From a3299caef25b58ad7da391dfc7e1d03a9ed7baae Mon Sep 17 00:00:00 2001 From: Naveen <172697+naveensrinivasan@users.noreply.github.com> Date: Thu, 5 Oct 2023 14:23:07 -0700 Subject: [PATCH] Update packages for slices import (#1356) - Replace `golang.org/x/exp/slices` with `slices` import Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com> --- cmd/guacgql/cmd/server.go | 7 +- .../backends/arangodb/artifact_test.go | 2 +- .../backends/arangodb/builder_test.go | 8 +- .../backends/arangodb/hashEqual_test.go | 2 +- pkg/assembler/backends/arangodb/pkg_test.go | 2 +- pkg/assembler/backends/arangodb/src_test.go | 8 +- .../backends/arangodb/vulnerability_test.go | 3 +- .../backends/ent/backend/hashequal_test.go | 2 +- .../backends/ent/backend/license_test.go | 8 +- pkg/assembler/backends/ent/backend/package.go | 3 +- .../backends/ent/backend/pkgequal_test.go | 18 +-- .../ent/backend/vulnerability_test.go | 33 ++-- .../backends/inmem/certifyBad_test.go | 54 +++---- .../backends/inmem/certifyGood_test.go | 46 +++--- pkg/assembler/backends/inmem/certifyLegal.go | 41 ++--- .../backends/inmem/certifyLegal_test.go | 35 +++-- .../backends/inmem/certifyScorecard_test.go | 16 +- .../inmem/certifyVEXStatement_test.go | 20 +-- .../backends/inmem/certifyVuln_test.go | 30 ++-- .../backends/inmem/hasMetadata_test.go | 2 +- pkg/assembler/backends/inmem/hasSBOM_test.go | 14 +- pkg/assembler/backends/inmem/hasSLSA.go | 43 +++--- pkg/assembler/backends/inmem/hasSLSA_test.go | 35 +++-- .../backends/inmem/hasSourceAt_test.go | 18 +-- pkg/assembler/backends/inmem/hashEqual.go | 26 ++-- .../backends/inmem/hashEqual_test.go | 18 +-- .../backends/inmem/isDependency_test.go | 23 ++- .../backends/inmem/isOccurrence_test.go | 102 ++++++------ pkg/assembler/backends/inmem/license_test.go | 8 +- pkg/assembler/backends/inmem/pkgEqual.go | 27 ++-- pkg/assembler/backends/inmem/pkgEqual_test.go | 18 +-- .../backends/inmem/pointOfContact_test.go | 2 +- pkg/assembler/backends/inmem/vulnEqual.go | 27 ++-- .../backends/inmem/vulnEqual_test.go | 146 +++++++++--------- .../backends/inmem/vulnMetadata_test.go | 30 ++-- .../backends/inmem/vulnerability_test.go | 34 ++-- pkg/ingestor/parser/common/license.go | 2 +- pkg/ingestor/parser/spdx/parse_spdx.go | 2 +- 38 files changed, 484 insertions(+), 431 deletions(-) diff --git a/cmd/guacgql/cmd/server.go b/cmd/guacgql/cmd/server.go index 2f5009768c..f367865f88 100644 --- a/cmd/guacgql/cmd/server.go +++ b/cmd/guacgql/cmd/server.go @@ -21,16 +21,13 @@ import ( "net/http" "os" "os/signal" + "slices" "syscall" "time" "github.com/99designs/gqlgen/graphql/handler" "github.com/99designs/gqlgen/graphql/handler/debug" "github.com/99designs/gqlgen/graphql/playground" - "github.com/spf13/cobra" - "golang.org/x/exp/maps" - "golang.org/x/exp/slices" - "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/backends/arangodb" _ "github.com/guacsec/guac/pkg/assembler/backends/inmem" @@ -39,6 +36,8 @@ import ( "github.com/guacsec/guac/pkg/assembler/graphql/generated" "github.com/guacsec/guac/pkg/assembler/graphql/resolvers" "github.com/guacsec/guac/pkg/logging" + "github.com/spf13/cobra" + "golang.org/x/exp/maps" ) const ( diff --git a/pkg/assembler/backends/arangodb/artifact_test.go b/pkg/assembler/backends/arangodb/artifact_test.go index d4a7d986d8..315bf817ce 100644 --- a/pkg/assembler/backends/arangodb/artifact_test.go +++ b/pkg/assembler/backends/arangodb/artifact_test.go @@ -19,13 +19,13 @@ package arangodb import ( "context" + "slices" "strings" "testing" "github.com/google/go-cmp/cmp" "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) // TODO (pxp928): add tests back in when implemented diff --git a/pkg/assembler/backends/arangodb/builder_test.go b/pkg/assembler/backends/arangodb/builder_test.go index 010f7dff71..b29272d71d 100644 --- a/pkg/assembler/backends/arangodb/builder_test.go +++ b/pkg/assembler/backends/arangodb/builder_test.go @@ -19,13 +19,13 @@ package arangodb import ( "context" + "slices" "strings" "testing" "github.com/google/go-cmp/cmp" "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) // TODO (pxp928): add tests back in when implemented @@ -144,14 +144,16 @@ func Test_IngestBuilders(t *testing.T) { }, { URI: "https://tekton.dev/chains/v2", - }}, + }, + }, want: []*model.Builder{ { URI: "https://github.com/CreateFork/HubHostedActions@v1", }, { URI: "https://tekton.dev/chains/v2", - }}, + }, + }, wantErr: false, }} diff --git a/pkg/assembler/backends/arangodb/hashEqual_test.go b/pkg/assembler/backends/arangodb/hashEqual_test.go index ca7b1a1177..a72f1428fd 100644 --- a/pkg/assembler/backends/arangodb/hashEqual_test.go +++ b/pkg/assembler/backends/arangodb/hashEqual_test.go @@ -19,6 +19,7 @@ package arangodb import ( "context" + "slices" "strings" "testing" @@ -26,7 +27,6 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/internal/testing/testdata" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) func TestHashEqual(t *testing.T) { diff --git a/pkg/assembler/backends/arangodb/pkg_test.go b/pkg/assembler/backends/arangodb/pkg_test.go index 06c7d9b788..1141522f7c 100644 --- a/pkg/assembler/backends/arangodb/pkg_test.go +++ b/pkg/assembler/backends/arangodb/pkg_test.go @@ -19,6 +19,7 @@ package arangodb import ( "context" + "slices" "strings" "testing" @@ -26,7 +27,6 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/internal/testing/testdata" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) // func Test_pkgNamespaceStruct_Neighbors(t *testing.T) { diff --git a/pkg/assembler/backends/arangodb/src_test.go b/pkg/assembler/backends/arangodb/src_test.go index 6ea72f87b8..a3d7862c52 100644 --- a/pkg/assembler/backends/arangodb/src_test.go +++ b/pkg/assembler/backends/arangodb/src_test.go @@ -19,6 +19,7 @@ package arangodb import ( "context" + "slices" "strings" "testing" @@ -26,7 +27,6 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/internal/testing/testdata" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) func lessSource(a, b *model.Source) int { @@ -215,7 +215,8 @@ func Test_SourceTypes(t *testing.T) { }, { Type: "svn", Namespaces: []*model.SourceNamespace{}, - }}, + }, + }, wantErr: false, }, { name: "bobsrepo with commit, type search", @@ -321,7 +322,8 @@ func Test_SourceNamespaces(t *testing.T) { Namespace: "github.com/bob", Names: []*model.SourceName{}, }}, - }}, + }, + }, wantErr: false, }, { name: "bobsrepo with commit, type search", diff --git a/pkg/assembler/backends/arangodb/vulnerability_test.go b/pkg/assembler/backends/arangodb/vulnerability_test.go index 9202903123..04b0a60295 100644 --- a/pkg/assembler/backends/arangodb/vulnerability_test.go +++ b/pkg/assembler/backends/arangodb/vulnerability_test.go @@ -19,6 +19,7 @@ package arangodb import ( "context" + "slices" "strings" "testing" @@ -26,7 +27,6 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/internal/testing/testdata" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) func lessCve(a, b *model.Vulnerability) int { @@ -419,7 +419,6 @@ func TestIngestVulnerabilities(t *testing.T) { name: "Multiple", ingests: []*model.VulnerabilityInputSpec{testdata.C1, testdata.O1, testdata.G1}, exp: []*model.Vulnerability{ - { Type: "osv", VulnerabilityIDs: []*model.VulnerabilityID{testdata.O1out}, diff --git a/pkg/assembler/backends/ent/backend/hashequal_test.go b/pkg/assembler/backends/ent/backend/hashequal_test.go index f512f1f6d3..795fd32473 100644 --- a/pkg/assembler/backends/ent/backend/hashequal_test.go +++ b/pkg/assembler/backends/ent/backend/hashequal_test.go @@ -18,13 +18,13 @@ package backend import ( + "slices" "strconv" "strings" "github.com/google/go-cmp/cmp" "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) func (s *Suite) TestHashEqual() { diff --git a/pkg/assembler/backends/ent/backend/license_test.go b/pkg/assembler/backends/ent/backend/license_test.go index 333d3ba82b..16fd2aadb3 100644 --- a/pkg/assembler/backends/ent/backend/license_test.go +++ b/pkg/assembler/backends/ent/backend/license_test.go @@ -18,35 +18,40 @@ package backend import ( + "slices" "strconv" "strings" "github.com/google/go-cmp/cmp" "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) var l1 = &model.LicenseInputSpec{ Name: "BSD-3-Clause", ListVersion: ptrfrom.String("3.21 2023-06-18"), } + var l1out = &model.License{ Name: "BSD-3-Clause", ListVersion: ptrfrom.String("3.21 2023-06-18"), } + var l2 = &model.LicenseInputSpec{ Name: "GPL-2.0-or-later", ListVersion: ptrfrom.String("3.21 2023-06-18"), } + var l2out = &model.License{ Name: "GPL-2.0-or-later", ListVersion: ptrfrom.String("3.21 2023-06-18"), } + var l3 = &model.LicenseInputSpec{ Name: "MPL-2.0", ListVersion: ptrfrom.String("1.23 2020"), } + var l3out = &model.License{ Name: "MPL-2.0", ListVersion: ptrfrom.String("1.23 2020"), @@ -64,6 +69,7 @@ var l4 = &model.LicenseInputSpec{ Name: "LicenseRef-d58b4101", Inline: &inlineLicense, } + var l4out = &model.License{ Name: "LicenseRef-d58b4101", Inline: &inlineLicense, diff --git a/pkg/assembler/backends/ent/backend/package.go b/pkg/assembler/backends/ent/backend/package.go index 7f5d4ea6f9..bdceb73f70 100644 --- a/pkg/assembler/backends/ent/backend/package.go +++ b/pkg/assembler/backends/ent/backend/package.go @@ -21,6 +21,7 @@ import ( "crypto/sha1" stdsql "database/sql" "fmt" + "slices" "sort" "entgo.io/ent/dialect/sql" @@ -33,7 +34,6 @@ import ( "github.com/guacsec/guac/pkg/assembler/backends/helper" "github.com/guacsec/guac/pkg/assembler/graphql/model" "github.com/pkg/errors" - "golang.org/x/exp/slices" ) func (b *EntBackend) Packages(ctx context.Context, pkgSpec *model.PkgSpec) ([]*model.Package, error) { @@ -131,7 +131,6 @@ func (b *EntBackend) IngestPackage(ctx context.Context, pkg model.PkgInputSpec) // upsertPackage is a helper function to create or update a package node and its associated edges. // It is used in multiple places, so we extract it to a function. func upsertPackage(ctx context.Context, client *ent.Tx, pkg model.PkgInputSpec) (*ent.PackageVersion, error) { - pkgID, err := client.PackageType.Create(). SetType(pkg.Type). OnConflict(sql.ConflictColumns(packagetype.FieldType)). diff --git a/pkg/assembler/backends/ent/backend/pkgequal_test.go b/pkg/assembler/backends/ent/backend/pkgequal_test.go index 78f2d816b4..6202d1ad61 100644 --- a/pkg/assembler/backends/ent/backend/pkgequal_test.go +++ b/pkg/assembler/backends/ent/backend/pkgequal_test.go @@ -18,13 +18,13 @@ package backend import ( + "slices" "strconv" "github.com/google/go-cmp/cmp" "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/graphql/model" jsoniter "github.com/json-iterator/go" - "golang.org/x/exp/slices" ) var json = jsoniter.ConfigCompatibleWithStandardLibrary @@ -776,9 +776,9 @@ func (s *Suite) TestPkgEqualNeighbors() { }, }, ExpNeighbors: map[string][]string{ - "5": []string{"2", "7"}, // p1 - "6": []string{"2", "7"}, // p2 - "7": []string{"2", "2"}, // pkgequal + "5": {"2", "7"}, // p1 + "6": {"2", "7"}, // p2 + "7": {"2", "2"}, // pkgequal }, }, { @@ -801,11 +801,11 @@ func (s *Suite) TestPkgEqualNeighbors() { }, }, ExpNeighbors: map[string][]string{ - "5": []string{"2", "8", "9"}, // p1 - "6": []string{"2", "8"}, // p2 - "7": []string{"2", "9"}, // p3 - "8": []string{"2", "2"}, // pkgequal 1 - "9": []string{"2", "2"}, // pkgequal 2 + "5": {"2", "8", "9"}, // p1 + "6": {"2", "8"}, // p2 + "7": {"2", "9"}, // p3 + "8": {"2", "2"}, // pkgequal 1 + "9": {"2", "2"}, // pkgequal 2 }, }, } diff --git a/pkg/assembler/backends/ent/backend/vulnerability_test.go b/pkg/assembler/backends/ent/backend/vulnerability_test.go index cfb5cbe5b6..07eff26cfb 100644 --- a/pkg/assembler/backends/ent/backend/vulnerability_test.go +++ b/pkg/assembler/backends/ent/backend/vulnerability_test.go @@ -18,19 +18,20 @@ package backend import ( + "slices" "strconv" "strings" "github.com/google/go-cmp/cmp" "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) var c1 = &model.VulnerabilityInputSpec{ Type: "cve", VulnerabilityID: "CVE-2019-13110", } + var c1out = &model.VulnerabilityID{ VulnerabilityID: "cve-2019-13110", } @@ -39,6 +40,7 @@ var c2 = &model.VulnerabilityInputSpec{ Type: "cve", VulnerabilityID: "CVE-2014-8139", } + var c2out = &model.VulnerabilityID{ VulnerabilityID: "cve-2014-8139", } @@ -47,6 +49,7 @@ var c3 = &model.VulnerabilityInputSpec{ Type: "CVE", VulnerabilityID: "cVe-2014-8140", } + var c3out = &model.VulnerabilityID{ VulnerabilityID: "cve-2014-8140", } @@ -64,6 +67,7 @@ var g2 = &model.VulnerabilityInputSpec{ Type: "ghsa", VulnerabilityID: "GHSA-xrw3-wqph-3fxg", } + var g2out = &model.VulnerabilityID{ VulnerabilityID: "ghsa-xrw3-wqph-3fxg", } @@ -72,6 +76,7 @@ var g3 = &model.VulnerabilityInputSpec{ Type: "ghsa", VulnerabilityID: "GHSA-8v4j-7jgf-5rg9", } + var g3out = &model.VulnerabilityID{ VulnerabilityID: "ghsa-8v4j-7jgf-5rg9", } @@ -80,6 +85,7 @@ var o1 = &model.VulnerabilityInputSpec{ Type: "OSV", VulnerabilityID: "CVE-2014-8140", } + var o1out = &model.VulnerabilityID{ VulnerabilityID: "cve-2014-8140", } @@ -88,6 +94,7 @@ var o2 = &model.VulnerabilityInputSpec{ Type: "osv", VulnerabilityID: "CVE-2022-26499", } + var o2out = &model.VulnerabilityID{ VulnerabilityID: "cve-2022-26499", } @@ -96,6 +103,7 @@ var o3 = &model.VulnerabilityInputSpec{ Type: "osv", VulnerabilityID: "GHSA-h45f-rjvw-2rv2", } + var o3out = &model.VulnerabilityID{ VulnerabilityID: "ghsa-h45f-rjvw-2rv2", } @@ -104,6 +112,7 @@ var noVulnInput = &model.VulnerabilityInputSpec{ Type: "noVuln", VulnerabilityID: "", } + var noVulnOut = &model.VulnerabilityID{ VulnerabilityID: "", } @@ -127,7 +136,7 @@ func (s *Suite) TestVulnerability() { Ingests: []*model.VulnerabilityInputSpec{c1}, Query: &model.VulnerabilitySpec{}, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c1out}, }, @@ -138,7 +147,7 @@ func (s *Suite) TestVulnerability() { Ingests: []*model.VulnerabilityInputSpec{c1, c2}, Query: &model.VulnerabilitySpec{}, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c1out, c2out}, }, @@ -149,7 +158,7 @@ func (s *Suite) TestVulnerability() { Ingests: []*model.VulnerabilityInputSpec{c1, c1, c1}, Query: &model.VulnerabilitySpec{}, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c1out}, }, @@ -162,7 +171,7 @@ func (s *Suite) TestVulnerability() { Type: ptrfrom.String("cve"), }, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c1out, c2out, c3out}, }, @@ -175,7 +184,7 @@ func (s *Suite) TestVulnerability() { Type: ptrfrom.String("ghsa"), }, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "ghsa", VulnerabilityIDs: []*model.VulnerabilityID{g2out, g3out}, }, @@ -188,7 +197,7 @@ func (s *Suite) TestVulnerability() { Type: ptrfrom.String("osv"), }, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "osv", VulnerabilityIDs: []*model.VulnerabilityID{o1out, o2out, o3out}, }, @@ -201,7 +210,7 @@ func (s *Suite) TestVulnerability() { Type: ptrfrom.String("noVuln"), }, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "novuln", VulnerabilityIDs: []*model.VulnerabilityID{noVulnOut}, }, @@ -214,7 +223,7 @@ func (s *Suite) TestVulnerability() { NoVuln: ptrfrom.Bool(true), }, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "novuln", VulnerabilityIDs: []*model.VulnerabilityID{noVulnOut}, }, @@ -227,7 +236,7 @@ func (s *Suite) TestVulnerability() { VulnerabilityID: ptrfrom.String("CVE-2014-8140"), }, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c3out}, }, @@ -240,7 +249,7 @@ func (s *Suite) TestVulnerability() { Type: ptrfrom.String("noVuln"), }, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "novuln", VulnerabilityIDs: []*model.VulnerabilityID{noVulnOut}, }, @@ -253,7 +262,7 @@ func (s *Suite) TestVulnerability() { ID: ptrfrom.String("0"), }, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c1out}, }, diff --git a/pkg/assembler/backends/inmem/certifyBad_test.go b/pkg/assembler/backends/inmem/certifyBad_test.go index 87cd3ccac5..ede819a2af 100644 --- a/pkg/assembler/backends/inmem/certifyBad_test.go +++ b/pkg/assembler/backends/inmem/certifyBad_test.go @@ -17,6 +17,7 @@ package inmem_test import ( "context" + "slices" "strings" "testing" "time" @@ -25,7 +26,6 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) func TestCertifyBad(t *testing.T) { @@ -67,7 +67,7 @@ func TestCertifyBad(t *testing.T) { Justification: ptrfrom.String("test justification"), }, ExpCB: []*model.CertifyBad{ - &model.CertifyBad{ + { Subject: p1out, Justification: "test justification", }, @@ -77,7 +77,7 @@ func TestCertifyBad(t *testing.T) { Name: "HappyPath All Version", InPkg: []*model.PkgInputSpec{p1}, Calls: []call{ - call{ + { Sub: model.PackageSourceOrArtifactInput{ Package: p1, }, @@ -93,7 +93,7 @@ func TestCertifyBad(t *testing.T) { Justification: ptrfrom.String("test justification"), }, ExpCB: []*model.CertifyBad{ - &model.CertifyBad{ + { Subject: p1outName, Justification: "test justification", }, @@ -103,7 +103,7 @@ func TestCertifyBad(t *testing.T) { Name: "Ingest same twice", InPkg: []*model.PkgInputSpec{p1}, Calls: []call{ - call{ + { Sub: model.PackageSourceOrArtifactInput{ Package: p1, }, @@ -114,7 +114,7 @@ func TestCertifyBad(t *testing.T) { Justification: "test justification", }, }, - call{ + { Sub: model.PackageSourceOrArtifactInput{ Package: p1, }, @@ -130,7 +130,7 @@ func TestCertifyBad(t *testing.T) { Justification: ptrfrom.String("test justification"), }, ExpCB: []*model.CertifyBad{ - &model.CertifyBad{ + { Subject: p1out, Justification: "test justification", }, @@ -140,7 +140,7 @@ func TestCertifyBad(t *testing.T) { Name: "Query on Justification", InPkg: []*model.PkgInputSpec{p1}, Calls: []call{ - call{ + { Sub: model.PackageSourceOrArtifactInput{ Package: p1, }, @@ -151,7 +151,7 @@ func TestCertifyBad(t *testing.T) { Justification: "test justification one", }, }, - call{ + { Sub: model.PackageSourceOrArtifactInput{ Package: p1, }, @@ -167,7 +167,7 @@ func TestCertifyBad(t *testing.T) { Justification: ptrfrom.String("test justification one"), }, ExpCB: []*model.CertifyBad{ - &model.CertifyBad{ + { Subject: p1out, Justification: "test justification one", }, @@ -623,7 +623,7 @@ func TestIngestCertifyBads(t *testing.T) { Justification: ptrfrom.String("test justification"), }, ExpCB: []*model.CertifyBad{ - &model.CertifyBad{ + { Subject: p1out, Justification: "test justification", }, @@ -633,7 +633,7 @@ func TestIngestCertifyBads(t *testing.T) { Name: "HappyPath All Version", InPkg: []*model.PkgInputSpec{p1}, Calls: []call{ - call{ + { Sub: model.PackageSourceOrArtifactInputs{ Packages: []*model.PkgInputSpec{p1}, }, @@ -651,7 +651,7 @@ func TestIngestCertifyBads(t *testing.T) { Justification: ptrfrom.String("test justification"), }, ExpCB: []*model.CertifyBad{ - &model.CertifyBad{ + { Subject: p1outName, Justification: "test justification", }, @@ -682,7 +682,7 @@ func TestIngestCertifyBads(t *testing.T) { Justification: ptrfrom.String("test justification"), }, ExpCB: []*model.CertifyBad{ - &model.CertifyBad{ + { Subject: p1out, Justification: "test justification", }, @@ -903,8 +903,8 @@ func TestCertifyBadNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "4": []string{"1", "5"}, // pkg version - "5": []string{"1"}, // certify bad + "4": {"1", "5"}, // pkg version + "5": {"1"}, // certify bad }, }, { @@ -942,17 +942,17 @@ func TestCertifyBadNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "1": []string{"1"}, - "2": []string{"1", "1"}, - "3": []string{"1", "1", "9"}, // pkg name - "4": []string{"1"}, // pkg version - "5": []string{"5"}, - "6": []string{"5", "5"}, - "7": []string{"5", "10"}, // src name - "8": []string{"11"}, // art - "9": []string{"1"}, // cb 1 -> pkg name - "10": []string{"5"}, // cb 2 -> src name - "11": []string{"8"}, // cb 3 -> art + "1": {"1"}, + "2": {"1", "1"}, + "3": {"1", "1", "9"}, // pkg name + "4": {"1"}, // pkg version + "5": {"5"}, + "6": {"5", "5"}, + "7": {"5", "10"}, // src name + "8": {"11"}, // art + "9": {"1"}, // cb 1 -> pkg name + "10": {"5"}, // cb 2 -> src name + "11": {"8"}, // cb 3 -> art }, }, } diff --git a/pkg/assembler/backends/inmem/certifyGood_test.go b/pkg/assembler/backends/inmem/certifyGood_test.go index bebd34d28f..04879f2b97 100644 --- a/pkg/assembler/backends/inmem/certifyGood_test.go +++ b/pkg/assembler/backends/inmem/certifyGood_test.go @@ -17,6 +17,7 @@ package inmem_test import ( "context" + "slices" "strings" "testing" "time" @@ -25,7 +26,6 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) func TestCertifyGood(t *testing.T) { @@ -67,7 +67,7 @@ func TestCertifyGood(t *testing.T) { Justification: ptrfrom.String("test justification"), }, ExpCG: []*model.CertifyGood{ - &model.CertifyGood{ + { Subject: p1out, Justification: "test justification", }, @@ -77,7 +77,7 @@ func TestCertifyGood(t *testing.T) { Name: "HappyPath All Version", InPkg: []*model.PkgInputSpec{p1}, Calls: []call{ - call{ + { Sub: model.PackageSourceOrArtifactInput{ Package: p1, }, @@ -93,7 +93,7 @@ func TestCertifyGood(t *testing.T) { Justification: ptrfrom.String("test justification"), }, ExpCG: []*model.CertifyGood{ - &model.CertifyGood{ + { Subject: p1outName, Justification: "test justification", }, @@ -103,7 +103,7 @@ func TestCertifyGood(t *testing.T) { Name: "Ingest same twice", InPkg: []*model.PkgInputSpec{p1}, Calls: []call{ - call{ + { Sub: model.PackageSourceOrArtifactInput{ Package: p1, }, @@ -114,7 +114,7 @@ func TestCertifyGood(t *testing.T) { Justification: "test justification", }, }, - call{ + { Sub: model.PackageSourceOrArtifactInput{ Package: p1, }, @@ -130,7 +130,7 @@ func TestCertifyGood(t *testing.T) { Justification: ptrfrom.String("test justification"), }, ExpCG: []*model.CertifyGood{ - &model.CertifyGood{ + { Subject: p1out, Justification: "test justification", }, @@ -140,7 +140,7 @@ func TestCertifyGood(t *testing.T) { Name: "Query on Justification", InPkg: []*model.PkgInputSpec{p1}, Calls: []call{ - call{ + { Sub: model.PackageSourceOrArtifactInput{ Package: p1, }, @@ -151,7 +151,7 @@ func TestCertifyGood(t *testing.T) { Justification: "test justification one", }, }, - call{ + { Sub: model.PackageSourceOrArtifactInput{ Package: p1, }, @@ -167,7 +167,7 @@ func TestCertifyGood(t *testing.T) { Justification: ptrfrom.String("test justification one"), }, ExpCG: []*model.CertifyGood{ - &model.CertifyGood{ + { Subject: p1out, Justification: "test justification one", }, @@ -903,8 +903,8 @@ func TestCertifyGoodNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "4": []string{"1", "5"}, // pkg version - "5": []string{"1"}, // certify good + "4": {"1", "5"}, // pkg version + "5": {"1"}, // certify good }, }, { @@ -942,17 +942,17 @@ func TestCertifyGoodNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "1": []string{"1"}, - "2": []string{"1", "1"}, - "3": []string{"1", "1", "9"}, // pkg name - "4": []string{"1"}, // pkg version - "5": []string{"5"}, - "6": []string{"5", "5"}, - "7": []string{"5", "10"}, // src name - "8": []string{"11"}, // art - "9": []string{"1"}, // cb 1 -> pkg name - "10": []string{"5"}, // cb 2 -> src name - "11": []string{"8"}, // cb 3 -> art + "1": {"1"}, + "2": {"1", "1"}, + "3": {"1", "1", "9"}, // pkg name + "4": {"1"}, // pkg version + "5": {"5"}, + "6": {"5", "5"}, + "7": {"5", "10"}, // src name + "8": {"11"}, // art + "9": {"1"}, // cb 1 -> pkg name + "10": {"5"}, // cb 2 -> src name + "11": {"8"}, // cb 3 -> art }, }, } diff --git a/pkg/assembler/backends/inmem/certifyLegal.go b/pkg/assembler/backends/inmem/certifyLegal.go index 594377e4df..59d30d3b76 100644 --- a/pkg/assembler/backends/inmem/certifyLegal.go +++ b/pkg/assembler/backends/inmem/certifyLegal.go @@ -17,32 +17,33 @@ package inmem import ( "context" + "slices" "strconv" "time" - "github.com/vektah/gqlparser/v2/gqlerror" - "golang.org/x/exp/slices" - "github.com/guacsec/guac/pkg/assembler/graphql/model" + "github.com/vektah/gqlparser/v2/gqlerror" ) // Internal certifyLegal -type certifyLegalList []*certifyLegalStruct -type certifyLegalStruct struct { - id uint32 - pkg uint32 - source uint32 - declaredLicense string - declaredLicenses []uint32 - discoveredLicense string - discoveredLicenses []uint32 - attribution string - justification string - timeScanned time.Time - origin string - collector string -} +type ( + certifyLegalList []*certifyLegalStruct + certifyLegalStruct struct { + id uint32 + pkg uint32 + source uint32 + declaredLicense string + declaredLicenses []uint32 + discoveredLicense string + discoveredLicenses []uint32 + attribution string + justification string + timeScanned time.Time + origin string + collector string + } +) func (n *certifyLegalStruct) ID() uint32 { return n.id } @@ -356,8 +357,8 @@ func (c *demoClient) CertifyLegal(ctx context.Context, filter *model.CertifyLega func (c *demoClient) addLegalIfMatch(out []*model.CertifyLegal, filter *model.CertifyLegalSpec, link *certifyLegalStruct) ( - []*model.CertifyLegal, error) { - + []*model.CertifyLegal, error, +) { if noMatch(filter.DeclaredLicense, link.declaredLicense) || noMatch(filter.DiscoveredLicense, link.discoveredLicense) || noMatch(filter.Attribution, link.attribution) || diff --git a/pkg/assembler/backends/inmem/certifyLegal_test.go b/pkg/assembler/backends/inmem/certifyLegal_test.go index 11b4d74e72..4be26cdc58 100644 --- a/pkg/assembler/backends/inmem/certifyLegal_test.go +++ b/pkg/assembler/backends/inmem/certifyLegal_test.go @@ -17,20 +17,21 @@ package inmem_test import ( "context" + "slices" "strings" "testing" "time" "github.com/google/go-cmp/cmp" - "golang.org/x/exp/slices" - "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" ) -var t2 = time.Unix(1e9, 0) -var t3 = time.Unix(1e9+5, 0) +var ( + t2 = time.Unix(1e9, 0) + t3 = time.Unix(1e9+5, 0) +) func TestLegal(t *testing.T) { type call struct { @@ -658,12 +659,12 @@ func TestLegalNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "1": []string{"1"}, - "2": []string{"1", "1"}, - "3": []string{"1", "1"}, - "4": []string{"1", "6"}, // pkg version - "5": []string{"6"}, // license - "6": []string{"1", "5"}, // certifyLegal + "1": {"1"}, + "2": {"1", "1"}, + "3": {"1", "1"}, + "4": {"1", "6"}, // pkg version + "5": {"6"}, // license + "6": {"1", "5"}, // certifyLegal }, }, { @@ -691,13 +692,13 @@ func TestLegalNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "4": []string{"1", "9"}, // pkg version 1 - "5": []string{"1", "10"}, // pkg version 2 - "6": []string{"9", "10"}, // license 1 - "7": []string{"9"}, // license 2 - "8": []string{"10"}, // license 2 - "9": []string{"1", "6", "7"}, // certLegal 1 - "10": []string{"1", "6", "8"}, // certLegal 2 + "4": {"1", "9"}, // pkg version 1 + "5": {"1", "10"}, // pkg version 2 + "6": {"9", "10"}, // license 1 + "7": {"9"}, // license 2 + "8": {"10"}, // license 2 + "9": {"1", "6", "7"}, // certLegal 1 + "10": {"1", "6", "8"}, // certLegal 2 }, }, } diff --git a/pkg/assembler/backends/inmem/certifyScorecard_test.go b/pkg/assembler/backends/inmem/certifyScorecard_test.go index f149f0407b..827f49f55a 100644 --- a/pkg/assembler/backends/inmem/certifyScorecard_test.go +++ b/pkg/assembler/backends/inmem/certifyScorecard_test.go @@ -17,6 +17,7 @@ package inmem_test import ( "context" + "slices" "strings" "testing" "time" @@ -25,7 +26,6 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) func TestCertifyScorecard(t *testing.T) { @@ -646,8 +646,8 @@ func TestCertifyScorecardNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "3": []string{"1", "4"}, // src name - "4": []string{"1"}, // SC + "3": {"1", "4"}, // src name + "4": {"1"}, // SC }, }, { @@ -675,11 +675,11 @@ func TestCertifyScorecardNeighbors(t *testing.T) { }, ExpNeighbors: map[string][]string{ // test sources are all type git, id:2 - "3": []string{"1", "6"}, // src name 1 -> src namespace, SC1 - "5": []string{"1", "7", "8"}, // src name 2 -> src namespace, SC2, SC3 - "6": []string{"1"}, // SC 1 - "7": []string{"1"}, // SC 2 - "8": []string{"1"}, // SC 3 + "3": {"1", "6"}, // src name 1 -> src namespace, SC1 + "5": {"1", "7", "8"}, // src name 2 -> src namespace, SC2, SC3 + "6": {"1"}, // SC 1 + "7": {"1"}, // SC 2 + "8": {"1"}, // SC 3 }, }, } diff --git a/pkg/assembler/backends/inmem/certifyVEXStatement_test.go b/pkg/assembler/backends/inmem/certifyVEXStatement_test.go index 3007b9045f..0fa26ec5ea 100644 --- a/pkg/assembler/backends/inmem/certifyVEXStatement_test.go +++ b/pkg/assembler/backends/inmem/certifyVEXStatement_test.go @@ -17,6 +17,7 @@ package inmem_test import ( "context" + "slices" "strings" "testing" "time" @@ -25,7 +26,6 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) func TestVEX(t *testing.T) { @@ -1082,7 +1082,7 @@ func TestVEXNeighbors(t *testing.T) { InPkg: []*model.PkgInputSpec{p1}, InVuln: []*model.VulnerabilityInputSpec{o1}, Calls: []call{ - call{ + { Sub: model.PackageOrArtifactInput{ Package: p1, }, @@ -1094,9 +1094,9 @@ func TestVEXNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "4": []string{"1", "7"}, // pkg version -> pkg name, vex - "6": []string{"5", "7"}, // vuln -> vuln type, vex - "7": []string{"1", "5"}, // Vex -> pkg version, vuln + "4": {"1", "7"}, // pkg version -> pkg name, vex + "6": {"5", "7"}, // vuln -> vuln type, vex + "7": {"1", "5"}, // Vex -> pkg version, vuln }, }, { @@ -1126,11 +1126,11 @@ func TestVEXNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "4": []string{"1", "8", "9"}, // pkg version -> pkg name, vex1, vex2 - "6": []string{"5", "8"}, // Vuln1 -> vulnType, vex1 - "7": []string{"5", "9"}, // Vuln2 -> vulnType, vex2 - "8": []string{"1", "5"}, // Vex1 -> pkg version, vuln1 - "9": []string{"1", "5"}, // Vex2 -> pkg version, vuln2 + "4": {"1", "8", "9"}, // pkg version -> pkg name, vex1, vex2 + "6": {"5", "8"}, // Vuln1 -> vulnType, vex1 + "7": {"5", "9"}, // Vuln2 -> vulnType, vex2 + "8": {"1", "5"}, // Vex1 -> pkg version, vuln1 + "9": {"1", "5"}, // Vex2 -> pkg version, vuln2 }, }, } diff --git a/pkg/assembler/backends/inmem/certifyVuln_test.go b/pkg/assembler/backends/inmem/certifyVuln_test.go index 03befdb856..5a87544e04 100644 --- a/pkg/assembler/backends/inmem/certifyVuln_test.go +++ b/pkg/assembler/backends/inmem/certifyVuln_test.go @@ -17,6 +17,7 @@ package inmem_test import ( "context" + "slices" "strconv" "strings" "testing" @@ -26,7 +27,6 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) var t1, _ = time.Parse(time.RFC3339, "2023-01-01T00:00:00Z") @@ -779,7 +779,7 @@ func TestIngestCertifyVulns(t *testing.T) { Pkgs: []*model.PkgInputSpec{p2}, Vulns: []*model.VulnerabilityInputSpec{o1}, CertifyVulns: []*model.ScanMetadataInput{ - &model.ScanMetadataInput{ + { Collector: "test collector", Origin: "test origin", ScannerVersion: "v1.0.0", @@ -814,7 +814,7 @@ func TestIngestCertifyVulns(t *testing.T) { Pkgs: []*model.PkgInputSpec{p2}, Vulns: []*model.VulnerabilityInputSpec{g1}, CertifyVulns: []*model.ScanMetadataInput{ - &model.ScanMetadataInput{ + { Collector: "test collector", Origin: "test origin", ScannerVersion: "v1.0.0", @@ -895,7 +895,7 @@ func TestIngestCertifyVulns(t *testing.T) { Pkgs: []*model.PkgInputSpec{p2}, Vulns: []*model.VulnerabilityInputSpec{g1}, CertifyVulns: []*model.ScanMetadataInput{ - &model.ScanMetadataInput{ + { Collector: "test collector", Origin: "test origin", ScannerVersion: "v1.0.0", @@ -1120,7 +1120,7 @@ func TestCertifyVulnNeighbors(t *testing.T) { InPkg: []*model.PkgInputSpec{p1}, InVuln: []*model.VulnerabilityInputSpec{o1}, Calls: []call{ - call{ + { Pkg: p1, Vuln: o1, CertifyVuln: &model.ScanMetadataInput{ @@ -1135,9 +1135,9 @@ func TestCertifyVulnNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "4": []string{"1", "7"}, // pkg version -> pkg name, vex - "6": []string{"5", "7"}, // Vuln -> vex - "7": []string{"1", "5"}, // Vex -> pkg version, vuln + "4": {"1", "7"}, // pkg version -> pkg name, vex + "6": {"5", "7"}, // Vuln -> vex + "7": {"1", "5"}, // Vex -> pkg version, vuln }, }, { @@ -1145,7 +1145,7 @@ func TestCertifyVulnNeighbors(t *testing.T) { InPkg: []*model.PkgInputSpec{p1}, InVuln: []*model.VulnerabilityInputSpec{o1, o2}, Calls: []call{ - call{ + { Pkg: p1, Vuln: o1, CertifyVuln: &model.ScanMetadataInput{ @@ -1158,7 +1158,7 @@ func TestCertifyVulnNeighbors(t *testing.T) { TimeScanned: t1, }, }, - call{ + { Pkg: p1, Vuln: o2, CertifyVuln: &model.ScanMetadataInput{ @@ -1173,11 +1173,11 @@ func TestCertifyVulnNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "4": []string{"1", "8", "9"}, // pkg version -> pkg name, certVuln1, certVuln2 - "6": []string{"5", "8"}, // Vuln1 -> vunType, certVuln1 - "7": []string{"5", "9"}, // Vuln2 -> vunType, certVuln2 - "8": []string{"1", "5"}, // certVuln1 -> pkg version, vuln1 - "9": []string{"1", "5"}, // certVuln2 -> pkg version, vuln2 + "4": {"1", "8", "9"}, // pkg version -> pkg name, certVuln1, certVuln2 + "6": {"5", "8"}, // Vuln1 -> vunType, certVuln1 + "7": {"5", "9"}, // Vuln2 -> vunType, certVuln2 + "8": {"1", "5"}, // certVuln1 -> pkg version, vuln1 + "9": {"1", "5"}, // certVuln2 -> pkg version, vuln2 }, }, } diff --git a/pkg/assembler/backends/inmem/hasMetadata_test.go b/pkg/assembler/backends/inmem/hasMetadata_test.go index 3fbd66389f..b3cc561e7d 100644 --- a/pkg/assembler/backends/inmem/hasMetadata_test.go +++ b/pkg/assembler/backends/inmem/hasMetadata_test.go @@ -17,6 +17,7 @@ package inmem_test import ( "context" + "slices" "strings" "testing" "time" @@ -25,7 +26,6 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) func TestHasMetadata(t *testing.T) { diff --git a/pkg/assembler/backends/inmem/hasSBOM_test.go b/pkg/assembler/backends/inmem/hasSBOM_test.go index 76472d24fa..3f889b455f 100644 --- a/pkg/assembler/backends/inmem/hasSBOM_test.go +++ b/pkg/assembler/backends/inmem/hasSBOM_test.go @@ -17,6 +17,7 @@ package inmem_test import ( "context" + "slices" "strings" "testing" "time" @@ -25,7 +26,6 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) func TestHasSBOM(t *testing.T) { @@ -799,8 +799,8 @@ func TestHasSBOMNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "4": []string{"1", "5"}, // pkg version - "5": []string{"1"}, // hasSBOM + "4": {"1", "5"}, // pkg version + "5": {"1"}, // hasSBOM }, }, { @@ -826,10 +826,10 @@ func TestHasSBOMNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "4": []string{"1", "6"}, // pkg version -> hs1 - "5": []string{"7"}, // artifact -> hs2 - "6": []string{"1"}, // hs1 -> pkg version - "7": []string{"5"}, // hs2 -> artifact + "4": {"1", "6"}, // pkg version -> hs1 + "5": {"7"}, // artifact -> hs2 + "6": {"1"}, // hs1 -> pkg version + "7": {"5"}, // hs2 -> artifact }, }, } diff --git a/pkg/assembler/backends/inmem/hasSLSA.go b/pkg/assembler/backends/inmem/hasSLSA.go index b428494d06..38535954d0 100644 --- a/pkg/assembler/backends/inmem/hasSLSA.go +++ b/pkg/assembler/backends/inmem/hasSLSA.go @@ -17,32 +17,33 @@ package inmem import ( "context" + "slices" "sort" "strconv" "strings" "time" "github.com/google/go-cmp/cmp" - "golang.org/x/exp/slices" - "github.com/guacsec/guac/pkg/assembler/graphql/model" "github.com/vektah/gqlparser/v2/gqlerror" ) -type hasSLSAList []*hasSLSAStruct -type hasSLSAStruct struct { - id uint32 - subject uint32 - builtFrom []uint32 - builtBy uint32 - buildType string - predicates []*model.SLSAPredicate - version string - start *time.Time - finish *time.Time - origin string - collector string -} +type ( + hasSLSAList []*hasSLSAStruct + hasSLSAStruct struct { + id uint32 + subject uint32 + builtFrom []uint32 + builtBy uint32 + buildType string + predicates []*model.SLSAPredicate + version string + start *time.Time + finish *time.Time + origin string + collector string + } +) func (n *hasSLSAStruct) ID() uint32 { return n.id } @@ -172,15 +173,16 @@ func (c *demoClient) IngestSLSAs(ctx context.Context, subjects []*model.Artifact func (c *demoClient) IngestSLSA(ctx context.Context, subject model.ArtifactInputSpec, builtFrom []*model.ArtifactInputSpec, - builtBy model.BuilderInputSpec, slsa model.SLSAInputSpec) (*model.HasSlsa, error) { + builtBy model.BuilderInputSpec, slsa model.SLSAInputSpec, +) (*model.HasSlsa, error) { return c.ingestSLSA(ctx, subject, builtFrom, builtBy, slsa, true) } func (c *demoClient) ingestSLSA(ctx context.Context, subject model.ArtifactInputSpec, builtFrom []*model.ArtifactInputSpec, builtBy model.BuilderInputSpec, slsa model.SLSAInputSpec, readOnly bool) ( - *model.HasSlsa, error) { - + *model.HasSlsa, error, +) { lock(&c.m, readOnly) defer unlock(&c.m, readOnly) @@ -307,7 +309,8 @@ func (c *demoClient) convSLSA(in *hasSLSAStruct) (*model.HasSlsa, error) { func (c *demoClient) addSLSAIfMatch(out []*model.HasSlsa, filter *model.HasSLSASpec, link *hasSLSAStruct) ( - []*model.HasSlsa, error) { + []*model.HasSlsa, error, +) { bb, err := byID[*builderStruct](link.builtBy, c) if err != nil { return nil, err diff --git a/pkg/assembler/backends/inmem/hasSLSA_test.go b/pkg/assembler/backends/inmem/hasSLSA_test.go index 47e9614a13..cf1256eee0 100644 --- a/pkg/assembler/backends/inmem/hasSLSA_test.go +++ b/pkg/assembler/backends/inmem/hasSLSA_test.go @@ -17,6 +17,7 @@ package inmem_test import ( "context" + "slices" "strings" "testing" "time" @@ -25,12 +26,12 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) var b1 = &model.BuilderInputSpec{ URI: "asdf", } + var b1out = &model.Builder{ URI: "asdf", } @@ -558,7 +559,7 @@ func TestIngestHasSLSAs(t *testing.T) { Calls: []call{ { Sub: []*model.ArtifactInputSpec{a1}, - BF: [][]*model.ArtifactInputSpec{[]*model.ArtifactInputSpec{a2}}, + BF: [][]*model.ArtifactInputSpec{{a2}}, BB: []*model.BuilderInputSpec{b1}, SLSA: []*model.SLSAInputSpec{ { @@ -588,7 +589,7 @@ func TestIngestHasSLSAs(t *testing.T) { Calls: []call{ { Sub: []*model.ArtifactInputSpec{a1, a1}, - BF: [][]*model.ArtifactInputSpec{[]*model.ArtifactInputSpec{a2}, []*model.ArtifactInputSpec{a2}}, + BF: [][]*model.ArtifactInputSpec{{a2}, {a2}}, BB: []*model.BuilderInputSpec{b1, b1}, SLSA: []*model.SLSAInputSpec{ { @@ -621,7 +622,7 @@ func TestIngestHasSLSAs(t *testing.T) { Calls: []call{ { Sub: []*model.ArtifactInputSpec{a1, a1}, - BF: [][]*model.ArtifactInputSpec{[]*model.ArtifactInputSpec{a2}, []*model.ArtifactInputSpec{a2}}, + BF: [][]*model.ArtifactInputSpec{{a2}, {a2}}, BB: []*model.BuilderInputSpec{b1, b1}, SLSA: []*model.SLSAInputSpec{ { @@ -654,7 +655,7 @@ func TestIngestHasSLSAs(t *testing.T) { Calls: []call{ { Sub: []*model.ArtifactInputSpec{a1, a3}, - BF: [][]*model.ArtifactInputSpec{[]*model.ArtifactInputSpec{a2}, []*model.ArtifactInputSpec{a2}}, + BF: [][]*model.ArtifactInputSpec{{a2}, {a2}}, BB: []*model.BuilderInputSpec{b1, b1}, SLSA: []*model.SLSAInputSpec{ {}, @@ -684,7 +685,7 @@ func TestIngestHasSLSAs(t *testing.T) { Calls: []call{ { Sub: []*model.ArtifactInputSpec{a1, a1, a1}, - BF: [][]*model.ArtifactInputSpec{[]*model.ArtifactInputSpec{a2}, []*model.ArtifactInputSpec{a2, a3}, []*model.ArtifactInputSpec{a4}}, + BF: [][]*model.ArtifactInputSpec{{a2}, {a2, a3}, {a4}}, BB: []*model.BuilderInputSpec{b1, b1, b1}, SLSA: []*model.SLSAInputSpec{ {}, @@ -788,10 +789,10 @@ func TestHasSLSANeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "1": []string{"4"}, // a1 - "2": []string{"4"}, // a2 - "3": []string{"4"}, // b1 - "4": []string{"1", "2", "3"}, // hasSBOM + "1": {"4"}, // a1 + "2": {"4"}, // a2 + "3": {"4"}, // b1 + "4": {"1", "2", "3"}, // hasSBOM }, }, { @@ -817,13 +818,13 @@ func TestHasSLSANeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "1": []string{"6"}, // a1 - "2": []string{"6"}, // a2 - "3": []string{"7"}, // a3 - "4": []string{"7"}, // a4 - "5": []string{"6", "7"}, // b1 - "6": []string{"1", "2", "5"}, // hasSBOM 1 - "7": []string{"3", "4", "5"}, // hasSBOM 2 + "1": {"6"}, // a1 + "2": {"6"}, // a2 + "3": {"7"}, // a3 + "4": {"7"}, // a4 + "5": {"6", "7"}, // b1 + "6": {"1", "2", "5"}, // hasSBOM 1 + "7": {"3", "4", "5"}, // hasSBOM 2 }, }, } diff --git a/pkg/assembler/backends/inmem/hasSourceAt_test.go b/pkg/assembler/backends/inmem/hasSourceAt_test.go index ef7dbb5670..7227c6c7db 100644 --- a/pkg/assembler/backends/inmem/hasSourceAt_test.go +++ b/pkg/assembler/backends/inmem/hasSourceAt_test.go @@ -17,6 +17,7 @@ package inmem_test import ( "context" + "slices" "strings" "testing" "time" @@ -25,7 +26,6 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) func TestHasSourceAt(t *testing.T) { @@ -821,9 +821,9 @@ func TestHasSourceAtNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "4": []string{"1", "8"}, // Package Version - "7": []string{"5", "8"}, // Source Name - "8": []string{"1", "5"}, // HSA + "4": {"1", "8"}, // Package Version + "7": {"5", "8"}, // Source Name + "8": {"1", "5"}, // HSA }, }, { @@ -851,11 +851,11 @@ func TestHasSourceAtNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "3": []string{"1", "1", "9"}, // Package Name - "4": []string{"1", "8"}, // Package Version - "7": []string{"5", "8", "9"}, // Source Name - "8": []string{"1", "5"}, // HSA -> Version - "9": []string{"1", "5"}, // HSA -> Name + "3": {"1", "1", "9"}, // Package Name + "4": {"1", "8"}, // Package Version + "7": {"5", "8", "9"}, // Source Name + "8": {"1", "5"}, // HSA -> Version + "9": {"1", "5"}, // HSA -> Name }, }, } diff --git a/pkg/assembler/backends/inmem/hashEqual.go b/pkg/assembler/backends/inmem/hashEqual.go index 2182553b0c..499bc3d2b4 100644 --- a/pkg/assembler/backends/inmem/hashEqual.go +++ b/pkg/assembler/backends/inmem/hashEqual.go @@ -18,25 +18,26 @@ package inmem import ( "context" "fmt" + "slices" "strconv" "strings" - "github.com/vektah/gqlparser/v2/gqlerror" - "golang.org/x/exp/slices" - "github.com/guacsec/guac/pkg/assembler/graphql/model" + "github.com/vektah/gqlparser/v2/gqlerror" ) // Internal hashEqual -type hashEqualList []*hashEqualStruct -type hashEqualStruct struct { - id uint32 - artifacts []uint32 - justification string - origin string - collector string -} +type ( + hashEqualList []*hashEqualStruct + hashEqualStruct struct { + id uint32 + artifacts []uint32 + justification string + origin string + collector string + } +) func (n *hashEqualStruct) ID() uint32 { return n.id } @@ -275,7 +276,8 @@ func (c *demoClient) convHashEqual(h *hashEqualStruct) (*model.HashEqual, error) func (c *demoClient) addHEIfMatch(out []*model.HashEqual, filter *model.HashEqualSpec, link *hashEqualStruct) ( - []*model.HashEqual, error) { + []*model.HashEqual, error, +) { if noMatch(filter.Justification, link.justification) || noMatch(filter.Origin, link.origin) || noMatch(filter.Collector, link.collector) || diff --git a/pkg/assembler/backends/inmem/hashEqual_test.go b/pkg/assembler/backends/inmem/hashEqual_test.go index 481ea696dd..21fd856628 100644 --- a/pkg/assembler/backends/inmem/hashEqual_test.go +++ b/pkg/assembler/backends/inmem/hashEqual_test.go @@ -17,6 +17,7 @@ package inmem_test import ( "context" + "slices" "strings" "testing" @@ -24,7 +25,6 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) func TestHashEqual(t *testing.T) { @@ -748,9 +748,9 @@ func TestHashEqualNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "1": []string{"3"}, // a1 - "2": []string{"3"}, // a2 - "3": []string{"1", "2"}, // hashequal + "1": {"3"}, // a1 + "2": {"3"}, // a2 + "3": {"1", "2"}, // hashequal }, }, { @@ -773,11 +773,11 @@ func TestHashEqualNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "1": []string{"4", "5"}, // a1 - "2": []string{"4"}, // a2 - "3": []string{"5"}, // a3 - "4": []string{"1", "2"}, // hashequal 1 - "5": []string{"1", "3"}, // hashequal 2 + "1": {"4", "5"}, // a1 + "2": {"4"}, // a2 + "3": {"5"}, // a3 + "4": {"1", "2"}, // hashequal 1 + "5": {"1", "3"}, // hashequal 2 }, }, } diff --git a/pkg/assembler/backends/inmem/isDependency_test.go b/pkg/assembler/backends/inmem/isDependency_test.go index bd1b8e6321..109f842bc8 100644 --- a/pkg/assembler/backends/inmem/isDependency_test.go +++ b/pkg/assembler/backends/inmem/isDependency_test.go @@ -17,6 +17,7 @@ package inmem_test import ( "context" + "slices" "strings" "testing" @@ -24,7 +25,6 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) var ( @@ -675,7 +675,6 @@ func TestIsDependencies(t *testing.T) { t.Errorf("Unexpected results. (-want +got):\n%s", diff) } } - }) } } @@ -705,10 +704,10 @@ func TestIsDependencyNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "3": []string{"1", "1", "1", "6"}, // p1/p2 name - "4": []string{"1", "6"}, // p1 version - "5": []string{"1"}, // p2 version - "6": []string{"1", "1"}, // isDep + "3": {"1", "1", "1", "6"}, // p1/p2 name + "4": {"1", "6"}, // p1 version + "5": {"1"}, // p2 version + "6": {"1", "1"}, // isDep }, }, { @@ -733,12 +732,12 @@ func TestIsDependencyNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "3": []string{"1", "1", "1"}, // p1/p2 name, 1 up, 2 down - "4": []string{"1", "10"}, // p1 version, 1 up, isdep - "5": []string{"1", "11"}, // p2 version, 1 up, isdep - "8": []string{"6", "6", "10", "11"}, // p4 name, 1 up, 1 down, 2 isdeps - "10": []string{"1", "6"}, // isdep 1 - "11": []string{"1", "6"}, // isdep 2 + "3": {"1", "1", "1"}, // p1/p2 name, 1 up, 2 down + "4": {"1", "10"}, // p1 version, 1 up, isdep + "5": {"1", "11"}, // p2 version, 1 up, isdep + "8": {"6", "6", "10", "11"}, // p4 name, 1 up, 1 down, 2 isdeps + "10": {"1", "6"}, // isdep 1 + "11": {"1", "6"}, // isdep 2 }, }, } diff --git a/pkg/assembler/backends/inmem/isOccurrence_test.go b/pkg/assembler/backends/inmem/isOccurrence_test.go index 23ac7e74a1..b5400b62db 100644 --- a/pkg/assembler/backends/inmem/isOccurrence_test.go +++ b/pkg/assembler/backends/inmem/isOccurrence_test.go @@ -17,17 +17,15 @@ package inmem_test import ( "context" + "slices" "strings" "testing" - jsoniter "github.com/json-iterator/go" - "github.com/google/go-cmp/cmp" - "golang.org/x/exp/slices" - "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" + jsoniter "github.com/json-iterator/go" ) var json = jsoniter.ConfigCompatibleWithStandardLibrary @@ -58,6 +56,7 @@ var a1 = &model.ArtifactInputSpec{ Algorithm: "sha256", Digest: "6bbb0da1891646e58eb3e6a63af3a6fc3c8eb5a0d44824cba581d2e14a0450cf", } + var a1out = &model.Artifact{ Algorithm: "sha256", Digest: "6bbb0da1891646e58eb3e6a63af3a6fc3c8eb5a0d44824cba581d2e14a0450cf", @@ -67,6 +66,7 @@ var a2 = &model.ArtifactInputSpec{ Algorithm: "sha1", Digest: "7A8F47318E4676DACB0142AFA0B83029CD7BEFD9", } + var a2out = &model.Artifact{ Algorithm: "sha1", Digest: "7a8f47318e4676dacb0142afa0b83029cd7befd9", @@ -76,6 +76,7 @@ var a3 = &model.ArtifactInputSpec{ Algorithm: "sha512", Digest: "374AB8F711235830769AA5F0B31CE9B72C5670074B34CB302CDAFE3B606233EE92EE01E298E5701F15CC7087714CD9ABD7DDB838A6E1206B3642DE16D9FC9DD7", } + var a3out = &model.Artifact{ Algorithm: "sha512", Digest: "374ab8f711235830769aa5f0b31ce9b72c5670074b34cb302cdafe3b606233ee92ee01e298e5701f15cc7087714cd9abd7ddb838a6e1206b3642de16d9fc9dd7", @@ -90,6 +91,7 @@ var p1 = &model.PkgInputSpec{ Type: "pypi", Name: "tensorflow", } + var p1out = &model.Package{ Type: "pypi", Namespaces: []*model.PackageNamespace{{ @@ -102,6 +104,7 @@ var p1out = &model.Package{ }}, }}, } + var p1outName = &model.Package{ Type: "pypi", Namespaces: []*model.PackageNamespace{{ @@ -117,6 +120,7 @@ var p2 = &model.PkgInputSpec{ Name: "tensorflow", Version: ptrfrom.String("2.11.1"), } + var p2out = &model.Package{ Type: "pypi", Namespaces: []*model.PackageNamespace{{ @@ -129,6 +133,7 @@ var p2out = &model.Package{ }}, }}, } + var p2outName = &model.Package{ Type: "pypi", Namespaces: []*model.PackageNamespace{{ @@ -145,6 +150,7 @@ var p3 = &model.PkgInputSpec{ Version: ptrfrom.String("2.11.1"), Subpath: ptrfrom.String("saved_model_cli.py"), } + var p3out = &model.Package{ Type: "pypi", Namespaces: []*model.PackageNamespace{{ @@ -165,6 +171,7 @@ var p4 = &model.PkgInputSpec{ Name: "openssl", Version: ptrfrom.String("3.0.3"), } + var p4out = &model.Package{ Type: "conan", Namespaces: []*model.PackageNamespace{{ @@ -178,6 +185,7 @@ var p4out = &model.Package{ }}, }}, } + var p4outName = &model.Package{ Type: "conan", Namespaces: []*model.PackageNamespace{{ @@ -194,6 +202,7 @@ var s1 = &model.SourceInputSpec{ Namespace: "github.com/jeff", Name: "myrepo", } + var s1out = &model.Source{ Type: "git", Namespaces: []*model.SourceNamespace{{ @@ -211,6 +220,7 @@ var s2 = &model.SourceInputSpec{ Namespace: "github.com/bob", Name: "bobsrepo", } + var s2out = &model.Source{ Type: "git", Namespaces: []*model.SourceNamespace{{ @@ -245,7 +255,7 @@ func TestOccurrence(t *testing.T) { InPkg: []*model.PkgInputSpec{p1}, InArt: []*model.ArtifactInputSpec{a1}, Calls: []call{ - call{ + { PkgSrc: model.PackageOrSourceInput{ Package: p1, }, @@ -259,7 +269,7 @@ func TestOccurrence(t *testing.T) { Justification: ptrfrom.String("test justification"), }, ExpOcc: []*model.IsOccurrence{ - &model.IsOccurrence{ + { Subject: p1out, Artifact: a1out, Justification: "test justification", @@ -271,7 +281,7 @@ func TestOccurrence(t *testing.T) { InPkg: []*model.PkgInputSpec{p1}, InArt: []*model.ArtifactInputSpec{a1}, Calls: []call{ - call{ + { PkgSrc: model.PackageOrSourceInput{ Package: p1, }, @@ -280,7 +290,7 @@ func TestOccurrence(t *testing.T) { Justification: "test justification", }, }, - call{ + { PkgSrc: model.PackageOrSourceInput{ Package: p1, }, @@ -294,7 +304,7 @@ func TestOccurrence(t *testing.T) { Justification: ptrfrom.String("test justification"), }, ExpOcc: []*model.IsOccurrence{ - &model.IsOccurrence{ + { Subject: p1out, Artifact: a1out, Justification: "test justification", @@ -306,7 +316,7 @@ func TestOccurrence(t *testing.T) { InPkg: []*model.PkgInputSpec{p1}, InArt: []*model.ArtifactInputSpec{a1}, Calls: []call{ - call{ + { PkgSrc: model.PackageOrSourceInput{ Package: p1, }, @@ -315,7 +325,7 @@ func TestOccurrence(t *testing.T) { Justification: "justification one", }, }, - call{ + { PkgSrc: model.PackageOrSourceInput{ Package: p1, }, @@ -329,7 +339,7 @@ func TestOccurrence(t *testing.T) { Justification: ptrfrom.String("justification one"), }, ExpOcc: []*model.IsOccurrence{ - &model.IsOccurrence{ + { Subject: p1out, Artifact: a1out, Justification: "justification one", @@ -341,7 +351,7 @@ func TestOccurrence(t *testing.T) { InPkg: []*model.PkgInputSpec{p1}, InArt: []*model.ArtifactInputSpec{a1, a2}, Calls: []call{ - call{ + { PkgSrc: model.PackageOrSourceInput{ Package: p1, }, @@ -350,7 +360,7 @@ func TestOccurrence(t *testing.T) { Justification: "justification", }, }, - call{ + { PkgSrc: model.PackageOrSourceInput{ Package: p1, }, @@ -366,7 +376,7 @@ func TestOccurrence(t *testing.T) { }, }, ExpOcc: []*model.IsOccurrence{ - &model.IsOccurrence{ + { Subject: p1out, Artifact: a1out, Justification: "justification", @@ -378,7 +388,7 @@ func TestOccurrence(t *testing.T) { InPkg: []*model.PkgInputSpec{p1, p2}, InArt: []*model.ArtifactInputSpec{a1}, Calls: []call{ - call{ + { PkgSrc: model.PackageOrSourceInput{ Package: p1, }, @@ -387,7 +397,7 @@ func TestOccurrence(t *testing.T) { Justification: "justification", }, }, - call{ + { PkgSrc: model.PackageOrSourceInput{ Package: p2, }, @@ -405,7 +415,7 @@ func TestOccurrence(t *testing.T) { }, }, ExpOcc: []*model.IsOccurrence{ - &model.IsOccurrence{ + { Subject: p1out, Artifact: a1out, Justification: "justification", @@ -418,7 +428,7 @@ func TestOccurrence(t *testing.T) { InSrc: []*model.SourceInputSpec{s1}, InArt: []*model.ArtifactInputSpec{a1}, Calls: []call{ - call{ + { PkgSrc: model.PackageOrSourceInput{ Package: p1, }, @@ -427,7 +437,7 @@ func TestOccurrence(t *testing.T) { Justification: "justification", }, }, - call{ + { PkgSrc: model.PackageOrSourceInput{ Source: s1, }, @@ -443,7 +453,7 @@ func TestOccurrence(t *testing.T) { }, }, ExpOcc: []*model.IsOccurrence{ - &model.IsOccurrence{ + { Subject: s1out, Artifact: a1out, Justification: "justification", @@ -455,7 +465,7 @@ func TestOccurrence(t *testing.T) { InPkg: []*model.PkgInputSpec{p1}, InArt: []*model.ArtifactInputSpec{a1}, Calls: []call{ - call{ + { PkgSrc: model.PackageOrSourceInput{ Package: p1, }, @@ -475,7 +485,7 @@ func TestOccurrence(t *testing.T) { InPkg: []*model.PkgInputSpec{p1}, InArt: []*model.ArtifactInputSpec{a1, a2}, Calls: []call{ - call{ + { PkgSrc: model.PackageOrSourceInput{ Package: p1, }, @@ -484,7 +494,7 @@ func TestOccurrence(t *testing.T) { Justification: "test justification", }, }, - call{ + { PkgSrc: model.PackageOrSourceInput{ Package: p1, }, @@ -496,12 +506,12 @@ func TestOccurrence(t *testing.T) { }, Query: &model.IsOccurrenceSpec{}, ExpOcc: []*model.IsOccurrence{ - &model.IsOccurrence{ + { Subject: p1out, Artifact: a1out, Justification: "test justification", }, - &model.IsOccurrence{ + { Subject: p1out, Artifact: a2out, Justification: "test justification", @@ -513,7 +523,7 @@ func TestOccurrence(t *testing.T) { InPkg: []*model.PkgInputSpec{}, InArt: []*model.ArtifactInputSpec{a1}, Calls: []call{ - call{ + { PkgSrc: model.PackageOrSourceInput{ Package: p1, }, @@ -530,7 +540,7 @@ func TestOccurrence(t *testing.T) { InPkg: []*model.PkgInputSpec{p1}, InArt: []*model.ArtifactInputSpec{a1}, Calls: []call{ - call{ + { PkgSrc: model.PackageOrSourceInput{ Package: p1, }, @@ -614,7 +624,7 @@ func TestIngestOccurrences(t *testing.T) { InPkg: []*model.PkgInputSpec{p1, p2}, InArt: []*model.ArtifactInputSpec{a1, a2}, Calls: []call{ - call{ + { PkgSrcs: model.PackageOrSourceInputs{ Packages: []*model.PkgInputSpec{p1, p2}, }, @@ -627,11 +637,11 @@ func TestIngestOccurrences(t *testing.T) { }, }, ExpOcc: []*model.IsOccurrence{ - &model.IsOccurrence{ + { Subject: p1out, Artifact: a1out, Justification: "test justification", - }, &model.IsOccurrence{ + }, { Subject: p2out, Artifact: a2out, Justification: "test justification", @@ -642,7 +652,7 @@ func TestIngestOccurrences(t *testing.T) { InSrc: []*model.SourceInputSpec{s1}, InArt: []*model.ArtifactInputSpec{a1}, Calls: []call{ - call{ + { PkgSrcs: model.PackageOrSourceInputs{ Sources: []*model.SourceInputSpec{s1}, }, @@ -720,7 +730,7 @@ func TestOccurrenceNeighbors(t *testing.T) { InPkg: []*model.PkgInputSpec{p1}, InArt: []*model.ArtifactInputSpec{a1}, Calls: []call{ - call{ + { PkgSrc: model.PackageOrSourceInput{ Package: p1, }, @@ -731,12 +741,12 @@ func TestOccurrenceNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "1": []string{"1"}, - "2": []string{"1", "1"}, - "3": []string{"1", "1"}, - "4": []string{"1", "6"}, // pkg version - "5": []string{"6"}, // artifact - "6": []string{"1", "5"}, // isOccurence + "1": {"1"}, + "2": {"1", "1"}, + "3": {"1", "1"}, + "4": {"1", "6"}, // pkg version + "5": {"6"}, // artifact + "6": {"1", "5"}, // isOccurence }, }, { @@ -744,7 +754,7 @@ func TestOccurrenceNeighbors(t *testing.T) { InPkg: []*model.PkgInputSpec{p1}, InArt: []*model.ArtifactInputSpec{a1, a2}, Calls: []call{ - call{ + { PkgSrc: model.PackageOrSourceInput{ Package: p1, }, @@ -753,7 +763,7 @@ func TestOccurrenceNeighbors(t *testing.T) { Justification: "test justification", }, }, - call{ + { PkgSrc: model.PackageOrSourceInput{ Package: p1, }, @@ -764,11 +774,11 @@ func TestOccurrenceNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "4": []string{"1", "7", "8"}, // pkg version - "5": []string{"7"}, // artifact1 - "6": []string{"8"}, // artifact2 - "7": []string{"1", "5"}, // isOccurence 1 - "8": []string{"1", "6"}, // isOccurence 2 + "4": {"1", "7", "8"}, // pkg version + "5": {"7"}, // artifact1 + "6": {"8"}, // artifact2 + "7": {"1", "5"}, // isOccurence 1 + "8": {"1", "6"}, // isOccurence 2 }, }, } diff --git a/pkg/assembler/backends/inmem/license_test.go b/pkg/assembler/backends/inmem/license_test.go index 1ad3f16a5d..44824ab143 100644 --- a/pkg/assembler/backends/inmem/license_test.go +++ b/pkg/assembler/backends/inmem/license_test.go @@ -17,6 +17,7 @@ package inmem_test import ( "context" + "slices" "strings" "testing" @@ -24,29 +25,33 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) var l1 = &model.LicenseInputSpec{ Name: "BSD-3-Clause", ListVersion: ptrfrom.String("3.21 2023-06-18"), } + var l1out = &model.License{ Name: "BSD-3-Clause", ListVersion: ptrfrom.String("3.21 2023-06-18"), } + var l2 = &model.LicenseInputSpec{ Name: "GPL-2.0-or-later", ListVersion: ptrfrom.String("3.21 2023-06-18"), } + var l2out = &model.License{ Name: "GPL-2.0-or-later", ListVersion: ptrfrom.String("3.21 2023-06-18"), } + var l3 = &model.LicenseInputSpec{ Name: "MPL-2.0", ListVersion: ptrfrom.String("1.23 2020"), } + var l3out = &model.License{ Name: "MPL-2.0", ListVersion: ptrfrom.String("1.23 2020"), @@ -64,6 +69,7 @@ var l4 = &model.LicenseInputSpec{ Name: "LicenseRef-d58b4101", Inline: &inlineLicense, } + var l4out = &model.License{ Name: "LicenseRef-d58b4101", Inline: &inlineLicense, diff --git a/pkg/assembler/backends/inmem/pkgEqual.go b/pkg/assembler/backends/inmem/pkgEqual.go index ab7227096f..26f377e0dd 100644 --- a/pkg/assembler/backends/inmem/pkgEqual.go +++ b/pkg/assembler/backends/inmem/pkgEqual.go @@ -17,22 +17,23 @@ package inmem import ( "context" + "slices" "strconv" - "github.com/vektah/gqlparser/v2/gqlerror" - "golang.org/x/exp/slices" - "github.com/guacsec/guac/pkg/assembler/graphql/model" + "github.com/vektah/gqlparser/v2/gqlerror" ) -type pkgEqualList []*pkgEqualStruct -type pkgEqualStruct struct { - id uint32 - pkgs []uint32 - justification string - origin string - collector string -} +type ( + pkgEqualList []*pkgEqualStruct + pkgEqualStruct struct { + id uint32 + pkgs []uint32 + justification string + origin string + collector string + } +) func (n *pkgEqualStruct) ID() uint32 { return n.id } @@ -201,8 +202,8 @@ func (c *demoClient) PkgEqual(ctx context.Context, filter *model.PkgEqualSpec) ( func (c *demoClient) addCPIfMatch(out []*model.PkgEqual, filter *model.PkgEqualSpec, link *pkgEqualStruct) ( - []*model.PkgEqual, error) { - + []*model.PkgEqual, error, +) { if noMatch(filter.Justification, link.justification) || noMatch(filter.Origin, link.origin) || noMatch(filter.Collector, link.collector) { diff --git a/pkg/assembler/backends/inmem/pkgEqual_test.go b/pkg/assembler/backends/inmem/pkgEqual_test.go index 91f2dd3d75..4fbd5b2c94 100644 --- a/pkg/assembler/backends/inmem/pkgEqual_test.go +++ b/pkg/assembler/backends/inmem/pkgEqual_test.go @@ -17,6 +17,7 @@ package inmem_test import ( "context" + "slices" "strings" "testing" @@ -24,7 +25,6 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) func TestPkgEqual(t *testing.T) { @@ -689,9 +689,9 @@ func TestPkgEqualNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "4": []string{"1", "6"}, // p1 - "5": []string{"1", "6"}, // p2 - "6": []string{"1", "1"}, // pkgequal + "4": {"1", "6"}, // p1 + "5": {"1", "6"}, // p2 + "6": {"1", "1"}, // pkgequal }, }, { @@ -714,11 +714,11 @@ func TestPkgEqualNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "4": []string{"1", "7", "8"}, // p1 - "5": []string{"1", "7"}, // p2 - "6": []string{"1", "8"}, // p3 - "7": []string{"1", "1"}, // pkgequal 1 - "8": []string{"1", "1"}, // pkgequal 2 + "4": {"1", "7", "8"}, // p1 + "5": {"1", "7"}, // p2 + "6": {"1", "8"}, // p3 + "7": {"1", "1"}, // pkgequal 1 + "8": {"1", "1"}, // pkgequal 2 }, }, } diff --git a/pkg/assembler/backends/inmem/pointOfContact_test.go b/pkg/assembler/backends/inmem/pointOfContact_test.go index 7e678dd09e..8bf6bf2514 100644 --- a/pkg/assembler/backends/inmem/pointOfContact_test.go +++ b/pkg/assembler/backends/inmem/pointOfContact_test.go @@ -17,6 +17,7 @@ package inmem_test import ( "context" + "slices" "strings" "testing" "time" @@ -25,7 +26,6 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) func TestPointOfContact(t *testing.T) { diff --git a/pkg/assembler/backends/inmem/vulnEqual.go b/pkg/assembler/backends/inmem/vulnEqual.go index 6481dcd3ff..1b1f51480b 100644 --- a/pkg/assembler/backends/inmem/vulnEqual.go +++ b/pkg/assembler/backends/inmem/vulnEqual.go @@ -17,23 +17,24 @@ package inmem import ( "context" + "slices" "strconv" - "github.com/vektah/gqlparser/v2/gqlerror" - "golang.org/x/exp/slices" - "github.com/guacsec/guac/pkg/assembler/graphql/model" + "github.com/vektah/gqlparser/v2/gqlerror" ) // Internal data: link between equal vulnerabilities (vulnEqual) -type vulnerabilityEqualList []*vulnerabilityEqualLink -type vulnerabilityEqualLink struct { - id uint32 - vulnerabilities []uint32 - justification string - origin string - collector string -} +type ( + vulnerabilityEqualList []*vulnerabilityEqualLink + vulnerabilityEqualLink struct { + id uint32 + vulnerabilities []uint32 + justification string + origin string + collector string + } +) func (n *vulnerabilityEqualLink) ID() uint32 { return n.id } @@ -207,8 +208,8 @@ func (c *demoClient) VulnEqual(ctx context.Context, filter *model.VulnEqualSpec) func (c *demoClient) addVulnIfMatch(out []*model.VulnEqual, filter *model.VulnEqualSpec, link *vulnerabilityEqualLink) ( - []*model.VulnEqual, error) { - + []*model.VulnEqual, error, +) { if noMatch(filter.Justification, link.justification) || noMatch(filter.Origin, link.origin) || noMatch(filter.Collector, link.collector) { diff --git a/pkg/assembler/backends/inmem/vulnEqual_test.go b/pkg/assembler/backends/inmem/vulnEqual_test.go index 07b4006f18..629ed1e8aa 100644 --- a/pkg/assembler/backends/inmem/vulnEqual_test.go +++ b/pkg/assembler/backends/inmem/vulnEqual_test.go @@ -17,6 +17,7 @@ package inmem_test import ( "context" + "slices" "strings" "testing" @@ -24,7 +25,6 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) func TestVulnEqual(t *testing.T) { @@ -46,7 +46,7 @@ func TestVulnEqual(t *testing.T) { Name: "HappyPath", InVuln: []*model.VulnerabilityInputSpec{o1, c1}, Calls: []call{ - call{ + { Vuln: o1, OtherVuln: c1, In: &model.VulnEqualInputSpec{ @@ -58,13 +58,13 @@ func TestVulnEqual(t *testing.T) { Justification: ptrfrom.String("test justification"), }, ExpVulnEqual: []*model.VulnEqual{ - &model.VulnEqual{ + { Vulnerabilities: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "osv", VulnerabilityIDs: []*model.VulnerabilityID{o1out}, }, - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c1out}, }, @@ -77,14 +77,14 @@ func TestVulnEqual(t *testing.T) { Name: "Igest same twice", InVuln: []*model.VulnerabilityInputSpec{o1, c1}, Calls: []call{ - call{ + { Vuln: o1, OtherVuln: c1, In: &model.VulnEqualInputSpec{ Justification: "test justification", }, }, - call{ + { Vuln: o1, OtherVuln: c1, In: &model.VulnEqualInputSpec{ @@ -96,13 +96,13 @@ func TestVulnEqual(t *testing.T) { Justification: ptrfrom.String("test justification"), }, ExpVulnEqual: []*model.VulnEqual{ - &model.VulnEqual{ + { Vulnerabilities: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "osv", VulnerabilityIDs: []*model.VulnerabilityID{o1out}, }, - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c1out}, }, @@ -115,14 +115,14 @@ func TestVulnEqual(t *testing.T) { Name: "Query on Justification", InVuln: []*model.VulnerabilityInputSpec{o1, c1}, Calls: []call{ - call{ + { Vuln: o1, OtherVuln: c1, In: &model.VulnEqualInputSpec{ Justification: "test justification", }, }, - call{ + { Vuln: o1, OtherVuln: c1, In: &model.VulnEqualInputSpec{ @@ -134,13 +134,13 @@ func TestVulnEqual(t *testing.T) { Justification: ptrfrom.String("test justification"), }, ExpVulnEqual: []*model.VulnEqual{ - &model.VulnEqual{ + { Vulnerabilities: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "osv", VulnerabilityIDs: []*model.VulnerabilityID{o1out}, }, - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c1out}, }, @@ -153,14 +153,14 @@ func TestVulnEqual(t *testing.T) { Name: "Query on OSV", InVuln: []*model.VulnerabilityInputSpec{o1, o2, c1}, Calls: []call{ - call{ + { Vuln: o1, OtherVuln: c1, In: &model.VulnEqualInputSpec{ Justification: "test justification", }, }, - call{ + { Vuln: o2, OtherVuln: c1, In: &model.VulnEqualInputSpec{ @@ -176,13 +176,13 @@ func TestVulnEqual(t *testing.T) { }, }, ExpVulnEqual: []*model.VulnEqual{ - &model.VulnEqual{ + { Vulnerabilities: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "osv", VulnerabilityIDs: []*model.VulnerabilityID{o2out}, }, - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c1out}, }, @@ -195,21 +195,21 @@ func TestVulnEqual(t *testing.T) { Name: "Query on GHSA", InVuln: []*model.VulnerabilityInputSpec{o1, c1, c2, g1}, Calls: []call{ - call{ + { Vuln: o1, OtherVuln: c1, In: &model.VulnEqualInputSpec{ Justification: "test justification", }, }, - call{ + { Vuln: o1, OtherVuln: c2, In: &model.VulnEqualInputSpec{ Justification: "test justification", }, }, - call{ + { Vuln: o1, OtherVuln: g1, In: &model.VulnEqualInputSpec{ @@ -225,13 +225,13 @@ func TestVulnEqual(t *testing.T) { }, }, ExpVulnEqual: []*model.VulnEqual{ - &model.VulnEqual{ + { Vulnerabilities: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "osv", VulnerabilityIDs: []*model.VulnerabilityID{o1out}, }, - &model.Vulnerability{ + { Type: "ghsa", VulnerabilityIDs: []*model.VulnerabilityID{g1out}, }, @@ -244,21 +244,21 @@ func TestVulnEqual(t *testing.T) { Name: "Query none", InVuln: []*model.VulnerabilityInputSpec{o1, c1, c2, g1}, Calls: []call{ - call{ + { Vuln: o1, OtherVuln: c1, In: &model.VulnEqualInputSpec{ Justification: "test justification", }, }, - call{ + { Vuln: o1, OtherVuln: c2, In: &model.VulnEqualInputSpec{ Justification: "test justification", }, }, - call{ + { Vuln: o1, OtherVuln: g1, In: &model.VulnEqualInputSpec{ @@ -279,21 +279,21 @@ func TestVulnEqual(t *testing.T) { Name: "Query multiple", InVuln: []*model.VulnerabilityInputSpec{o1, c1, c2, g1}, Calls: []call{ - call{ + { Vuln: o1, OtherVuln: c1, In: &model.VulnEqualInputSpec{ Justification: "test justification", }, }, - call{ + { Vuln: o1, OtherVuln: c2, In: &model.VulnEqualInputSpec{ Justification: "test justification", }, }, - call{ + { Vuln: o1, OtherVuln: g1, In: &model.VulnEqualInputSpec{ @@ -309,26 +309,26 @@ func TestVulnEqual(t *testing.T) { }, }, ExpVulnEqual: []*model.VulnEqual{ - &model.VulnEqual{ + { Vulnerabilities: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "osv", VulnerabilityIDs: []*model.VulnerabilityID{o1out}, }, - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c1out}, }, }, Justification: "test justification", }, - &model.VulnEqual{ + { Vulnerabilities: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "osv", VulnerabilityIDs: []*model.VulnerabilityID{o1out}, }, - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c2out}, }, @@ -341,21 +341,21 @@ func TestVulnEqual(t *testing.T) { Name: "Query ID", InVuln: []*model.VulnerabilityInputSpec{o1, c1, c2, g1}, Calls: []call{ - call{ + { Vuln: o1, OtherVuln: c1, In: &model.VulnEqualInputSpec{ Justification: "test justification", }, }, - call{ + { Vuln: o1, OtherVuln: c2, In: &model.VulnEqualInputSpec{ Justification: "test justification", }, }, - call{ + { Vuln: o1, OtherVuln: g1, In: &model.VulnEqualInputSpec{ @@ -367,13 +367,13 @@ func TestVulnEqual(t *testing.T) { ID: ptrfrom.String("8"), }, ExpVulnEqual: []*model.VulnEqual{ - &model.VulnEqual{ + { Vulnerabilities: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "osv", VulnerabilityIDs: []*model.VulnerabilityID{o1out}, }, - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c1out}, }, @@ -386,21 +386,21 @@ func TestVulnEqual(t *testing.T) { Name: "Query ID not found", InVuln: []*model.VulnerabilityInputSpec{o1, c1, c2, g1}, Calls: []call{ - call{ + { Vuln: o1, OtherVuln: c1, In: &model.VulnEqualInputSpec{ Justification: "test justification", }, }, - call{ + { Vuln: o1, OtherVuln: c2, In: &model.VulnEqualInputSpec{ Justification: "test justification", }, }, - call{ + { Vuln: o1, OtherVuln: g1, In: &model.VulnEqualInputSpec{ @@ -489,7 +489,7 @@ func TestIngestVulnEquals(t *testing.T) { Name: "HappyPath", InVuln: []*model.VulnerabilityInputSpec{o1, c1, o1, c2}, Calls: []call{ - call{ + { Vulns: []*model.VulnerabilityInputSpec{o1, o1}, OtherVulns: []*model.VulnerabilityInputSpec{c1, c2}, Ins: []*model.VulnEqualInputSpec{ @@ -506,26 +506,26 @@ func TestIngestVulnEquals(t *testing.T) { Justification: ptrfrom.String("test justification"), }, ExpVulnEqual: []*model.VulnEqual{ - &model.VulnEqual{ + { Vulnerabilities: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "osv", VulnerabilityIDs: []*model.VulnerabilityID{o1out}, }, - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c1out}, }, }, Justification: "test justification", }, - &model.VulnEqual{ + { Vulnerabilities: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "osv", VulnerabilityIDs: []*model.VulnerabilityID{o1out}, }, - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c2out}, }, @@ -538,7 +538,7 @@ func TestIngestVulnEquals(t *testing.T) { Name: "Ingest same twice", InVuln: []*model.VulnerabilityInputSpec{o1, c1, o1, c1}, Calls: []call{ - call{ + { Vulns: []*model.VulnerabilityInputSpec{o1, o1}, OtherVulns: []*model.VulnerabilityInputSpec{c1, c1}, Ins: []*model.VulnEqualInputSpec{ @@ -555,13 +555,13 @@ func TestIngestVulnEquals(t *testing.T) { Justification: ptrfrom.String("test justification"), }, ExpVulnEqual: []*model.VulnEqual{ - &model.VulnEqual{ + { Vulnerabilities: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "osv", VulnerabilityIDs: []*model.VulnerabilityID{o1out}, }, - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c1out}, }, @@ -575,7 +575,7 @@ func TestIngestVulnEquals(t *testing.T) { Name: "Query on OSV", InVuln: []*model.VulnerabilityInputSpec{o1, c1, o2, g2}, Calls: []call{ - call{ + { Vulns: []*model.VulnerabilityInputSpec{o1, o2}, OtherVulns: []*model.VulnerabilityInputSpec{c1, g2}, Ins: []*model.VulnEqualInputSpec{ @@ -596,13 +596,13 @@ func TestIngestVulnEquals(t *testing.T) { }, }, ExpVulnEqual: []*model.VulnEqual{ - &model.VulnEqual{ + { Vulnerabilities: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "osv", VulnerabilityIDs: []*model.VulnerabilityID{o2out}, }, - &model.Vulnerability{ + { Type: "ghsa", VulnerabilityIDs: []*model.VulnerabilityID{g2out}, }, @@ -664,7 +664,7 @@ func TestVulnerabilityEqualNeighbors(t *testing.T) { Name: "HappyPath", InVuln: []*model.VulnerabilityInputSpec{o1, c1}, Calls: []call{ - call{ + { Vuln: o1, OtherVuln: c1, In: &model.VulnEqualInputSpec{ @@ -673,23 +673,23 @@ func TestVulnerabilityEqualNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "2": []string{"1", "5"}, // osv to isVuln - "4": []string{"3", "5"}, // cve to isVuln - "5": []string{"1", "3"}, // isVuln to osv and cve + "2": {"1", "5"}, // osv to isVuln + "4": {"3", "5"}, // cve to isVuln + "5": {"1", "3"}, // isVuln to osv and cve }, }, { Name: "Two IsVuln", InVuln: []*model.VulnerabilityInputSpec{o1, c1, g1}, Calls: []call{ - call{ + { Vuln: o1, OtherVuln: c1, In: &model.VulnEqualInputSpec{ Justification: "test justification", }, }, - call{ + { Vuln: o1, OtherVuln: g1, In: &model.VulnEqualInputSpec{ @@ -698,11 +698,11 @@ func TestVulnerabilityEqualNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "2": []string{"1", "7", "8"}, // osv to both isVuln - "4": []string{"3", "7"}, - "6": []string{"5", "8"}, - "7": []string{"1", "3"}, - "8": []string{"1", "5"}, + "2": {"1", "7", "8"}, // osv to both isVuln + "4": {"3", "7"}, + "6": {"5", "8"}, + "7": {"1", "3"}, + "8": {"1", "5"}, }, }, } diff --git a/pkg/assembler/backends/inmem/vulnMetadata_test.go b/pkg/assembler/backends/inmem/vulnMetadata_test.go index 0f9cec6483..5762c0b4ee 100644 --- a/pkg/assembler/backends/inmem/vulnMetadata_test.go +++ b/pkg/assembler/backends/inmem/vulnMetadata_test.go @@ -17,6 +17,7 @@ package inmem_test import ( "context" + "slices" "strconv" "strings" "testing" @@ -25,14 +26,15 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) -var greater model.Comparator = model.ComparatorGreater -var greaterEqual model.Comparator = model.ComparatorGreaterEqual -var less model.Comparator = model.ComparatorLess -var lessEqual model.Comparator = model.ComparatorLessEqual -var equal model.Comparator = model.ComparatorEqual +var ( + greater model.Comparator = model.ComparatorGreater + greaterEqual model.Comparator = model.ComparatorGreaterEqual + less model.Comparator = model.ComparatorLess + lessEqual model.Comparator = model.ComparatorLessEqual + equal model.Comparator = model.ComparatorEqual +) var cvss2ScoreType model.VulnerabilityScoreType = model.VulnerabilityScoreTypeCVSSv2 @@ -1133,7 +1135,7 @@ func TestVulnMetadataNeighbors(t *testing.T) { Name: "HappyPath", InVuln: []*model.VulnerabilityInputSpec{o1}, Calls: []call{ - call{ + { Vuln: o1, VulnMetadata: &model.VulnerabilityMetadataInputSpec{ ScoreType: model.VulnerabilityScoreTypeCVSSv3, @@ -1145,15 +1147,15 @@ func TestVulnMetadataNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "2": []string{"1", "3"}, // Vuln -> vunType, vulnMeta1 - "3": []string{"1"}, // vulnMeta1 -> vuln + "2": {"1", "3"}, // Vuln -> vunType, vulnMeta1 + "3": {"1"}, // vulnMeta1 -> vuln }, }, { Name: "Two vuln metadata on same vulnerability", InVuln: []*model.VulnerabilityInputSpec{o1}, Calls: []call{ - call{ + { Vuln: o1, VulnMetadata: &model.VulnerabilityMetadataInputSpec{ ScoreType: model.VulnerabilityScoreTypeCVSSv3, @@ -1163,7 +1165,7 @@ func TestVulnMetadataNeighbors(t *testing.T) { Origin: "test origin", }, }, - call{ + { Vuln: o1, VulnMetadata: &model.VulnerabilityMetadataInputSpec{ ScoreType: model.VulnerabilityScoreTypeCVSSv2, @@ -1175,9 +1177,9 @@ func TestVulnMetadataNeighbors(t *testing.T) { }, }, ExpNeighbors: map[string][]string{ - "2": []string{"1", "3", "4"}, // Vuln1 -> vunType, vulnMeta1 - "3": []string{"1"}, // vulnMeta1 -> vuln1 - "4": []string{"1"}, // vulnMeta2 -> vuln2 + "2": {"1", "3", "4"}, // Vuln1 -> vunType, vulnMeta1 + "3": {"1"}, // vulnMeta1 -> vuln1 + "4": {"1"}, // vulnMeta2 -> vuln2 }, }, } diff --git a/pkg/assembler/backends/inmem/vulnerability_test.go b/pkg/assembler/backends/inmem/vulnerability_test.go index f46cfa754d..35644ca51f 100644 --- a/pkg/assembler/backends/inmem/vulnerability_test.go +++ b/pkg/assembler/backends/inmem/vulnerability_test.go @@ -17,6 +17,7 @@ package inmem_test import ( "context" + "slices" "strings" "testing" @@ -24,13 +25,13 @@ import ( "github.com/guacsec/guac/internal/testing/ptrfrom" "github.com/guacsec/guac/pkg/assembler/backends" "github.com/guacsec/guac/pkg/assembler/graphql/model" - "golang.org/x/exp/slices" ) var c1 = &model.VulnerabilityInputSpec{ Type: "cve", VulnerabilityID: "CVE-2019-13110", } + var c1out = &model.VulnerabilityID{ VulnerabilityID: "cve-2019-13110", } @@ -39,6 +40,7 @@ var c2 = &model.VulnerabilityInputSpec{ Type: "cve", VulnerabilityID: "CVE-2014-8139", } + var c2out = &model.VulnerabilityID{ VulnerabilityID: "cve-2014-8139", } @@ -47,6 +49,7 @@ var c3 = &model.VulnerabilityInputSpec{ Type: "CVE", VulnerabilityID: "cVe-2014-8140", } + var c3out = &model.VulnerabilityID{ VulnerabilityID: "cve-2014-8140", } @@ -55,6 +58,7 @@ var g1 = &model.VulnerabilityInputSpec{ Type: "GHSA", VulnerabilityID: "GHSA-h45f-rjvw-2rv2", } + var g1out = &model.VulnerabilityID{ VulnerabilityID: "ghsa-h45f-rjvw-2rv2", } @@ -63,6 +67,7 @@ var g2 = &model.VulnerabilityInputSpec{ Type: "ghsa", VulnerabilityID: "GHSA-xrw3-wqph-3fxg", } + var g2out = &model.VulnerabilityID{ VulnerabilityID: "ghsa-xrw3-wqph-3fxg", } @@ -71,6 +76,7 @@ var g3 = &model.VulnerabilityInputSpec{ Type: "ghsa", VulnerabilityID: "GHSA-8v4j-7jgf-5rg9", } + var g3out = &model.VulnerabilityID{ VulnerabilityID: "ghsa-8v4j-7jgf-5rg9", } @@ -79,6 +85,7 @@ var o1 = &model.VulnerabilityInputSpec{ Type: "OSV", VulnerabilityID: "CVE-2014-8140", } + var o1out = &model.VulnerabilityID{ VulnerabilityID: "cve-2014-8140", } @@ -87,6 +94,7 @@ var o2 = &model.VulnerabilityInputSpec{ Type: "osv", VulnerabilityID: "CVE-2022-26499", } + var o2out = &model.VulnerabilityID{ VulnerabilityID: "cve-2022-26499", } @@ -95,6 +103,7 @@ var o3 = &model.VulnerabilityInputSpec{ Type: "osv", VulnerabilityID: "GHSA-h45f-rjvw-2rv2", } + var o3out = &model.VulnerabilityID{ VulnerabilityID: "ghsa-h45f-rjvw-2rv2", } @@ -103,6 +112,7 @@ var noVulnInput = &model.VulnerabilityInputSpec{ Type: "noVuln", VulnerabilityID: "", } + var noVulnOut = &model.VulnerabilityID{ VulnerabilityID: "", } @@ -126,7 +136,7 @@ func TestVulnerability(t *testing.T) { Ingests: []*model.VulnerabilityInputSpec{c1}, Query: &model.VulnerabilitySpec{}, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c1out}, }, @@ -137,7 +147,7 @@ func TestVulnerability(t *testing.T) { Ingests: []*model.VulnerabilityInputSpec{c1, c2}, Query: &model.VulnerabilitySpec{}, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c1out, c2out}, }, @@ -148,7 +158,7 @@ func TestVulnerability(t *testing.T) { Ingests: []*model.VulnerabilityInputSpec{c1, c1, c1}, Query: &model.VulnerabilitySpec{}, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c1out}, }, @@ -161,7 +171,7 @@ func TestVulnerability(t *testing.T) { Type: ptrfrom.String("cve"), }, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c1out, c2out, c3out}, }, @@ -174,7 +184,7 @@ func TestVulnerability(t *testing.T) { Type: ptrfrom.String("ghsa"), }, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "ghsa", VulnerabilityIDs: []*model.VulnerabilityID{g2out, g3out}, }, @@ -187,7 +197,7 @@ func TestVulnerability(t *testing.T) { Type: ptrfrom.String("osv"), }, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "osv", VulnerabilityIDs: []*model.VulnerabilityID{o1out, o2out, o3out}, }, @@ -200,7 +210,7 @@ func TestVulnerability(t *testing.T) { Type: ptrfrom.String("noVuln"), }, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "novuln", VulnerabilityIDs: []*model.VulnerabilityID{noVulnOut}, }, @@ -213,7 +223,7 @@ func TestVulnerability(t *testing.T) { NoVuln: ptrfrom.Bool(true), }, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "novuln", VulnerabilityIDs: []*model.VulnerabilityID{noVulnOut}, }, @@ -226,7 +236,7 @@ func TestVulnerability(t *testing.T) { VulnerabilityID: ptrfrom.String("CVE-2014-8140"), }, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c3out}, }, @@ -239,7 +249,7 @@ func TestVulnerability(t *testing.T) { Type: ptrfrom.String("noVuln"), }, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "novuln", VulnerabilityIDs: []*model.VulnerabilityID{noVulnOut}, }, @@ -252,7 +262,7 @@ func TestVulnerability(t *testing.T) { ID: ptrfrom.String("2"), }, Exp: []*model.Vulnerability{ - &model.Vulnerability{ + { Type: "cve", VulnerabilityIDs: []*model.VulnerabilityID{c1out}, }, diff --git a/pkg/ingestor/parser/common/license.go b/pkg/ingestor/parser/common/license.go index b63f80b121..f00289092a 100644 --- a/pkg/ingestor/parser/common/license.go +++ b/pkg/ingestor/parser/common/license.go @@ -18,10 +18,10 @@ package common import ( "fmt" "hash/fnv" + "slices" "strings" "github.com/guacsec/guac/pkg/assembler/clients/generated" - "golang.org/x/exp/slices" ) var ignore = []string{ diff --git a/pkg/ingestor/parser/spdx/parse_spdx.go b/pkg/ingestor/parser/spdx/parse_spdx.go index a7479d7b08..fcc749ae55 100644 --- a/pkg/ingestor/parser/spdx/parse_spdx.go +++ b/pkg/ingestor/parser/spdx/parse_spdx.go @@ -19,6 +19,7 @@ import ( "bytes" "context" "fmt" + "slices" "strings" "time" @@ -32,7 +33,6 @@ import ( "github.com/spdx/tools-golang/json" spdx "github.com/spdx/tools-golang/spdx" spdx_common "github.com/spdx/tools-golang/spdx/v2/common" - "golang.org/x/exp/slices" ) type spdxParser struct {