laurentsimon
70770e4501
✨ Feat/deps msg ( #513 )
...
* ignore testdata/ files
* fix
* comments
* typo
* more specific messages
2021-05-26 17:54:37 -07:00
Chris McGehee
6b63f3f963
🌱 Fix lint issues: Replace golint with revive ( #493 )
...
* Fix lint issues: Replace golint with revive
golint is deprecated and recommended to be replaced with revive
* Updating comments to be more accurate
* Updating comments again
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-05-24 11:34:33 -07:00
Chris McGehee
61ecad3151
Add new linter: gci ( #498 )
2021-05-23 20:51:52 -07:00
Chris McGehee
2e7a71fbf2
Fix lint issues: goerr113 linter ( #491 )
...
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-05-22 12:36:47 -07:00
Chris McGehee
26d17907a6
Fix lint issues: stylecheck linter ( #487 )
...
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-05-22 17:45:32 +00:00
Chris McGehee
35fece6491
Fix lint issues: lll linter ( #486 )
2021-05-22 17:29:18 +00:00
Chris McGehee
50f7ed8519
🌱 Fix lint issues: gochecknoinits linter ( #485 )
...
* Fix lint issues: gochecknoinits linter
* Fix lint issues: gochecknoinits linter
2021-05-22 13:19:52 -04:00
Chris McGehee
f996065e40
Fix lint issues: gomnd linter
2021-05-22 01:09:09 -05:00
laurentsimon
eb0af441d1
✨ [Frozen-deps]: Ignore testdata/ files ( #481 )
...
* ignore testdata/ files
* fix
* comments
* typo
* fix
* typo
2021-05-21 08:45:55 -07:00
laurentsimon
78933ac2f4
ignore scratch frm dockerfile imports
2021-05-20 13:23:27 -05:00
Chris McGehee
e75a9e19f9
Fix lint issues: govet linter ( #478 )
...
Reordering fields reduces struct size in memory
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-05-19 23:38:58 -07:00
laurentsimon
ee3f290702
✨ Add check for Docker dependency pinning by hash ( #469 )
...
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check dependencies pinning in docker files
* check docker files hash pinning
* remove logging
* make keyword matches case-insensitive
* remove log
* update unit tests
* check fix
* check dependencies pinning in docker files
* check docker files hash pinning
* remove logging
* remove log
* check fix
* comment
* linter
* commments
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check dependencies pinning in docker files
* check docker files hash pinning
* check fix
* check dependencies pinning in docker files
* check docker files hash pinning
* remove logging
* make keyword matches case-insensitive
* remove log
* check fix
* comment
* commments
* comments
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check dependencies pinning in docker files
* check docker files hash pinning
* remove logging
* make keyword matches case-insensitive
* check fix
* check dependencies pinning in docker files
* check docker files hash pinning
* check fix
* commments
* comments
* comments
* comments
* update mod
* remove continue keyword
* linter
* linter
* linter
* comments
* cleanup
* linter
* typos
* typos
2021-05-19 09:46:39 -07:00
Abhishek Arya
5f82d2b9c0
✨ Add checks for workflow action pinning ( #466 )
...
Patch by Laurent Simon <laurentsimon@google.com>
Co-authored-by: Laurent Simon <laurentsimon@google.com>
2021-05-17 13:03:39 -07:00
laurentsimon
e46016d244
📖 Add more detailed doc for checks ( #453 )
...
* More detailed doc
* comment
2021-05-14 17:05:59 -07:00
Chris McGehee
fc82659e9c
🌱 Fix lint issues: gocognit linter ( #433 )
...
* Fix lint issues: gocognit linter
Before refactoring, CITests had a cognitive complexity of 51
(the upper limit is 30)
* Fix lint issues: gocognit linter
Addressing feedback
* Fix lint issues: gocognit linter
Before refactoring IsBranchProtected had a complexity of 33 (upper limit is 30)
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-05-14 15:41:50 -04:00
Chris McGehee
3359f601cd
Fix lint issues: nolintlint linter
...
The nestif directive was not being used
2021-05-13 09:31:56 -05:00
Chris McGehee
566f938364
Fix lint issues: dupl linter ( #448 )
...
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-05-13 11:58:57 +00:00
laurentsimon
e616cc3161
❇️ Add sub-checks to Branch-Protection check ( #436 )
...
* Add sub-checks to Branch-Protection check
* run gofumpt
* comments
* comments
* typo
* comments
* comments
2021-05-11 18:26:27 -07:00
Laurent Simon
feafbf2610
Fix segfault issue #419
2021-05-07 20:30:22 -05:00
naveen
997b8f4a5d
📖 Update branch protection API
...
* Included need for admin access to the branch protection api to work.
* Fixes #350
2021-05-03 11:02:19 -05:00
naveen
09af32a993
✨ Generate docs using go instead of python
...
* Implemented the doc generation from python to go
* Removed the need for json
* Sorted the output of the generated markdown
2021-05-02 19:46:07 -05:00
Chris McGehee
6a7142fe21
Fix lint issues: golint linter
2021-05-02 14:49:40 -05:00
Chris McGehee
c97b4e7b38
Fix lint issues: gofumpt linter
...
The previous commit that made the gofumpt fixes caused a new lint
violation for the dupl linter. Since these are test cases, we will add
nolint for these.
2021-05-02 13:18:19 -05:00
Chris McGehee
8402e6d9d0
Fix lint issues: gofumpt linter
2021-05-02 13:18:19 -05:00
Chris McGehee
83a0fbd5eb
Fix lint issues: noctx linter
2021-05-02 11:59:39 -05:00
Chris McGehee
5151e8c301
Fix lint issues: nestif linter
2021-05-02 11:41:31 -05:00
Chris McGehee
4c6b500dea
Fix lint issues: lll linter
2021-05-02 11:18:26 -05:00
Chris McGehee
87b5a6a922
Fix lint issues: godot linter
2021-05-02 11:14:01 -05:00
Chris McGehee
06993b72ce
🐛 Fix linting issues (1 of n) ( #348 )
...
* Fix lint issues: whitespace linter
* Fix lint issues: wrapcheck linter
* Fix lint issues: errcheck linter
* Fix lint issues: paralleltest linter
* Fix lint issues: gocritic linter
Most changes from this commit are from passing checker.CheckResult by reference and not by value. gocritic identified that as a huge parameter.
gocritic also prefers regexp.MustCompile over Compile when the pattern is a const
2021-04-19 12:18:34 -07:00
Oliver Chang
df27afd3b3
✨ Make checks documentation machine readable. ( #345 )
...
* ✨ Make checks documentation machine readable.
Make checks.yaml as a machine and human readable source of truth of
checks documentation.
A tiny Python script is also added to generate checks.json and checks.md
from this file.
* move checks scripts and files
2021-04-16 11:15:56 -07:00
Azeem Shaikh
a58818d258
🌱 : Reduce code duplication for follow-up cron refactoring ( #338 )
...
* ✨ Refactor to reduce code duplication
* ✨
* Move lib/ back to checker/
* Move lib/ back to checker/
* Move lib/ back to checker/
* Address PR comments.
* Addressing PR comments.
* Avoid printing `ShouldRetry` and `Error` in output JSON.
* Fix JSON output.
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-04-10 07:26:56 -05:00
Naveen
4b4d0f0a01
Fix - out of memory error for large repository ( #276 )
...
The httpcache client caches everything in memory and if the repository
is large then the process gets evicted with oom.
Changed the implementation to use the standard http client to fetch the
tarball.
2021-03-14 21:50:17 -04:00
Edoardo Tenani
7f7c9fcb89
contributors: use go-github org API ( #228 )
...
Replace direct call to HTTP URL with appropriate go-github API call.
Closes #175
2021-03-01 16:24:18 -08:00
naveen
c2ff48dc59
feat-Reduced GitHub API calls for security check
...
Reduced the number of calls to GitHub API from 16 to max of 2 calls.
Utilized tar ball to download and check for the contents of those files.
2021-02-25 21:55:54 -05:00
nathannaveen
1a00062a09
Fix - golangci issues gomnd, goconst
...
Fixed the golangci issues for gomnd and goconst.
Added ginkgo dependency in the makefile.
2021-02-17 18:22:18 -05:00
Nathan
554ca76bfe
Fix - golangci issues gomnd, goconst
...
Fixed the golangci issues for gomnd and goconst.
Added ginkgo dependency in the makefile.
2021-02-17 18:22:18 -05:00
Naveen
30d69310c6
Fix - Organization checks for members ( #170 )
...
* Fix - Organization checks for members
* Fix - Turn off automatic releasenotes generation
Turn off automatic release notes for CII https://bestpractices.coreinfrastructure.org/
* Fix - Organization checks for members
2021-02-14 10:46:14 -05:00
naveen
4bdc158018
Fix - packging workflow for docker push
2021-02-12 21:16:44 -05:00
Abhishek Arya
ad7cc4a951
Add colon before sha.
2021-02-12 14:26:54 -05:00
naveen
2ad8b35b91
Fixes - verifiedtag checks
...
The reason the tags aren't working for certain repositories is that because the Lightweight Tags
vs Annotated Tags
>Basically, lightweight tags are just pointers to specific commits. No further information is saved;
on the other hand, annotated tags are regular objects, which have an author and a
date and can be referred because they have their own SHA key.
https://api.github.com/repos/ossf/scorecard/git/refs/tags
```
[
{
"ref": "refs/tags/v1.0.0",
"node_id": "MDM6UmVmMzAyNjcwNzk3OnJlZnMvdGFncy92MS4wLjA=",
"url": "https://api.github.com/repos/ossf/scorecard/git/refs/tags/v1.0.0 ",
"object": {
"sha": "87997ffb5724cb479223a08a2890c60b0ea4bfbd",
"type": "commit",
"url": "87997ffb57
"
}
},
{
"ref": "refs/tags/v1.1.0",
"node_id": "MDM6UmVmMzAyNjcwNzk3OnJlZnMvdGFncy92MS4xLjA=",
"url": "https://api.github.com/repos/ossf/scorecard/git/refs/tags/v1.1.0 ",
"object": {
"sha": "f2c633854602cf0c8f33164a169fb0a8454bee01",
"type": "tag",
"url": "f2c6338546
"
}
}
]
```
Annotated tags
https://api.github.com/repos/kubernetes/kubernetes/git/refs/tags
```
[
{
"ref": "refs/tags/v0.2",
"node_id": "MDM6UmVmMjA1ODA0OTg6cmVmcy90YWdzL3YwLjI=",
"url": "https://api.github.com/repos/kubernetes/kubernetes/git/refs/tags/v0.2 ",
"object": {
"sha": "64dbf9ae21dd0deb485f88b79b96eb35ca855138",
"type": "tag",
"url": "64dbf9ae21
"
}
}
]
```
The look for the tag fails because of there isn't a tag object but only a commit object.
87997ffb57
fixes #107
2021-02-12 14:26:54 -05:00
naveen
0d77d8938f
Fix - tarball URL trailing slash
...
Fixed the tarball URL trailing slash which was causing Frozen-Dep checks
to fail.
2021-02-02 16:04:28 -05:00
naveen
93373f7787
Fixes - Incorrect result for branch protection
2021-01-26 18:39:12 -05:00
Abhishek Arya
09b83b9bf1
Fixes
...
- Fix nil exception in packaging on https://github.com/OSGeo/gdal
- Add jenkins ci in ci tests, tested on https://github.com/jenkinsci/jenkins
- Generalize function name in code review check.
2021-01-24 18:36:36 -05:00
naveen
33e9189d79
fix - panic on nil
...
Fixed the panic by doing a nil check. Fixes #135
2021-01-18 16:11:36 -05:00
Abhishek Arya
c00aa4b606
Add e2e tests for remaining checks.
2021-01-15 15:24:04 -05:00
Abhishek Arya
bcaa2e77f9
Lint fix.
2021-01-15 13:44:52 -05:00
Abhishek Arya
b5096bff45
Fix backslash.
2021-01-15 13:44:52 -05:00
Abhishek Arya
b278475af0
Fix CodeQL failure.
2021-01-15 13:44:52 -05:00
Abhishek Arya
dc8d1fecb9
Add packaging check.
2021-01-15 13:44:52 -05:00
Naveen
7b740ce470
fix - Handle nil structs in branch protection ( #124 )
...
Handle structs that could be nil while checking for branch protection.
2021-01-07 08:54:57 -08:00