd/version.go | 2 +- cron/bq/main.go | 4 +-- cron/cii/main.go | 6 ++-- cron/controller/main.go | 8 +++--- cron/data/add/main.go | 2 +- cron/data/add/main_test.go | 2 +- cron/data/blob.go | 2 +- cron/data/iterator.go | 2 +- cron/data/iterator_test.go | 2 +- cron/data/update/dependency.go | 4 +-- cron/data/update/main.go | 2 +- cron/data/validate/main.go | 2 +- cron/format/json.go | 6 ++-- cron/format/json_test.go | 4 +-- cron/format/mock_doc.go | 2 +- cron/monitoring/exporter.go | 2 +- cron/pubsub/publisher.go | 2 +- cron/pubsub/publisher_test.go | 2 +- cron/pubsub/subscriber.go | 2 +- cron/pubsub/subscriber_gcs.go | 2 +- cron/pubsub/subscriber_gocloud.go | 2 +- cron/pubsub/subscriber_gocloud_test.go | 2 +- cron/shuffle/main.go | 2 +- cron/webhook/main.go | 2 +- cron/worker/main.go | 28 +++++++++---------- docs/checks/impl.go | 4 +-- docs/checks/internal/generate/main.go | 2 +- docs/checks/internal/validate/main.go | 4 +-- e2e/binary_artifacts_test.go | 8 +++--- e2e/branch_protection_test.go | 8 +++--- e2e/ci_tests_test.go | 8 +++--- e2e/cii_best_practices_test.go | 10 +++---- e2e/code_review_test.go | 8 +++--- e2e/contributors_test.go | 8 +++--- e2e/dangerous_workflow_test.go | 8 +++--- e2e/dependency_update_tool_test.go | 8 +++--- e2e/e2e_suite_test.go | 2 +- e2e/executable_test.go | 2 +- e2e/fuzzing_test.go | 8 +++--- e2e/license_test.go | 8 +++--- e2e/maintained_test.go | 8 +++--- e2e/packaging_test.go | 8 +++--- e2e/permissions_test.go | 8 +++--- e2e/pinned_dependencies_test.go | 8 +++--- e2e/sast_test.go | 8 +++--- e2e/security_policy_test.go | 8 +++--- e2e/signedreleases_test.go | 8 +++--- e2e/vulnerabilities_test.go | 10 +++---- go.mod | 2 +- main.go | 2 +- pkg/common.go | 2 +- pkg/json.go | 4 +-- pkg/json_raw_results.go | 4 +-- pkg/json_test.go | 2 +- pkg/mock_doc.go | 2 +- pkg/sarif.go | 10 +++---- pkg/sarif_test.go | 4 +-- pkg/scorecard.go | 6 ++-- pkg/scorecard_result.go | 6 ++-- policy/policy.go | 4 +-- policy/policy_test.go | 2 +- utests/utlib.go | 2 +- 137 files changed, 343 insertions(+), 343 deletions(-) diff --git a/.golangci.yml b/.golangci.yml index aec9c7e4..708626d0 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -152,4 +152,4 @@ linters-settings: - unnecessaryBlock wrapcheck: ignorePackageGlobs: - - github.com/ossf/scorecard/v3/checks/fileparser + - github.com/ossf/scorecard/v4/checks/fileparser diff --git a/Makefile b/Makefile index 849f89ed..8554eedf 100644 --- a/Makefile +++ b/Makefile @@ -98,7 +98,7 @@ build-cron: build-controller build-worker build-cii-worker \ build-shuffler build-bq-transfer build-github-server \ build-webhook build-add-script build-validate-script build-update-script -build-targets = generate-mocks generate-docs build-proto build-scorecard build-releaser build-cron ko-build-everything dockerbuild +build-targets = generate-mocks generate-docs build-proto build-scorecard build-cron ko-build-everything dockerbuild .PHONY: build $(build-targets) build: ## Build all binaries and images in the repo. build: $(build-targets) @@ -202,43 +202,43 @@ scorecard-ko: ko publish -B \ --push=false \ --platform=$(PLATFORM)\ - --tags latest,$(GIT_VERSION),$(GIT_HASH) github.com/ossf/scorecard/v3 + --tags latest,$(GIT_VERSION),$(GIT_HASH) github.com/ossf/scorecard/v4 cron-controller-ko: KO_DATA_DATE_EPOCH=$(SOURCE_DATE_EPOCH) KO_DOCKER_REPO=${KO_PREFIX}/$(IMAGE_NAME)-batch-controller LDFLAGS="$(LDFLAGS)" \ ko publish -B \ --push=false \ --platform=$(PLATFORM)\ - --tags latest,$(GIT_VERSION),$(GIT_HASH) github.com/ossf/scorecard/v3/cron/controller + --tags latest,$(GIT_VERSION),$(GIT_HASH) github.com/ossf/scorecard/v4/cron/controller cron-worker-ko: KO_DATA_DATE_EPOCH=$(SOURCE_DATE_EPOCH) KO_DOCKER_REPO=${KO_PREFIX}/$(IMAGE_NAME)-batch-worker LDFLAGS="$(LDFLAGS)" \ ko publish -B \ --push=false \ --platform=$(PLATFORM)\ - --tags latest,$(GIT_VERSION),$(GIT_HASH) github.com/ossf/scorecard/v3/cron/worker + --tags latest,$(GIT_VERSION),$(GIT_HASH) github.com/ossf/scorecard/v4/cron/worker cron-cii-worker-ko: KO_DATA_DATE_EPOCH=$(SOURCE_DATE_EPOCH) KO_DOCKER_REPO=${KO_PREFIX}/$(IMAGE_NAME)-cii-worker LDFLAGS="$(LDFLAGS)" \ ko publish -B \ --push=false \ --platform=$(PLATFORM)\ - --tags latest,$(GIT_VERSION),$(GIT_HASH) github.com/ossf/scorecard/v3/cron/cii + --tags latest,$(GIT_VERSION),$(GIT_HASH) github.com/ossf/scorecard/v4/cron/cii cron-bq-transfer-ko: KO_DATA_DATE_EPOCH=$(SOURCE_DATE_EPOCH) KO_DOCKER_REPO=${KO_PREFIX}/$(IMAGE_NAME)-bq-transfer LDFLAGS="$(LDFLAGS)" \ ko publish -B \ --push=false \ --platform=$(PLATFORM)\ - --tags latest,$(GIT_VERSION),$(GIT_HASH) github.com/ossf/scorecard/v3/cron/bq + --tags latest,$(GIT_VERSION),$(GIT_HASH) github.com/ossf/scorecard/v4/cron/bq cron-webhook-ko: KO_DATA_DATE_EPOCH=$(SOURCE_DATE_EPOCH) KO_DOCKER_REPO=${KO_PREFIX}/$(IMAGE_NAME)-cron-webhook LDFLAGS="$(LDFLAGS)" \ ko publish -B \ --push=false \ --platform=$(PLATFORM)\ - --tags latest,$(GIT_VERSION),$(GIT_HASH) github.com/ossf/scorecard/v3/cron/webhook + --tags latest,$(GIT_VERSION),$(GIT_HASH) github.com/ossf/scorecard/v4/cron/webhook cron-github-server-ko: KO_DATA_DATE_EPOCH=$(SOURCE_DATE_EPOCH) KO_DOCKER_REPO=${KO_PREFIX}/$(IMAGE_NAME)-github-server LDFLAGS="$(LDFLAGS)" \ ko publish -B \ --push=false \ --platform=$(PLATFORM)\ - --tags latest,$(GIT_VERSION),$(GIT_HASH) github.com/ossf/scorecard/v3/clients/githubrepo/roundtripper/tokens/server + --tags latest,$(GIT_VERSION),$(GIT_HASH) github.com/ossf/scorecard/v4/clients/githubrepo/roundtripper/tokens/server docker-targets = scorecard-docker cron-controller-docker cron-worker-docker cron-cii-worker-docker cron-bq-transfer-docker cron-webhook-docker cron-github-server-docker .PHONY: dockerbuild $(docker-targets) diff --git a/checker/check_request.go b/checker/check_request.go index 6e802591..d52a4693 100644 --- a/checker/check_request.go +++ b/checker/check_request.go @@ -17,7 +17,7 @@ package checker import ( "context" - "github.com/ossf/scorecard/v3/clients" + "github.com/ossf/scorecard/v4/clients" ) // CheckRequest struct encapsulates all data to be passed into a CheckFn. diff --git a/checker/check_runner.go b/checker/check_runner.go index 2e8cdddd..1955dea2 100644 --- a/checker/check_runner.go +++ b/checker/check_runner.go @@ -23,8 +23,8 @@ import ( opencensusstats "go.opencensus.io/stats" "go.opencensus.io/tag" - sce "github.com/ossf/scorecard/v3/errors" - "github.com/ossf/scorecard/v3/stats" + sce "github.com/ossf/scorecard/v4/errors" + "github.com/ossf/scorecard/v4/stats" ) const checkRetries = 3 diff --git a/checks/all_checks.go b/checks/all_checks.go index 8fe51520..63eb7de1 100644 --- a/checks/all_checks.go +++ b/checks/all_checks.go @@ -15,7 +15,7 @@ // Package checks defines all Scorecard checks. package checks -import "github.com/ossf/scorecard/v3/checker" +import "github.com/ossf/scorecard/v4/checker" // AllChecks is the list of all security checks that will be run. var AllChecks = checker.CheckNameToFnMap{} diff --git a/checks/binary_artifact.go b/checks/binary_artifact.go index 97820541..aa5ae2aa 100644 --- a/checks/binary_artifact.go +++ b/checks/binary_artifact.go @@ -15,10 +15,10 @@ package checks import ( - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks/evaluation" - "github.com/ossf/scorecard/v3/checks/raw" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks/evaluation" + "github.com/ossf/scorecard/v4/checks/raw" + sce "github.com/ossf/scorecard/v4/errors" ) // CheckBinaryArtifacts is the exported name for Binary-Artifacts check. diff --git a/checks/branch_protection.go b/checks/branch_protection.go index 8535caad..916870f4 100644 --- a/checks/branch_protection.go +++ b/checks/branch_protection.go @@ -15,10 +15,10 @@ package checks import ( - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks/evaluation" - "github.com/ossf/scorecard/v3/checks/raw" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks/evaluation" + "github.com/ossf/scorecard/v4/checks/raw" + sce "github.com/ossf/scorecard/v4/errors" ) const ( diff --git a/checks/branch_protection_test.go b/checks/branch_protection_test.go index c198e526..53d0dc7c 100644 --- a/checks/branch_protection_test.go +++ b/checks/branch_protection_test.go @@ -19,11 +19,11 @@ import ( "github.com/golang/mock/gomock" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/clients" - mockrepo "github.com/ossf/scorecard/v3/clients/mockclients" - sce "github.com/ossf/scorecard/v3/errors" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/clients" + mockrepo "github.com/ossf/scorecard/v4/clients/mockclients" + sce "github.com/ossf/scorecard/v4/errors" + scut "github.com/ossf/scorecard/v4/utests" ) func getBranchName(branch *clients.BranchRef) string { diff --git a/checks/ci_tests.go b/checks/ci_tests.go index e0266f6b..8468b205 100644 --- a/checks/ci_tests.go +++ b/checks/ci_tests.go @@ -18,9 +18,9 @@ import ( "fmt" "strings" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/clients" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/clients" + sce "github.com/ossf/scorecard/v4/errors" ) const ( diff --git a/checks/ci_tests_test.go b/checks/ci_tests_test.go index 997458d0..d8e6ace3 100644 --- a/checks/ci_tests_test.go +++ b/checks/ci_tests_test.go @@ -20,10 +20,10 @@ import ( "github.com/golang/mock/gomock" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/clients" - mockrepo "github.com/ossf/scorecard/v3/clients/mockclients" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/clients" + mockrepo "github.com/ossf/scorecard/v4/clients/mockclients" + scut "github.com/ossf/scorecard/v4/utests" ) func Test_isTest(t *testing.T) { diff --git a/checks/cii_best_practices.go b/checks/cii_best_practices.go index 27bdbc03..657ad071 100644 --- a/checks/cii_best_practices.go +++ b/checks/cii_best_practices.go @@ -17,9 +17,9 @@ package checks import ( "fmt" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/clients" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/clients" + sce "github.com/ossf/scorecard/v4/errors" ) const ( diff --git a/checks/cii_best_practices_test.go b/checks/cii_best_practices_test.go index 797957f4..faf08d34 100644 --- a/checks/cii_best_practices_test.go +++ b/checks/cii_best_practices_test.go @@ -21,11 +21,11 @@ import ( "github.com/golang/mock/gomock" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/clients" - mockrepo "github.com/ossf/scorecard/v3/clients/mockclients" - sce "github.com/ossf/scorecard/v3/errors" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/clients" + mockrepo "github.com/ossf/scorecard/v4/clients/mockclients" + sce "github.com/ossf/scorecard/v4/errors" + scut "github.com/ossf/scorecard/v4/utests" ) var errTest = errors.New("test error") diff --git a/checks/code_review.go b/checks/code_review.go index 477bf0e6..e350d8e2 100644 --- a/checks/code_review.go +++ b/checks/code_review.go @@ -18,8 +18,8 @@ import ( "fmt" "strings" - "github.com/ossf/scorecard/v3/checker" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + sce "github.com/ossf/scorecard/v4/errors" ) // CheckCodeReview is the registered name for DoesCodeReview. diff --git a/checks/contributors.go b/checks/contributors.go index 31c63b66..3200057d 100644 --- a/checks/contributors.go +++ b/checks/contributors.go @@ -18,8 +18,8 @@ import ( "fmt" "strings" - "github.com/ossf/scorecard/v3/checker" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + sce "github.com/ossf/scorecard/v4/errors" ) const ( diff --git a/checks/contributors_test.go b/checks/contributors_test.go index 12d2e8ca..5b663aa4 100644 --- a/checks/contributors_test.go +++ b/checks/contributors_test.go @@ -20,10 +20,10 @@ import ( "github.com/golang/mock/gomock" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/clients" - mockrepo "github.com/ossf/scorecard/v3/clients/mockclients" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/clients" + mockrepo "github.com/ossf/scorecard/v4/clients/mockclients" + scut "github.com/ossf/scorecard/v4/utests" ) // TestContributors tests the contributors check. diff --git a/checks/dangerous_workflow.go b/checks/dangerous_workflow.go index a113564e..2ea42f35 100644 --- a/checks/dangerous_workflow.go +++ b/checks/dangerous_workflow.go @@ -21,9 +21,9 @@ import ( "github.com/rhysd/actionlint" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks/fileparser" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks/fileparser" + sce "github.com/ossf/scorecard/v4/errors" ) // CheckDangerousWorkflow is the exported name for Dangerous-Workflow check. diff --git a/checks/dangerous_workflow_test.go b/checks/dangerous_workflow_test.go index e7aa6f1c..6e050f84 100644 --- a/checks/dangerous_workflow_test.go +++ b/checks/dangerous_workflow_test.go @@ -19,8 +19,8 @@ import ( "io/ioutil" "testing" - "github.com/ossf/scorecard/v3/checker" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + scut "github.com/ossf/scorecard/v4/utests" ) func TestGithubDangerousWorkflow(t *testing.T) { diff --git a/checks/dependency_update_tool.go b/checks/dependency_update_tool.go index 96e33292..6ecbde15 100644 --- a/checks/dependency_update_tool.go +++ b/checks/dependency_update_tool.go @@ -15,10 +15,10 @@ package checks import ( - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks/evaluation" - "github.com/ossf/scorecard/v3/checks/raw" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks/evaluation" + "github.com/ossf/scorecard/v4/checks/raw" + sce "github.com/ossf/scorecard/v4/errors" ) // CheckDependencyUpdateTool is the exported name for Automatic-Depdendency-Update. diff --git a/checks/evaluation/binary_artifacts.go b/checks/evaluation/binary_artifacts.go index 598b6aef..ee67076d 100644 --- a/checks/evaluation/binary_artifacts.go +++ b/checks/evaluation/binary_artifacts.go @@ -15,8 +15,8 @@ package evaluation import ( - "github.com/ossf/scorecard/v3/checker" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + sce "github.com/ossf/scorecard/v4/errors" ) // BinaryArtifacts applies the score policy for the Binary-Artifacts check. diff --git a/checks/evaluation/branch_protection.go b/checks/evaluation/branch_protection.go index ce0ba112..beed6ab8 100644 --- a/checks/evaluation/branch_protection.go +++ b/checks/evaluation/branch_protection.go @@ -15,8 +15,8 @@ package evaluation import ( - "github.com/ossf/scorecard/v3/checker" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + sce "github.com/ossf/scorecard/v4/errors" ) const ( diff --git a/checks/evaluation/branch_protection_test.go b/checks/evaluation/branch_protection_test.go index 175dc022..7aa0aee8 100644 --- a/checks/evaluation/branch_protection_test.go +++ b/checks/evaluation/branch_protection_test.go @@ -17,8 +17,8 @@ package evaluation import ( "testing" - "github.com/ossf/scorecard/v3/checker" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + scut "github.com/ossf/scorecard/v4/utests" ) func testScore(branch *checker.BranchProtectionData, dl checker.DetailLogger) (int, error) { diff --git a/checks/evaluation/dependency_update_tool.go b/checks/evaluation/dependency_update_tool.go index 23dfd01e..5ef935c6 100644 --- a/checks/evaluation/dependency_update_tool.go +++ b/checks/evaluation/dependency_update_tool.go @@ -17,8 +17,8 @@ package evaluation import ( "fmt" - "github.com/ossf/scorecard/v3/checker" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + sce "github.com/ossf/scorecard/v4/errors" ) // DependencyUpdateTool applies the score policy for the Dependency-Update-Tool check. diff --git a/checks/evaluation/security_policy.go b/checks/evaluation/security_policy.go index d60319ea..ebf8ca82 100644 --- a/checks/evaluation/security_policy.go +++ b/checks/evaluation/security_policy.go @@ -15,8 +15,8 @@ package evaluation import ( - "github.com/ossf/scorecard/v3/checker" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + sce "github.com/ossf/scorecard/v4/errors" ) // SecurityPolicy applies the score policy for the Security-Policy check. diff --git a/checks/fileparser/github_workflow.go b/checks/fileparser/github_workflow.go index 3f401e47..00222a23 100644 --- a/checks/fileparser/github_workflow.go +++ b/checks/fileparser/github_workflow.go @@ -22,8 +22,8 @@ import ( "github.com/rhysd/actionlint" - "github.com/ossf/scorecard/v3/checker" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + sce "github.com/ossf/scorecard/v4/errors" ) const ( diff --git a/checks/fileparser/listing.go b/checks/fileparser/listing.go index c532871d..dcd9d606 100644 --- a/checks/fileparser/listing.go +++ b/checks/fileparser/listing.go @@ -20,9 +20,9 @@ import ( "path" "strings" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/clients" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/clients" + sce "github.com/ossf/scorecard/v4/errors" ) // isMatchingPath uses 'pattern' to shell-match the 'path' and its filename diff --git a/checks/fuzzing.go b/checks/fuzzing.go index 7aa49c7d..6bd25bff 100644 --- a/checks/fuzzing.go +++ b/checks/fuzzing.go @@ -17,10 +17,10 @@ package checks import ( "fmt" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks/fileparser" - "github.com/ossf/scorecard/v3/clients" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks/fileparser" + "github.com/ossf/scorecard/v4/clients" + sce "github.com/ossf/scorecard/v4/errors" ) // CheckFuzzing is the registered name for Fuzzing. diff --git a/checks/license.go b/checks/license.go index 6887cbb5..63559c9c 100644 --- a/checks/license.go +++ b/checks/license.go @@ -18,8 +18,8 @@ import ( "regexp" "strings" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks/fileparser" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks/fileparser" ) type check func(str string, extCheck []string) bool diff --git a/checks/license_test.go b/checks/license_test.go index 8e06fc46..25a5045d 100644 --- a/checks/license_test.go +++ b/checks/license_test.go @@ -22,10 +22,10 @@ import ( "github.com/golang/mock/gomock" "go.uber.org/zap/zapcore" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/clients/githubrepo" - "github.com/ossf/scorecard/v3/clients/localdir" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/clients/githubrepo" + "github.com/ossf/scorecard/v4/clients/localdir" + scut "github.com/ossf/scorecard/v4/utests" ) func TestLicenseFileCheck(t *testing.T) { diff --git a/checks/maintained.go b/checks/maintained.go index 773bb29c..eaa92c63 100644 --- a/checks/maintained.go +++ b/checks/maintained.go @@ -18,8 +18,8 @@ import ( "fmt" "time" - "github.com/ossf/scorecard/v3/checker" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + sce "github.com/ossf/scorecard/v4/errors" ) const ( diff --git a/checks/maintained_test.go b/checks/maintained_test.go index 93929fb9..84362cfb 100644 --- a/checks/maintained_test.go +++ b/checks/maintained_test.go @@ -21,10 +21,10 @@ import ( "github.com/golang/mock/gomock" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/clients" - mockrepo "github.com/ossf/scorecard/v3/clients/mockclients" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/clients" + mockrepo "github.com/ossf/scorecard/v4/clients/mockclients" + scut "github.com/ossf/scorecard/v4/utests" ) // nolint: gocognit diff --git a/checks/packaging.go b/checks/packaging.go index 6752d915..8197ab49 100644 --- a/checks/packaging.go +++ b/checks/packaging.go @@ -21,9 +21,9 @@ import ( "github.com/rhysd/actionlint" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks/fileparser" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks/fileparser" + sce "github.com/ossf/scorecard/v4/errors" ) // CheckPackaging is the registered name for Packaging. diff --git a/checks/packaging_test.go b/checks/packaging_test.go index f3c5f397..10036f9b 100644 --- a/checks/packaging_test.go +++ b/checks/packaging_test.go @@ -21,7 +21,7 @@ import ( "github.com/rhysd/actionlint" - scut "github.com/ossf/scorecard/v3/utests" + scut "github.com/ossf/scorecard/v4/utests" ) func TestIsPackagingWorkflow(t *testing.T) { diff --git a/checks/permissions.go b/checks/permissions.go index 3e3d0379..93118c90 100644 --- a/checks/permissions.go +++ b/checks/permissions.go @@ -20,9 +20,9 @@ import ( "github.com/rhysd/actionlint" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks/fileparser" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks/fileparser" + sce "github.com/ossf/scorecard/v4/errors" ) // CheckTokenPermissions is the exported name for Token-Permissions check. diff --git a/checks/permissions_test.go b/checks/permissions_test.go index 55d30533..7244ec2c 100644 --- a/checks/permissions_test.go +++ b/checks/permissions_test.go @@ -19,8 +19,8 @@ import ( "os" "testing" - "github.com/ossf/scorecard/v3/checker" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + scut "github.com/ossf/scorecard/v4/utests" ) type file struct { diff --git a/checks/pinned_dependencies.go b/checks/pinned_dependencies.go index 20b4c155..54b46f0a 100644 --- a/checks/pinned_dependencies.go +++ b/checks/pinned_dependencies.go @@ -22,9 +22,9 @@ import ( "github.com/moby/buildkit/frontend/dockerfile/parser" "github.com/rhysd/actionlint" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks/fileparser" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks/fileparser" + sce "github.com/ossf/scorecard/v4/errors" ) // CheckPinnedDependencies is the registered name for FrozenDeps. diff --git a/checks/pinned_dependencies_test.go b/checks/pinned_dependencies_test.go index a8c65cf8..5ab073c4 100644 --- a/checks/pinned_dependencies_test.go +++ b/checks/pinned_dependencies_test.go @@ -20,8 +20,8 @@ import ( "strings" "testing" - "github.com/ossf/scorecard/v3/checker" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + scut "github.com/ossf/scorecard/v4/utests" ) func TestGithubWorkflowPinning(t *testing.T) { diff --git a/checks/raw/binary_artifact.go b/checks/raw/binary_artifact.go index 7b56ca79..f64354c8 100644 --- a/checks/raw/binary_artifact.go +++ b/checks/raw/binary_artifact.go @@ -22,10 +22,10 @@ import ( "github.com/h2non/filetype" "github.com/h2non/filetype/types" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks/fileparser" - "github.com/ossf/scorecard/v3/clients" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks/fileparser" + "github.com/ossf/scorecard/v4/clients" + sce "github.com/ossf/scorecard/v4/errors" ) // BinaryArtifacts retrieves the raw data for the Binary-Artifacts check. diff --git a/checks/raw/branch_protection.go b/checks/raw/branch_protection.go index 4af2b698..6a384e23 100644 --- a/checks/raw/branch_protection.go +++ b/checks/raw/branch_protection.go @@ -19,9 +19,9 @@ import ( "fmt" "regexp" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/clients" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/clients" + sce "github.com/ossf/scorecard/v4/errors" ) type branchMap map[string]*clients.BranchRef diff --git a/checks/raw/dependency_update_tool.go b/checks/raw/dependency_update_tool.go index 1707f891..acb4b291 100644 --- a/checks/raw/dependency_update_tool.go +++ b/checks/raw/dependency_update_tool.go @@ -18,9 +18,9 @@ import ( "fmt" "strings" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks/fileparser" - "github.com/ossf/scorecard/v3/clients" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks/fileparser" + "github.com/ossf/scorecard/v4/clients" ) // DependencyUpdateTool is the exported name for Depdendency-Update-Tool. diff --git a/checks/raw/security_policy.go b/checks/raw/security_policy.go index 9b1705b7..19aa684d 100644 --- a/checks/raw/security_policy.go +++ b/checks/raw/security_policy.go @@ -21,10 +21,10 @@ import ( "go.uber.org/zap" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks/fileparser" - "github.com/ossf/scorecard/v3/clients/githubrepo" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks/fileparser" + "github.com/ossf/scorecard/v4/clients/githubrepo" + sce "github.com/ossf/scorecard/v4/errors" ) // SecurityPolicy checks for presence of security policy. diff --git a/checks/sast.go b/checks/sast.go index 66235b3e..1c0e2f00 100644 --- a/checks/sast.go +++ b/checks/sast.go @@ -17,9 +17,9 @@ package checks import ( "fmt" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/clients" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/clients" + sce "github.com/ossf/scorecard/v4/errors" ) // CheckSAST is the registered name for SAST. diff --git a/checks/security_policy.go b/checks/security_policy.go index 58dd2d41..f5922044 100644 --- a/checks/security_policy.go +++ b/checks/security_policy.go @@ -15,10 +15,10 @@ package checks import ( - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks/evaluation" - "github.com/ossf/scorecard/v3/checks/raw" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks/evaluation" + "github.com/ossf/scorecard/v4/checks/raw" + sce "github.com/ossf/scorecard/v4/errors" ) // CheckSecurityPolicy is the registred name for SecurityPolicy. diff --git a/checks/shell_download_validate.go b/checks/shell_download_validate.go index ae78a87c..c396b520 100644 --- a/checks/shell_download_validate.go +++ b/checks/shell_download_validate.go @@ -27,8 +27,8 @@ import ( "mvdan.cc/sh/v3/syntax" - "github.com/ossf/scorecard/v3/checker" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + sce "github.com/ossf/scorecard/v4/errors" ) var ( diff --git a/checks/shell_download_validate_test.go b/checks/shell_download_validate_test.go index 97cf20a1..dfad86ca 100644 --- a/checks/shell_download_validate_test.go +++ b/checks/shell_download_validate_test.go @@ -18,7 +18,7 @@ import ( "os" "testing" - scut "github.com/ossf/scorecard/v3/utests" + scut "github.com/ossf/scorecard/v4/utests" ) func TestIsSupportedShellScriptFile(t *testing.T) { diff --git a/checks/signed_releases.go b/checks/signed_releases.go index 2b9e7b88..ca32ea9a 100644 --- a/checks/signed_releases.go +++ b/checks/signed_releases.go @@ -18,8 +18,8 @@ import ( "fmt" "strings" - "github.com/ossf/scorecard/v3/checker" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + sce "github.com/ossf/scorecard/v4/errors" ) const ( diff --git a/checks/signed_releases_test.go b/checks/signed_releases_test.go index a464f9e4..dd9bb730 100644 --- a/checks/signed_releases_test.go +++ b/checks/signed_releases_test.go @@ -20,10 +20,10 @@ import ( "github.com/golang/mock/gomock" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/clients" - mockrepo "github.com/ossf/scorecard/v3/clients/mockclients" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/clients" + mockrepo "github.com/ossf/scorecard/v4/clients/mockclients" + scut "github.com/ossf/scorecard/v4/utests" ) func TestSignedRelease(t *testing.T) { diff --git a/checks/vulnerabilities.go b/checks/vulnerabilities.go index cd71159e..b2abc1ce 100644 --- a/checks/vulnerabilities.go +++ b/checks/vulnerabilities.go @@ -18,9 +18,9 @@ import ( "fmt" "strings" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/clients" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/clients" + sce "github.com/ossf/scorecard/v4/errors" ) const ( diff --git a/checks/vulnerabilities_test.go b/checks/vulnerabilities_test.go index f75b5109..0bf642fd 100644 --- a/checks/vulnerabilities_test.go +++ b/checks/vulnerabilities_test.go @@ -20,9 +20,9 @@ import ( "github.com/golang/mock/gomock" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/clients" - mockrepo "github.com/ossf/scorecard/v3/clients/mockclients" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/clients" + mockrepo "github.com/ossf/scorecard/v4/clients/mockclients" ) func TestVulnerabilities(t *testing.T) { diff --git a/clients/githubrepo/branches.go b/clients/githubrepo/branches.go index 7be46ff1..8609dab6 100644 --- a/clients/githubrepo/branches.go +++ b/clients/githubrepo/branches.go @@ -22,8 +22,8 @@ import ( "github.com/google/go-github/v38/github" "github.com/shurcooL/githubv4" - "github.com/ossf/scorecard/v3/clients" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/clients" + sce "github.com/ossf/scorecard/v4/errors" ) const ( diff --git a/clients/githubrepo/checkruns.go b/clients/githubrepo/checkruns.go index a51f50e1..42e75ab5 100644 --- a/clients/githubrepo/checkruns.go +++ b/clients/githubrepo/checkruns.go @@ -20,8 +20,8 @@ import ( "github.com/google/go-github/v38/github" - "github.com/ossf/scorecard/v3/clients" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/clients" + sce "github.com/ossf/scorecard/v4/errors" ) type checkrunsHandler struct { diff --git a/clients/githubrepo/client.go b/clients/githubrepo/client.go index afc1751f..5713dcfa 100644 --- a/clients/githubrepo/client.go +++ b/clients/githubrepo/client.go @@ -26,9 +26,9 @@ import ( "go.uber.org/zap" "go.uber.org/zap/zapcore" - "github.com/ossf/scorecard/v3/clients" - "github.com/ossf/scorecard/v3/clients/githubrepo/roundtripper" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/clients" + "github.com/ossf/scorecard/v4/clients/githubrepo/roundtripper" + sce "github.com/ossf/scorecard/v4/errors" ) var errInputRepoType = errors.New("input repo should be of type repoURL") diff --git a/clients/githubrepo/contributors.go b/clients/githubrepo/contributors.go index c27be941..780ca083 100644 --- a/clients/githubrepo/contributors.go +++ b/clients/githubrepo/contributors.go @@ -21,7 +21,7 @@ import ( "github.com/google/go-github/v38/github" - "github.com/ossf/scorecard/v3/clients" + "github.com/ossf/scorecard/v4/clients" ) type contributorsHandler struct { diff --git a/clients/githubrepo/graphql.go b/clients/githubrepo/graphql.go index 94760efa..250da7f4 100644 --- a/clients/githubrepo/graphql.go +++ b/clients/githubrepo/graphql.go @@ -22,8 +22,8 @@ import ( "github.com/shurcooL/githubv4" - "github.com/ossf/scorecard/v3/clients" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/clients" + sce "github.com/ossf/scorecard/v4/errors" ) const ( diff --git a/clients/githubrepo/releases.go b/clients/githubrepo/releases.go index c237195c..58dea442 100644 --- a/clients/githubrepo/releases.go +++ b/clients/githubrepo/releases.go @@ -21,8 +21,8 @@ import ( "github.com/google/go-github/v38/github" - "github.com/ossf/scorecard/v3/clients" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/clients" + sce "github.com/ossf/scorecard/v4/errors" ) type releasesHandler struct { diff --git a/clients/githubrepo/repo.go b/clients/githubrepo/repo.go index 2b213ec0..bbc78283 100644 --- a/clients/githubrepo/repo.go +++ b/clients/githubrepo/repo.go @@ -19,8 +19,8 @@ import ( "net/url" "strings" - "github.com/ossf/scorecard/v3/clients" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/clients" + sce "github.com/ossf/scorecard/v4/errors" ) const ( diff --git a/clients/githubrepo/roundtripper/census.go b/clients/githubrepo/roundtripper/census.go index 32aca8ee..11c8fb26 100644 --- a/clients/githubrepo/roundtripper/census.go +++ b/clients/githubrepo/roundtripper/census.go @@ -22,8 +22,8 @@ import ( opencensusstats "go.opencensus.io/stats" "go.opencensus.io/tag" - sce "github.com/ossf/scorecard/v3/errors" - "github.com/ossf/scorecard/v3/stats" + sce "github.com/ossf/scorecard/v4/errors" + "github.com/ossf/scorecard/v4/stats" ) const fromCacheHeader = "X-From-Cache" diff --git a/clients/githubrepo/roundtripper/rate_limit.go b/clients/githubrepo/roundtripper/rate_limit.go index 1956c4da..b682d70b 100644 --- a/clients/githubrepo/roundtripper/rate_limit.go +++ b/clients/githubrepo/roundtripper/rate_limit.go @@ -22,7 +22,7 @@ import ( "go.uber.org/zap" - sce "github.com/ossf/scorecard/v3/errors" + sce "github.com/ossf/scorecard/v4/errors" ) // MakeRateLimitedTransport returns a RoundTripper which rate limits GitHub requests. diff --git a/clients/githubrepo/roundtripper/roundtripper.go b/clients/githubrepo/roundtripper/roundtripper.go index efdb609c..d8fc3374 100644 --- a/clients/githubrepo/roundtripper/roundtripper.go +++ b/clients/githubrepo/roundtripper/roundtripper.go @@ -25,7 +25,7 @@ import ( "github.com/bradleyfalzon/ghinstallation/v2" "go.uber.org/zap" - "github.com/ossf/scorecard/v3/clients/githubrepo/roundtripper/tokens" + "github.com/ossf/scorecard/v4/clients/githubrepo/roundtripper/tokens" ) const ( diff --git a/clients/githubrepo/roundtripper/tokens/server/main.go b/clients/githubrepo/roundtripper/tokens/server/main.go index 60f6c9d8..521f159f 100644 --- a/clients/githubrepo/roundtripper/tokens/server/main.go +++ b/clients/githubrepo/roundtripper/tokens/server/main.go @@ -20,7 +20,7 @@ import ( "net/http" "net/rpc" - "github.com/ossf/scorecard/v3/clients/githubrepo/roundtripper/tokens" + "github.com/ossf/scorecard/v4/clients/githubrepo/roundtripper/tokens" ) func main() { diff --git a/clients/githubrepo/roundtripper/transport.go b/clients/githubrepo/roundtripper/transport.go index 5bc755ea..51e94742 100644 --- a/clients/githubrepo/roundtripper/transport.go +++ b/clients/githubrepo/roundtripper/transport.go @@ -22,8 +22,8 @@ import ( "go.opencensus.io/stats" "go.opencensus.io/tag" - "github.com/ossf/scorecard/v3/clients/githubrepo/roundtripper/tokens" - githubstats "github.com/ossf/scorecard/v3/clients/githubrepo/stats" + "github.com/ossf/scorecard/v4/clients/githubrepo/roundtripper/tokens" + githubstats "github.com/ossf/scorecard/v4/clients/githubrepo/stats" ) // makeGitHubTransport wraps input RoundTripper with GitHub authorization logic. diff --git a/clients/githubrepo/search.go b/clients/githubrepo/search.go index dc790a2b..72f88f7d 100644 --- a/clients/githubrepo/search.go +++ b/clients/githubrepo/search.go @@ -22,7 +22,7 @@ import ( "github.com/google/go-github/v38/github" - "github.com/ossf/scorecard/v3/clients" + "github.com/ossf/scorecard/v4/clients" ) var errEmptyQuery = errors.New("search query is empty") diff --git a/clients/githubrepo/search_test.go b/clients/githubrepo/search_test.go index 5fe3734e..38e0bef2 100644 --- a/clients/githubrepo/search_test.go +++ b/clients/githubrepo/search_test.go @@ -18,7 +18,7 @@ import ( "errors" "testing" - "github.com/ossf/scorecard/v3/clients" + "github.com/ossf/scorecard/v4/clients" ) func TestBuildQuery(t *testing.T) { diff --git a/clients/githubrepo/statuses.go b/clients/githubrepo/statuses.go index b033ad89..1e4f7a86 100644 --- a/clients/githubrepo/statuses.go +++ b/clients/githubrepo/statuses.go @@ -20,8 +20,8 @@ import ( "github.com/google/go-github/v38/github" - "github.com/ossf/scorecard/v3/clients" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/clients" + sce "github.com/ossf/scorecard/v4/errors" ) type statusesHandler struct { diff --git a/clients/githubrepo/tarball.go b/clients/githubrepo/tarball.go index 70caf692..871469e6 100644 --- a/clients/githubrepo/tarball.go +++ b/clients/githubrepo/tarball.go @@ -29,7 +29,7 @@ import ( "github.com/google/go-github/v38/github" - sce "github.com/ossf/scorecard/v3/errors" + sce "github.com/ossf/scorecard/v4/errors" ) const ( diff --git a/clients/githubrepo/workflows.go b/clients/githubrepo/workflows.go index 82f8c771..9211fdf8 100644 --- a/clients/githubrepo/workflows.go +++ b/clients/githubrepo/workflows.go @@ -20,8 +20,8 @@ import ( "github.com/google/go-github/v38/github" - "github.com/ossf/scorecard/v3/clients" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/clients" + sce "github.com/ossf/scorecard/v4/errors" ) type workflowsHandler struct { diff --git a/clients/localdir/client.go b/clients/localdir/client.go index 47c0a2c9..5634ec42 100644 --- a/clients/localdir/client.go +++ b/clients/localdir/client.go @@ -29,7 +29,7 @@ import ( "go.uber.org/zap" - clients "github.com/ossf/scorecard/v3/clients" + clients "github.com/ossf/scorecard/v4/clients" ) var errInputRepoType = errors.New("input repo should be of type repoLocal") diff --git a/clients/localdir/client_test.go b/clients/localdir/client_test.go index 180edd64..9fb05094 100644 --- a/clients/localdir/client_test.go +++ b/clients/localdir/client_test.go @@ -25,7 +25,7 @@ import ( "github.com/google/go-cmp/cmp/cmpopts" "go.uber.org/zap/zapcore" - "github.com/ossf/scorecard/v3/clients/githubrepo" + "github.com/ossf/scorecard/v4/clients/githubrepo" ) func TestClient_CreationAndCaching(t *testing.T) { diff --git a/clients/localdir/repo.go b/clients/localdir/repo.go index 479329fc..92ee28c7 100644 --- a/clients/localdir/repo.go +++ b/clients/localdir/repo.go @@ -23,7 +23,7 @@ import ( "path" "strings" - clients "github.com/ossf/scorecard/v3/clients" + clients "github.com/ossf/scorecard/v4/clients" ) var ( diff --git a/clients/mockclients/cii_client.go b/clients/mockclients/cii_client.go index a41c9fb6..c1f6b5b8 100644 --- a/clients/mockclients/cii_client.go +++ b/clients/mockclients/cii_client.go @@ -24,7 +24,7 @@ import ( reflect "reflect" gomock "github.com/golang/mock/gomock" - clients "github.com/ossf/scorecard/v3/clients" + clients "github.com/ossf/scorecard/v4/clients" ) // MockCIIBestPracticesClient is a mock of CIIBestPracticesClient interface. diff --git a/clients/mockclients/repo.go b/clients/mockclients/repo.go index ec1d0e33..ad1dac16 100644 --- a/clients/mockclients/repo.go +++ b/clients/mockclients/repo.go @@ -23,7 +23,7 @@ import ( reflect "reflect" gomock "github.com/golang/mock/gomock" - clients "github.com/ossf/scorecard/v3/clients" + clients "github.com/ossf/scorecard/v4/clients" ) // MockRepo is a mock of Repo interface. diff --git a/clients/mockclients/repo_client.go b/clients/mockclients/repo_client.go index 93856f87..c1ff27ff 100644 --- a/clients/mockclients/repo_client.go +++ b/clients/mockclients/repo_client.go @@ -23,7 +23,7 @@ import ( reflect "reflect" gomock "github.com/golang/mock/gomock" - clients "github.com/ossf/scorecard/v3/clients" + clients "github.com/ossf/scorecard/v4/clients" ) // MockRepoClient is a mock of RepoClient interface. diff --git a/clients/mockclients/vulnerabilities.go b/clients/mockclients/vulnerabilities.go index 94a61c42..7f7c53f2 100644 --- a/clients/mockclients/vulnerabilities.go +++ b/clients/mockclients/vulnerabilities.go @@ -24,7 +24,7 @@ import ( reflect "reflect" gomock "github.com/golang/mock/gomock" - clients "github.com/ossf/scorecard/v3/clients" + clients "github.com/ossf/scorecard/v4/clients" ) // MockVulnerabilitiesClient is a mock of VulnerabilitiesClient interface. diff --git a/clients/vulnerabilities.go b/clients/vulnerabilities.go index b82c22a2..760a5581 100644 --- a/clients/vulnerabilities.go +++ b/clients/vulnerabilities.go @@ -20,7 +20,7 @@ import ( "encoding/json" "net/http" - "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/errors" ) const osvQueryEndpoint = "https://api.osv.dev/v1/query" diff --git a/cmd/root.go b/cmd/root.go index 1167a994..e5cc748e 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -30,15 +30,15 @@ import ( "github.com/spf13/cobra" "go.uber.org/zap" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients" - "github.com/ossf/scorecard/v3/clients/githubrepo" - "github.com/ossf/scorecard/v3/clients/localdir" - docs "github.com/ossf/scorecard/v3/docs/checks" - sce "github.com/ossf/scorecard/v3/errors" - "github.com/ossf/scorecard/v3/pkg" - spol "github.com/ossf/scorecard/v3/policy" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients" + "github.com/ossf/scorecard/v4/clients/githubrepo" + "github.com/ossf/scorecard/v4/clients/localdir" + docs "github.com/ossf/scorecard/v4/docs/checks" + sce "github.com/ossf/scorecard/v4/errors" + "github.com/ossf/scorecard/v4/pkg" + spol "github.com/ossf/scorecard/v4/policy" ) var ( diff --git a/cmd/serve.go b/cmd/serve.go index 6b83be2d..39540d22 100644 --- a/cmd/serve.go +++ b/cmd/serve.go @@ -24,10 +24,10 @@ import ( "github.com/spf13/cobra" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients" - "github.com/ossf/scorecard/v3/clients/githubrepo" - "github.com/ossf/scorecard/v3/pkg" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients" + "github.com/ossf/scorecard/v4/clients/githubrepo" + "github.com/ossf/scorecard/v4/pkg" ) //nolint:gochecknoinits diff --git a/cmd/version.go b/cmd/version.go index 8081db88..d12e0650 100644 --- a/cmd/version.go +++ b/cmd/version.go @@ -19,7 +19,7 @@ import ( "github.com/spf13/cobra" - "github.com/ossf/scorecard/v3/pkg" + "github.com/ossf/scorecard/v4/pkg" ) //nolint:gochecknoinits diff --git a/cron/bq/main.go b/cron/bq/main.go index 0f6090e7..f5e03f67 100644 --- a/cron/bq/main.go +++ b/cron/bq/main.go @@ -27,8 +27,8 @@ import ( "google.golang.org/protobuf/encoding/protojson" - "github.com/ossf/scorecard/v3/cron/config" - "github.com/ossf/scorecard/v3/cron/data" + "github.com/ossf/scorecard/v4/cron/config" + "github.com/ossf/scorecard/v4/cron/data" ) type shardSummary struct { diff --git a/cron/cii/main.go b/cron/cii/main.go index 010c648d..b936263f 100644 --- a/cron/cii/main.go +++ b/cron/cii/main.go @@ -23,9 +23,9 @@ import ( "net/http" "strings" - "github.com/ossf/scorecard/v3/clients" - "github.com/ossf/scorecard/v3/cron/config" - "github.com/ossf/scorecard/v3/cron/data" + "github.com/ossf/scorecard/v4/clients" + "github.com/ossf/scorecard/v4/cron/config" + "github.com/ossf/scorecard/v4/cron/data" ) const ciiBaseURL = "https://bestpractices.coreinfrastructure.org/projects.json" diff --git a/cron/controller/main.go b/cron/controller/main.go index 53265bda..a11ea53a 100644 --- a/cron/controller/main.go +++ b/cron/controller/main.go @@ -24,10 +24,10 @@ import ( "google.golang.org/protobuf/encoding/protojson" "google.golang.org/protobuf/types/known/timestamppb" - "github.com/ossf/scorecard/v3/cron/config" - "github.com/ossf/scorecard/v3/cron/data" - "github.com/ossf/scorecard/v3/cron/pubsub" - "github.com/ossf/scorecard/v3/pkg" + "github.com/ossf/scorecard/v4/cron/config" + "github.com/ossf/scorecard/v4/cron/data" + "github.com/ossf/scorecard/v4/cron/pubsub" + "github.com/ossf/scorecard/v4/pkg" ) func publishToRepoRequestTopic(iter data.Iterator, topicPublisher pubsub.Publisher, diff --git a/cron/data/add/main.go b/cron/data/add/main.go index 2e23ff83..d7da4eb4 100644 --- a/cron/data/add/main.go +++ b/cron/data/add/main.go @@ -20,7 +20,7 @@ import ( "fmt" "os" - "github.com/ossf/scorecard/v3/cron/data" + "github.com/ossf/scorecard/v4/cron/data" ) // Script to add new project repositories to the projects.csv file: diff --git a/cron/data/add/main_test.go b/cron/data/add/main_test.go index 5c61fea0..2ee0401d 100644 --- a/cron/data/add/main_test.go +++ b/cron/data/add/main_test.go @@ -22,7 +22,7 @@ import ( "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" - "github.com/ossf/scorecard/v3/cron/data" + "github.com/ossf/scorecard/v4/cron/data" ) func lessThanURI(x, y data.RepoFormat) bool { diff --git a/cron/data/blob.go b/cron/data/blob.go index ccbddc93..0076542f 100644 --- a/cron/data/blob.go +++ b/cron/data/blob.go @@ -27,7 +27,7 @@ import ( // Needed to link in GCP drivers. _ "gocloud.dev/blob/gcsblob" - "github.com/ossf/scorecard/v3/cron/config" + "github.com/ossf/scorecard/v4/cron/config" ) const ( diff --git a/cron/data/iterator.go b/cron/data/iterator.go index ad9ade73..4b5b1f85 100644 --- a/cron/data/iterator.go +++ b/cron/data/iterator.go @@ -22,7 +22,7 @@ import ( "github.com/jszwec/csvutil" - "github.com/ossf/scorecard/v3/clients/githubrepo" + "github.com/ossf/scorecard/v4/clients/githubrepo" ) // Iterator interface is used to iterate through list of input repos for the cron job. diff --git a/cron/data/iterator_test.go b/cron/data/iterator_test.go index c17f3c6d..840fa694 100644 --- a/cron/data/iterator_test.go +++ b/cron/data/iterator_test.go @@ -21,7 +21,7 @@ import ( "github.com/google/go-cmp/cmp" - sce "github.com/ossf/scorecard/v3/errors" + sce "github.com/ossf/scorecard/v4/errors" ) type outcome struct { diff --git a/cron/data/update/dependency.go b/cron/data/update/dependency.go index 14021174..b8cc11c3 100644 --- a/cron/data/update/dependency.go +++ b/cron/data/update/dependency.go @@ -29,8 +29,8 @@ import ( "github.com/google/go-github/v38/github" "golang.org/x/tools/go/vcs" - "github.com/ossf/scorecard/v3/clients/githubrepo" - "github.com/ossf/scorecard/v3/cron/data" + "github.com/ossf/scorecard/v4/clients/githubrepo" + "github.com/ossf/scorecard/v4/cron/data" ) var ( diff --git a/cron/data/update/main.go b/cron/data/update/main.go index d5556a06..7e8eb2e0 100644 --- a/cron/data/update/main.go +++ b/cron/data/update/main.go @@ -19,7 +19,7 @@ import ( "bytes" "os" - "github.com/ossf/scorecard/v3/cron/data" + "github.com/ossf/scorecard/v4/cron/data" ) // Adds "project=${PROJECT},dependency=true" to the repositories metadata. diff --git a/cron/data/validate/main.go b/cron/data/validate/main.go index ae5fcd72..aeb8141b 100644 --- a/cron/data/validate/main.go +++ b/cron/data/validate/main.go @@ -19,7 +19,7 @@ import ( "log" "os" - "github.com/ossf/scorecard/v3/cron/data" + "github.com/ossf/scorecard/v4/cron/data" ) // Validates data.Iterator used by production PubSub cron job. diff --git a/cron/format/json.go b/cron/format/json.go index a2630742..8c54030e 100644 --- a/cron/format/json.go +++ b/cron/format/json.go @@ -24,9 +24,9 @@ import ( "go.uber.org/zap/zapcore" - docs "github.com/ossf/scorecard/v3/docs/checks" - sce "github.com/ossf/scorecard/v3/errors" - "github.com/ossf/scorecard/v3/pkg" + docs "github.com/ossf/scorecard/v4/docs/checks" + sce "github.com/ossf/scorecard/v4/errors" + "github.com/ossf/scorecard/v4/pkg" ) //nolint diff --git a/cron/format/json_test.go b/cron/format/json_test.go index 82e91b57..c0a87f32 100644 --- a/cron/format/json_test.go +++ b/cron/format/json_test.go @@ -26,8 +26,8 @@ import ( "github.com/xeipuuv/gojsonschema" "go.uber.org/zap/zapcore" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/pkg" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/pkg" ) func jsonMockDocRead() *mockDoc { diff --git a/cron/format/mock_doc.go b/cron/format/mock_doc.go index 419d1132..7f7cbf0a 100644 --- a/cron/format/mock_doc.go +++ b/cron/format/mock_doc.go @@ -17,7 +17,7 @@ package format import ( "strings" - docs "github.com/ossf/scorecard/v3/docs/checks" + docs "github.com/ossf/scorecard/v4/docs/checks" ) type mockCheck struct { diff --git a/cron/monitoring/exporter.go b/cron/monitoring/exporter.go index a8b498cd..b5d76972 100644 --- a/cron/monitoring/exporter.go +++ b/cron/monitoring/exporter.go @@ -24,7 +24,7 @@ import ( "contrib.go.opencensus.io/exporter/stackdriver/monitoredresource/gcp" "go.opencensus.io/stats/view" - "github.com/ossf/scorecard/v3/cron/config" + "github.com/ossf/scorecard/v4/cron/config" ) var errorUndefinedExporter = errors.New("unsupported exporterType") diff --git a/cron/pubsub/publisher.go b/cron/pubsub/publisher.go index b5a0c27d..d84d2758 100644 --- a/cron/pubsub/publisher.go +++ b/cron/pubsub/publisher.go @@ -29,7 +29,7 @@ import ( _ "gocloud.dev/pubsub/gcppubsub" "google.golang.org/protobuf/encoding/protojson" - "github.com/ossf/scorecard/v3/cron/data" + "github.com/ossf/scorecard/v4/cron/data" ) var errorPublish = errors.New("total errors when publishing") diff --git a/cron/pubsub/publisher_test.go b/cron/pubsub/publisher_test.go index 1a5997dc..0c9ec24c 100644 --- a/cron/pubsub/publisher_test.go +++ b/cron/pubsub/publisher_test.go @@ -21,7 +21,7 @@ import ( "gocloud.dev/pubsub" - "github.com/ossf/scorecard/v3/cron/data" + "github.com/ossf/scorecard/v4/cron/data" ) type mockSucceedTopic struct{} diff --git a/cron/pubsub/subscriber.go b/cron/pubsub/subscriber.go index 2ae2044d..86ecff60 100644 --- a/cron/pubsub/subscriber.go +++ b/cron/pubsub/subscriber.go @@ -21,7 +21,7 @@ import ( "google.golang.org/protobuf/encoding/protojson" - "github.com/ossf/scorecard/v3/cron/data" + "github.com/ossf/scorecard/v4/cron/data" ) // ErrorInParse indicates there was an error while unmarshalling the protocol buffer message. diff --git a/cron/pubsub/subscriber_gcs.go b/cron/pubsub/subscriber_gcs.go index 2e1835a1..8af766a4 100644 --- a/cron/pubsub/subscriber_gcs.go +++ b/cron/pubsub/subscriber_gcs.go @@ -24,7 +24,7 @@ import ( pubsub "cloud.google.com/go/pubsub/apiv1" pubsubpb "google.golang.org/genproto/googleapis/pubsub/v1" - "github.com/ossf/scorecard/v3/cron/data" + "github.com/ossf/scorecard/v4/cron/data" ) const ( diff --git a/cron/pubsub/subscriber_gocloud.go b/cron/pubsub/subscriber_gocloud.go index 67918cff..b408e1d8 100644 --- a/cron/pubsub/subscriber_gocloud.go +++ b/cron/pubsub/subscriber_gocloud.go @@ -24,7 +24,7 @@ import ( // Needed to link in GCP drivers. _ "gocloud.dev/pubsub/gcppubsub" - "github.com/ossf/scorecard/v3/cron/data" + "github.com/ossf/scorecard/v4/cron/data" ) type receiver interface { diff --git a/cron/pubsub/subscriber_gocloud_test.go b/cron/pubsub/subscriber_gocloud_test.go index 8ba4e228..b9541280 100644 --- a/cron/pubsub/subscriber_gocloud_test.go +++ b/cron/pubsub/subscriber_gocloud_test.go @@ -23,7 +23,7 @@ import ( "google.golang.org/protobuf/encoding/protojson" "google.golang.org/protobuf/proto" - "github.com/ossf/scorecard/v3/cron/data" + "github.com/ossf/scorecard/v4/cron/data" ) var repo1 = "repo1" diff --git a/cron/shuffle/main.go b/cron/shuffle/main.go index b62c9e9a..805b0c18 100644 --- a/cron/shuffle/main.go +++ b/cron/shuffle/main.go @@ -21,7 +21,7 @@ import ( "strconv" "time" - "github.com/ossf/scorecard/v3/cron/data" + "github.com/ossf/scorecard/v4/cron/data" ) func main() { diff --git a/cron/webhook/main.go b/cron/webhook/main.go index 5acc2eb0..3f69121b 100644 --- a/cron/webhook/main.go +++ b/cron/webhook/main.go @@ -26,7 +26,7 @@ import ( "github.com/google/go-containerregistry/pkg/v1/google" "google.golang.org/protobuf/encoding/protojson" - "github.com/ossf/scorecard/v3/cron/data" + "github.com/ossf/scorecard/v4/cron/data" ) const stableTag = "stable" diff --git a/cron/worker/main.go b/cron/worker/main.go index 3be30651..e3c93bc8 100644 --- a/cron/worker/main.go +++ b/cron/worker/main.go @@ -30,20 +30,20 @@ import ( "go.uber.org/zap" "go.uber.org/zap/zapcore" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients" - "github.com/ossf/scorecard/v3/clients/githubrepo" - githubstats "github.com/ossf/scorecard/v3/clients/githubrepo/stats" - "github.com/ossf/scorecard/v3/cron/config" - "github.com/ossf/scorecard/v3/cron/data" - format "github.com/ossf/scorecard/v3/cron/format" - "github.com/ossf/scorecard/v3/cron/monitoring" - "github.com/ossf/scorecard/v3/cron/pubsub" - docs "github.com/ossf/scorecard/v3/docs/checks" - sce "github.com/ossf/scorecard/v3/errors" - "github.com/ossf/scorecard/v3/pkg" - "github.com/ossf/scorecard/v3/stats" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients" + "github.com/ossf/scorecard/v4/clients/githubrepo" + githubstats "github.com/ossf/scorecard/v4/clients/githubrepo/stats" + "github.com/ossf/scorecard/v4/cron/config" + "github.com/ossf/scorecard/v4/cron/data" + format "github.com/ossf/scorecard/v4/cron/format" + "github.com/ossf/scorecard/v4/cron/monitoring" + "github.com/ossf/scorecard/v4/cron/pubsub" + docs "github.com/ossf/scorecard/v4/docs/checks" + sce "github.com/ossf/scorecard/v4/errors" + "github.com/ossf/scorecard/v4/pkg" + "github.com/ossf/scorecard/v4/stats" ) var ignoreRuntimeErrors = flag.Bool("ignoreRuntimeErrors", false, "if set to true any runtime errors will be ignored") diff --git a/docs/checks/impl.go b/docs/checks/impl.go index 3bb4f4bb..b41fcb09 100644 --- a/docs/checks/impl.go +++ b/docs/checks/impl.go @@ -20,8 +20,8 @@ import ( "fmt" "strings" - "github.com/ossf/scorecard/v3/docs/checks/internal" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/docs/checks/internal" + sce "github.com/ossf/scorecard/v4/errors" ) var errCheckNotExist = errors.New("check does not exist") diff --git a/docs/checks/internal/generate/main.go b/docs/checks/internal/generate/main.go index c5d40b26..e2494081 100644 --- a/docs/checks/internal/generate/main.go +++ b/docs/checks/internal/generate/main.go @@ -18,7 +18,7 @@ import ( "os" "sort" - docs "github.com/ossf/scorecard/v3/docs/checks" + docs "github.com/ossf/scorecard/v4/docs/checks" ) func main() { diff --git a/docs/checks/internal/validate/main.go b/docs/checks/internal/validate/main.go index 220cef73..734c2394 100644 --- a/docs/checks/internal/validate/main.go +++ b/docs/checks/internal/validate/main.go @@ -24,8 +24,8 @@ import ( "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" - "github.com/ossf/scorecard/v3/checks" - docs "github.com/ossf/scorecard/v3/docs/checks" + "github.com/ossf/scorecard/v4/checks" + docs "github.com/ossf/scorecard/v4/docs/checks" ) var ( diff --git a/e2e/binary_artifacts_test.go b/e2e/binary_artifacts_test.go index 390d9615..35bc3903 100644 --- a/e2e/binary_artifacts_test.go +++ b/e2e/binary_artifacts_test.go @@ -20,10 +20,10 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients/githubrepo" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients/githubrepo" + scut "github.com/ossf/scorecard/v4/utests" ) // TODO: use dedicated repo that don't change. diff --git a/e2e/branch_protection_test.go b/e2e/branch_protection_test.go index 244f1d77..bffaef41 100644 --- a/e2e/branch_protection_test.go +++ b/e2e/branch_protection_test.go @@ -20,10 +20,10 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients/githubrepo" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients/githubrepo" + scut "github.com/ossf/scorecard/v4/utests" ) var _ = Describe("E2E TEST:"+checks.CheckBranchProtection, func() { diff --git a/e2e/ci_tests_test.go b/e2e/ci_tests_test.go index 668b99e0..a82ccf6a 100644 --- a/e2e/ci_tests_test.go +++ b/e2e/ci_tests_test.go @@ -20,10 +20,10 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients/githubrepo" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients/githubrepo" + scut "github.com/ossf/scorecard/v4/utests" ) var _ = Describe("E2E TEST:"+checks.CheckCITests, func() { diff --git a/e2e/cii_best_practices_test.go b/e2e/cii_best_practices_test.go index 0abc262c..98a3b0f2 100644 --- a/e2e/cii_best_practices_test.go +++ b/e2e/cii_best_practices_test.go @@ -20,11 +20,11 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients" - "github.com/ossf/scorecard/v3/clients/githubrepo" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients" + "github.com/ossf/scorecard/v4/clients/githubrepo" + scut "github.com/ossf/scorecard/v4/utests" ) var _ = Describe("E2E TEST:CIIBestPractices", func() { diff --git a/e2e/code_review_test.go b/e2e/code_review_test.go index b5356852..8da5de5b 100644 --- a/e2e/code_review_test.go +++ b/e2e/code_review_test.go @@ -20,10 +20,10 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients/githubrepo" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients/githubrepo" + scut "github.com/ossf/scorecard/v4/utests" ) // TODO: use dedicated repo that don't change. diff --git a/e2e/contributors_test.go b/e2e/contributors_test.go index 3ea21491..c6b1b712 100644 --- a/e2e/contributors_test.go +++ b/e2e/contributors_test.go @@ -20,10 +20,10 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients/githubrepo" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients/githubrepo" + scut "github.com/ossf/scorecard/v4/utests" ) var _ = Describe("E2E TEST:"+checks.CheckContributors, func() { diff --git a/e2e/dangerous_workflow_test.go b/e2e/dangerous_workflow_test.go index 914983c7..eee7df6c 100644 --- a/e2e/dangerous_workflow_test.go +++ b/e2e/dangerous_workflow_test.go @@ -19,10 +19,10 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients/githubrepo" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients/githubrepo" + scut "github.com/ossf/scorecard/v4/utests" ) var _ = Describe("E2E TEST:"+checks.CheckTokenPermissions, func() { diff --git a/e2e/dependency_update_tool_test.go b/e2e/dependency_update_tool_test.go index 6f9582d9..b77df5f9 100644 --- a/e2e/dependency_update_tool_test.go +++ b/e2e/dependency_update_tool_test.go @@ -20,10 +20,10 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients/githubrepo" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients/githubrepo" + scut "github.com/ossf/scorecard/v4/utests" ) // TODO: use dedicated repo that don't change. diff --git a/e2e/e2e_suite_test.go b/e2e/e2e_suite_test.go index 6d82c000..c1c7fcdd 100644 --- a/e2e/e2e_suite_test.go +++ b/e2e/e2e_suite_test.go @@ -22,7 +22,7 @@ import ( . "github.com/onsi/gomega" "go.uber.org/zap" - "github.com/ossf/scorecard/v3/clients/githubrepo" + "github.com/ossf/scorecard/v4/clients/githubrepo" ) var logger *zap.Logger diff --git a/e2e/executable_test.go b/e2e/executable_test.go index 7b3dbc2b..016cc789 100644 --- a/e2e/executable_test.go +++ b/e2e/executable_test.go @@ -21,7 +21,7 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checks" + "github.com/ossf/scorecard/v4/checks" ) type scorecard struct { diff --git a/e2e/fuzzing_test.go b/e2e/fuzzing_test.go index d2b0ff11..a8342250 100644 --- a/e2e/fuzzing_test.go +++ b/e2e/fuzzing_test.go @@ -20,10 +20,10 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients/githubrepo" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients/githubrepo" + scut "github.com/ossf/scorecard/v4/utests" ) var _ = Describe("E2E TEST:"+checks.CheckFuzzing, func() { diff --git a/e2e/license_test.go b/e2e/license_test.go index c39754e3..7308ec47 100644 --- a/e2e/license_test.go +++ b/e2e/license_test.go @@ -19,10 +19,10 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients/githubrepo" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients/githubrepo" + scut "github.com/ossf/scorecard/v4/utests" ) var _ = Describe("E2E TEST:"+checks.CheckLicense, func() { diff --git a/e2e/maintained_test.go b/e2e/maintained_test.go index b6559f34..e45c3a8e 100644 --- a/e2e/maintained_test.go +++ b/e2e/maintained_test.go @@ -20,10 +20,10 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients/githubrepo" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients/githubrepo" + scut "github.com/ossf/scorecard/v4/utests" ) var _ = Describe("E2E TEST:"+checks.CheckMaintained, func() { diff --git a/e2e/packaging_test.go b/e2e/packaging_test.go index 90a02d75..d64f6cd9 100644 --- a/e2e/packaging_test.go +++ b/e2e/packaging_test.go @@ -20,10 +20,10 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients/githubrepo" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients/githubrepo" + scut "github.com/ossf/scorecard/v4/utests" ) var _ = Describe("E2E TEST:"+checks.CheckPackaging, func() { diff --git a/e2e/permissions_test.go b/e2e/permissions_test.go index e31e5aa8..19f0510a 100644 --- a/e2e/permissions_test.go +++ b/e2e/permissions_test.go @@ -19,10 +19,10 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients/githubrepo" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients/githubrepo" + scut "github.com/ossf/scorecard/v4/utests" ) var _ = Describe("E2E TEST:"+checks.CheckTokenPermissions, func() { diff --git a/e2e/pinned_dependencies_test.go b/e2e/pinned_dependencies_test.go index 7377b922..b59f8f15 100644 --- a/e2e/pinned_dependencies_test.go +++ b/e2e/pinned_dependencies_test.go @@ -19,10 +19,10 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients/githubrepo" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients/githubrepo" + scut "github.com/ossf/scorecard/v4/utests" ) // TODO: use dedicated repo that don't change. diff --git a/e2e/sast_test.go b/e2e/sast_test.go index 7be283af..25017f75 100644 --- a/e2e/sast_test.go +++ b/e2e/sast_test.go @@ -20,10 +20,10 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients/githubrepo" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients/githubrepo" + scut "github.com/ossf/scorecard/v4/utests" ) var _ = Describe("E2E TEST:"+checks.CheckSAST, func() { diff --git a/e2e/security_policy_test.go b/e2e/security_policy_test.go index ae0c412b..be287864 100644 --- a/e2e/security_policy_test.go +++ b/e2e/security_policy_test.go @@ -19,10 +19,10 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients/githubrepo" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients/githubrepo" + scut "github.com/ossf/scorecard/v4/utests" ) var _ = Describe("E2E TEST:SecurityPolicy", func() { diff --git a/e2e/signedreleases_test.go b/e2e/signedreleases_test.go index 87519109..f913c0e3 100644 --- a/e2e/signedreleases_test.go +++ b/e2e/signedreleases_test.go @@ -20,10 +20,10 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients/githubrepo" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients/githubrepo" + scut "github.com/ossf/scorecard/v4/utests" ) var _ = Describe("E2E TEST:"+checks.CheckSignedReleases, func() { diff --git a/e2e/vulnerabilities_test.go b/e2e/vulnerabilities_test.go index 7def2480..68dd0f8d 100644 --- a/e2e/vulnerabilities_test.go +++ b/e2e/vulnerabilities_test.go @@ -20,11 +20,11 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - "github.com/ossf/scorecard/v3/clients" - "github.com/ossf/scorecard/v3/clients/githubrepo" - scut "github.com/ossf/scorecard/v3/utests" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + "github.com/ossf/scorecard/v4/clients" + "github.com/ossf/scorecard/v4/clients/githubrepo" + scut "github.com/ossf/scorecard/v4/utests" ) var _ = Describe("E2E TEST:Vulnerabilities", func() { diff --git a/go.mod b/go.mod index 68b4493f..d15a1b04 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module github.com/ossf/scorecard/v3 +module github.com/ossf/scorecard/v4 go 1.17 diff --git a/main.go b/main.go index 74e1123f..9c9b5959 100644 --- a/main.go +++ b/main.go @@ -15,7 +15,7 @@ // Package main of OSSF Scoreard. package main -import "github.com/ossf/scorecard/v3/cmd" +import "github.com/ossf/scorecard/v4/cmd" func main() { cmd.Execute() diff --git a/pkg/common.go b/pkg/common.go index 7729e4af..c94a1ac1 100644 --- a/pkg/common.go +++ b/pkg/common.go @@ -20,7 +20,7 @@ import ( "go.uber.org/zap/zapcore" - "github.com/ossf/scorecard/v3/checker" + "github.com/ossf/scorecard/v4/checker" ) func textToMarkdown(s string) string { diff --git a/pkg/json.go b/pkg/json.go index 921d491c..1a860d90 100644 --- a/pkg/json.go +++ b/pkg/json.go @@ -21,8 +21,8 @@ import ( "go.uber.org/zap/zapcore" - docs "github.com/ossf/scorecard/v3/docs/checks" - sce "github.com/ossf/scorecard/v3/errors" + docs "github.com/ossf/scorecard/v4/docs/checks" + sce "github.com/ossf/scorecard/v4/errors" ) //nolint diff --git a/pkg/json_raw_results.go b/pkg/json_raw_results.go index a76bf316..6c94320e 100644 --- a/pkg/json_raw_results.go +++ b/pkg/json_raw_results.go @@ -19,8 +19,8 @@ import ( "fmt" "io" - "github.com/ossf/scorecard/v3/checker" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + sce "github.com/ossf/scorecard/v4/errors" ) // Flat JSON structure to hold raw results. diff --git a/pkg/json_test.go b/pkg/json_test.go index 30662029..305869bd 100644 --- a/pkg/json_test.go +++ b/pkg/json_test.go @@ -26,7 +26,7 @@ import ( "github.com/xeipuuv/gojsonschema" "go.uber.org/zap/zapcore" - "github.com/ossf/scorecard/v3/checker" + "github.com/ossf/scorecard/v4/checker" ) func jsonMockDocRead() *mockDoc { diff --git a/pkg/mock_doc.go b/pkg/mock_doc.go index 5a9acf29..5589d949 100644 --- a/pkg/mock_doc.go +++ b/pkg/mock_doc.go @@ -17,7 +17,7 @@ package pkg import ( "strings" - docs "github.com/ossf/scorecard/v3/docs/checks" + docs "github.com/ossf/scorecard/v4/docs/checks" ) type mockCheck struct { diff --git a/pkg/sarif.go b/pkg/sarif.go index d52ae8c4..eb805f4a 100644 --- a/pkg/sarif.go +++ b/pkg/sarif.go @@ -24,11 +24,11 @@ import ( "go.uber.org/zap/zapcore" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/checks" - docs "github.com/ossf/scorecard/v3/docs/checks" - sce "github.com/ossf/scorecard/v3/errors" - spol "github.com/ossf/scorecard/v3/policy" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/checks" + docs "github.com/ossf/scorecard/v4/docs/checks" + sce "github.com/ossf/scorecard/v4/errors" + spol "github.com/ossf/scorecard/v4/policy" ) type text struct { diff --git a/pkg/sarif_test.go b/pkg/sarif_test.go index 36fadf55..30fbb3ff 100644 --- a/pkg/sarif_test.go +++ b/pkg/sarif_test.go @@ -23,8 +23,8 @@ import ( "go.uber.org/zap/zapcore" - "github.com/ossf/scorecard/v3/checker" - spol "github.com/ossf/scorecard/v3/policy" + "github.com/ossf/scorecard/v4/checker" + spol "github.com/ossf/scorecard/v4/policy" ) func sarifMockDocRead() *mockDoc { diff --git a/pkg/scorecard.go b/pkg/scorecard.go index 8b80fbed..d830bb5e 100644 --- a/pkg/scorecard.go +++ b/pkg/scorecard.go @@ -22,9 +22,9 @@ import ( "sync" "time" - "github.com/ossf/scorecard/v3/checker" - "github.com/ossf/scorecard/v3/clients" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + "github.com/ossf/scorecard/v4/clients" + sce "github.com/ossf/scorecard/v4/errors" ) func runEnabledChecks(ctx context.Context, diff --git a/pkg/scorecard_result.go b/pkg/scorecard_result.go index 7dd02ef2..ceb3b68d 100644 --- a/pkg/scorecard_result.go +++ b/pkg/scorecard_result.go @@ -23,9 +23,9 @@ import ( "github.com/olekukonko/tablewriter" "go.uber.org/zap/zapcore" - "github.com/ossf/scorecard/v3/checker" - docs "github.com/ossf/scorecard/v3/docs/checks" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checker" + docs "github.com/ossf/scorecard/v4/docs/checks" + sce "github.com/ossf/scorecard/v4/errors" ) // ScorecardInfo contains information about the scorecard code that was run. diff --git a/policy/policy.go b/policy/policy.go index 0814687a..df7db99a 100644 --- a/policy/policy.go +++ b/policy/policy.go @@ -20,8 +20,8 @@ import ( "gopkg.in/yaml.v3" - "github.com/ossf/scorecard/v3/checks" - sce "github.com/ossf/scorecard/v3/errors" + "github.com/ossf/scorecard/v4/checks" + sce "github.com/ossf/scorecard/v4/errors" ) var ( diff --git a/policy/policy_test.go b/policy/policy_test.go index 3de3c45b..14dcfbef 100644 --- a/policy/policy_test.go +++ b/policy/policy_test.go @@ -19,7 +19,7 @@ import ( "os" "testing" - sce "github.com/ossf/scorecard/v3/errors" + sce "github.com/ossf/scorecard/v4/errors" ) func TestPolicyRead(t *testing.T) { diff --git a/utests/utlib.go b/utests/utlib.go index 25232356..51f09372 100644 --- a/utests/utlib.go +++ b/utests/utlib.go @@ -23,7 +23,7 @@ import ( "github.com/google/go-cmp/cmp" - "github.com/ossf/scorecard/v3/checker" + "github.com/ossf/scorecard/v4/checker" ) // TestReturn encapsulates expected CheckResult return values.