From cf09e1922c7ab2a9f6db5b050db2797e88bf865b Mon Sep 17 00:00:00 2001 From: Josie Anugerah Date: Thu, 6 Jun 2024 14:09:29 +1000 Subject: [PATCH] rename PackageOverrides --- fixtures/testdatainner/osv-scanner.toml | 4 +-- .../__snapshots__/integration_test.snap | 21 ++++++------ pkg/config/config.go | 26 +++++++-------- pkg/config/config_internal_test.go | 32 +++++++++---------- .../vulnerability_result_internal_test.go | 2 +- 5 files changed, 43 insertions(+), 42 deletions(-) diff --git a/fixtures/testdatainner/osv-scanner.toml b/fixtures/testdatainner/osv-scanner.toml index 52b1a667e7..f9be2c0f2e 100644 --- a/fixtures/testdatainner/osv-scanner.toml +++ b/fixtures/testdatainner/osv-scanner.toml @@ -8,7 +8,7 @@ id = "GO-2022-1059" # ignoreUntil = 2022-11-09 # Optional exception expiry date # reason = "" # Optional reason -[[PackageVersions]] +[[PackageOverrides]] name = "lib" version = "1.0.0" ecosystem = "Go" @@ -16,7 +16,7 @@ ignore = true # effectiveUntil = 2022-11-09 # Optional exception expiry date reason = "abc" -[[PackageVersions]] +[[PackageOverrides]] name = "my-pkg" version = "1.0.0" ecosystem = "Go" diff --git a/internal/sourceanalysis/__snapshots__/integration_test.snap b/internal/sourceanalysis/__snapshots__/integration_test.snap index 7ceccb1441..c119cd546d 100755 --- a/internal/sourceanalysis/__snapshots__/integration_test.snap +++ b/internal/sourceanalysis/__snapshots__/integration_test.snap @@ -1,3 +1,4 @@ + [Test_runGovulncheck - 1] { "GO-2021-0053": [ @@ -124,7 +125,7 @@ "position": { "filename": "\u003cAny value\u003e", "offset": -1, - "line": 839, + "line": 840, "column": 21 } }, @@ -137,7 +138,7 @@ "position": { "filename": "\u003cAny value\u003e", "offset": -1, - "line": 1038, + "line": 1039, "column": 24 } }, @@ -149,7 +150,7 @@ "position": { "filename": "\u003cAny value\u003e", "offset": -1, - "line": 430, + "line": 429, "column": 21 } }, @@ -161,7 +162,7 @@ "position": { "filename": "\u003cAny value\u003e", "offset": -1, - "line": 389, + "line": 388, "column": 19 } }, @@ -174,7 +175,7 @@ "position": { "filename": "\u003cAny value\u003e", "offset": -1, - "line": 1002, + "line": 1003, "column": 19 } }, @@ -187,7 +188,7 @@ "position": { "filename": "\u003cAny value\u003e", "offset": -1, - "line": 1670, + "line": 1675, "column": 17 } }, @@ -200,7 +201,7 @@ "position": { "filename": "\u003cAny value\u003e", "offset": -1, - "line": 2015, + "line": 2045, "column": 18 } }, @@ -213,7 +214,7 @@ "position": { "filename": "\u003cAny value\u003e", "offset": -1, - "line": 3086, + "line": 3285, "column": 3 } }, @@ -226,7 +227,7 @@ "position": { "filename": "\u003cAny value\u003e", "offset": -1, - "line": 2985, + "line": 3184, "column": 18 } }, @@ -238,7 +239,7 @@ "position": { "filename": "\u003cAny value\u003e", "offset": -1, - "line": 3239, + "line": 3438, "column": 30 } }, diff --git a/pkg/config/config.go b/pkg/config/config.go index 814b501251..cff4e40b6f 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -23,10 +23,10 @@ type ConfigManager struct { } type Config struct { - IgnoredVulns []IgnoreEntry `toml:"IgnoredVulns"` - PackageVersions []PackageVersionEntry `toml:"PackageVersions"` - LoadPath string `toml:"LoadPath"` - GoVersionOverride string `toml:"GoVersionOverride"` + IgnoredVulns []IgnoreEntry `toml:"IgnoredVulns"` + PackageOverrides []PackageOverrideEntry `toml:"PackageOverrides"` + LoadPath string `toml:"LoadPath"` + GoVersionOverride string `toml:"GoVersionOverride"` } type IgnoreEntry struct { @@ -35,7 +35,7 @@ type IgnoreEntry struct { Reason string `toml:"reason"` } -type PackageVersionEntry struct { +type PackageOverrideEntry struct { Name string `toml:"name"` // If the version is empty, the entry applies to all versions. Version string `toml:"version"` @@ -60,8 +60,8 @@ func (c *Config) ShouldIgnore(vulnID string) (bool, IgnoreEntry) { return shouldIgnoreTimestamp(ignoredLine.IgnoreUntil), ignoredLine } -func (c *Config) filterPackageVersionEntries(name string, version string, ecosystem string, condition func(PackageVersionEntry) bool) (bool, PackageVersionEntry) { - index := slices.IndexFunc(c.PackageVersions, func(e PackageVersionEntry) bool { +func (c *Config) filterPackageVersionEntries(name string, version string, ecosystem string, condition func(PackageOverrideEntry) bool) (bool, PackageOverrideEntry) { + index := slices.IndexFunc(c.PackageOverrides, func(e PackageOverrideEntry) bool { if ecosystem != e.Ecosystem || name != e.Name { return false } @@ -69,21 +69,21 @@ func (c *Config) filterPackageVersionEntries(name string, version string, ecosys return (version == e.Version || e.Version == "") && condition(e) }) if index == -1 { - return false, PackageVersionEntry{} + return false, PackageOverrideEntry{} } - ignoredLine := c.PackageVersions[index] + ignoredLine := c.PackageOverrides[index] return shouldIgnoreTimestamp(ignoredLine.EffectiveUntil), ignoredLine } -func (c *Config) ShouldIgnorePackageVersion(name, version, ecosystem string) (bool, PackageVersionEntry) { - return c.filterPackageVersionEntries(name, version, ecosystem, func(e PackageVersionEntry) bool { +func (c *Config) ShouldIgnorePackageVersion(name, version, ecosystem string) (bool, PackageOverrideEntry) { + return c.filterPackageVersionEntries(name, version, ecosystem, func(e PackageOverrideEntry) bool { return e.Ignore }) } -func (c *Config) ShouldOverridePackageVersionLicense(name, version, ecosystem string) (bool, PackageVersionEntry) { - return c.filterPackageVersionEntries(name, version, ecosystem, func(e PackageVersionEntry) bool { +func (c *Config) ShouldOverridePackageVersionLicense(name, version, ecosystem string) (bool, PackageOverrideEntry) { + return c.filterPackageVersionEntries(name, version, ecosystem, func(e PackageOverrideEntry) bool { return len(e.License.Override) > 0 }) } diff --git a/pkg/config/config_internal_test.go b/pkg/config/config_internal_test.go index 0381042356..4663933e10 100644 --- a/pkg/config/config_internal_test.go +++ b/pkg/config/config_internal_test.go @@ -27,7 +27,7 @@ func TestTryLoadConfig(t *testing.T) { ID: "GO-2022-1059", }, }, - PackageVersions: []PackageVersionEntry{ + PackageOverrides: []PackageOverrideEntry{ { Name: "lib", Version: "1.0.0", @@ -88,7 +88,7 @@ func TestTryLoadConfig(t *testing.T) { if !cmp.Equal(config.IgnoredVulns, testData.config.IgnoredVulns) { t.Errorf("Configs not equal: %+v != %+v", config, testData.config) } - if !cmp.Equal(config.PackageVersions, testData.config.PackageVersions) { + if !cmp.Equal(config.PackageOverrides, testData.config.PackageOverrides) { t.Errorf("Configs not equal: %+v != %+v", config, testData.config) } if testData.configHasErr { @@ -227,12 +227,12 @@ func TestConfig_ShouldIgnorePackageVersion(t *testing.T) { config Config args args wantOk bool - wantEntry PackageVersionEntry + wantEntry PackageOverrideEntry }{ { name: "Version-level entry exists", config: Config{ - PackageVersions: []PackageVersionEntry{ + PackageOverrides: []PackageOverrideEntry{ { Name: "lib1", Version: "1.0.0", @@ -249,7 +249,7 @@ func TestConfig_ShouldIgnorePackageVersion(t *testing.T) { ecosystem: "Go", }, wantOk: true, - wantEntry: PackageVersionEntry{ + wantEntry: PackageOverrideEntry{ Name: "lib1", Version: "1.0.0", Ecosystem: "Go", @@ -261,7 +261,7 @@ func TestConfig_ShouldIgnorePackageVersion(t *testing.T) { { name: "Package-level entry exists", config: Config{ - PackageVersions: []PackageVersionEntry{ + PackageOverrides: []PackageOverrideEntry{ { Name: "lib1", Ecosystem: "Go", @@ -277,7 +277,7 @@ func TestConfig_ShouldIgnorePackageVersion(t *testing.T) { ecosystem: "Go", }, wantOk: true, - wantEntry: PackageVersionEntry{ + wantEntry: PackageOverrideEntry{ Name: "lib1", Ecosystem: "Go", Ignore: true, @@ -288,7 +288,7 @@ func TestConfig_ShouldIgnorePackageVersion(t *testing.T) { { name: "Entry doesn't exist", config: Config{ - PackageVersions: []PackageVersionEntry{ + PackageOverrides: []PackageOverrideEntry{ { Name: "lib1", Version: "2.0.0", @@ -313,7 +313,7 @@ func TestConfig_ShouldIgnorePackageVersion(t *testing.T) { ecosystem: "Go", }, wantOk: false, - wantEntry: PackageVersionEntry{}, + wantEntry: PackageOverrideEntry{}, }, } @@ -346,12 +346,12 @@ func TestConfig_ShouldOverridePackageVersionLicense(t *testing.T) { config Config args args wantOk bool - wantEntry PackageVersionEntry + wantEntry PackageOverrideEntry }{ { name: "Exact version entry exists", config: Config{ - PackageVersions: []PackageVersionEntry{ + PackageOverrides: []PackageOverrideEntry{ { Name: "lib1", Version: "1.0.0", @@ -369,7 +369,7 @@ func TestConfig_ShouldOverridePackageVersionLicense(t *testing.T) { ecosystem: "Go", }, wantOk: true, - wantEntry: PackageVersionEntry{ + wantEntry: PackageOverrideEntry{ Name: "lib1", Version: "1.0.0", Ecosystem: "Go", @@ -382,7 +382,7 @@ func TestConfig_ShouldOverridePackageVersionLicense(t *testing.T) { { name: "Version entry doesn't exist", config: Config{ - PackageVersions: []PackageVersionEntry{ + PackageOverrides: []PackageOverrideEntry{ { Name: "lib1", Version: "1.0.0", @@ -400,12 +400,12 @@ func TestConfig_ShouldOverridePackageVersionLicense(t *testing.T) { ecosystem: "Go", }, wantOk: false, - wantEntry: PackageVersionEntry{}, + wantEntry: PackageOverrideEntry{}, }, { name: "Name matches", config: Config{ - PackageVersions: []PackageVersionEntry{ + PackageOverrides: []PackageOverrideEntry{ { Name: "lib1", Ecosystem: "Go", @@ -422,7 +422,7 @@ func TestConfig_ShouldOverridePackageVersionLicense(t *testing.T) { ecosystem: "Go", }, wantOk: true, - wantEntry: PackageVersionEntry{ + wantEntry: PackageOverrideEntry{ Name: "lib1", Ecosystem: "Go", License: License{ diff --git a/pkg/osvscanner/vulnerability_result_internal_test.go b/pkg/osvscanner/vulnerability_result_internal_test.go index cb2aedd2c0..a26ceed90f 100644 --- a/pkg/osvscanner/vulnerability_result_internal_test.go +++ b/pkg/osvscanner/vulnerability_result_internal_test.go @@ -167,7 +167,7 @@ func Test_assembleResult(t *testing.T) { }, config: &config.ConfigManager{ OverrideConfig: &config.Config{ - PackageVersions: []config.PackageVersionEntry{ + PackageOverrides: []config.PackageOverrideEntry{ { Name: "pkg-3", Ecosystem: "npm",