* feature dco requirement more prominently
Signed-off-by: Spencer Schrock <sschrock@google.com>
* recommend merge commits to sync PR
Signed-off-by: Spencer Schrock <sschrock@google.com>
* fix make target table
Signed-off-by: Spencer Schrock <sschrock@google.com>
* remove references to old Go environment variables
GO111MODULE is no longer used as of Go 1.17.
GOPATH is still used for other purposes, but not in 'development mode'.
https://go.dev/wiki/GOPATH
Signed-off-by: Spencer Schrock <sschrock@google.com>
* misc minor clarifications
Signed-off-by: Spencer Schrock <sschrock@google.com>
* remove reference to errors from CONTRIBUTORS.md
I don't think this is one of the top things we should be displaying to someone
Signed-off-by: Spencer Schrock <sschrock@google.com>
* mention make in environment
Signed-off-by: Spencer Schrock <sschrock@google.com>
* no scopes needed for PATs
Signed-off-by: Spencer Schrock <sschrock@google.com>
* highlight other scorecard options
Signed-off-by: Spencer Schrock <sschrock@google.com>
* allow shell codeblocks to be pasted into a shell
the comment style was wrong and the $ was interpretted as a command.
Signed-off-by: Spencer Schrock <sschrock@google.com>
---------
Signed-off-by: Spencer Schrock <sschrock@google.com>
* Continue on error detecting OS
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Add tests for error detecting OS
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Add ElementError to identify elements that errored
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Add Incomplete field to PinningDependenciesData
Will store all errors handled during analysis, which may lead to incomplete results.
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Register job steps that errored out
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Add tests that incomplete steps are caught
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Add warnings to details about incomplete steps
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Add tests that incomplete steps generate warnings
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Register shell files skipped due to parser errors
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Add tests showing when parser errors affect analysis
Dockerfile pinning is not affected.
Everything in a 'broken' Dockerfile RUN block is ignored
Everything in a 'broken' shell script is ignored
testdata/script-invalid.sh modified to demonstrate the above
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Incomplete results logged as Info, not Warn
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Remove `Type` from logging of incomplete results
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Update tests after rebase
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Add Unwrap for ElementError, improve its docs
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Add ElementError case to evaluation unit test
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Move ElementError to checker/raw_result
checker/raw_result defines types used to describe analysis results.
ElementError is meant to describe potential flaws in the analysis
and is therefore a sort of analysis result itself.
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Use finding.Location for ElementError.Element
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Use an ElementError for script parser errors
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Replace .Incomplete []error with .ProcessingErrors []ElementError
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Adopt from reviewer comments
- Replace ElementError's `Element *finding.Location`
with `Location finding.Location`
- Rename ErrorJobOSParsing to ErrJobOSParsing to satisfy linter
- Fix unit test
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
---------
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
- Add tests for the `CreateInternal` and `WithMessage`/`GetName` functions
- Add license headers to `internal_test.go` and `public_test.go` files
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
