scorecard/checks/security_policy.go
Azeem Shaikh be8aa3d713
Export registered check names (#518)
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-05-27 14:54:34 -07:00

60 lines
1.8 KiB
Go

// Copyright 2020 Security Scorecard Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package checks
import (
"strings"
"github.com/ossf/scorecard/checker"
)
// CheckSecurityPolicy is the registred name for SecurityPolicy.
const CheckSecurityPolicy = "Security-Policy"
//nolint:gochecknoinits
func init() {
registerCheck(CheckSecurityPolicy, SecurityPolicy)
}
func SecurityPolicy(c *checker.CheckRequest) checker.CheckResult {
// check repository for repository-specific policy
onFile := func(name string, logf func(s string, f ...interface{})) (bool, error) {
if strings.EqualFold(name, "security.md") {
logf("security policy : %s", name)
return true, nil
}
return false, nil
}
result := CheckIfFileExists(CheckSecurityPolicy, c, onFile)
if result.Pass {
return result
}
// checking for community default within the .github folder
// https://docs.github.com/en/github/building-a-strong-community/creating-a-default-community-health-file
dotGitHub := c
dotGitHub.Repo = ".github"
onFile = func(name string, logf func(s string, f ...interface{})) (bool, error) {
if strings.EqualFold(name, "security.md") {
logf("security policy within .github folder : %s", name)
return true, nil
}
return false, nil
}
return CheckIfFileExists(CheckSecurityPolicy, dotGitHub, onFile)
}