vulncheck/helpers_test.go - exp - Git at Google

 // Copyright 2021 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

 package vulncheck

 import (
 	"fmt"

 	"golang.org/x/tools/go/packages"
 	"golang.org/x/tools/go/packages/packagestest"
 	"golang.org/x/vulndb/osv"
 )

 type mockClient struct {
 	ret map[string][]*osv.Entry
 }

 func (mc *mockClient) GetByModule(a string) ([]*osv.Entry, error) {
 	return mc.ret[a], nil
 }

 func (mc *mockClient) GetByID(a string) (*osv.Entry, error) {
 	return nil, nil
 }

 // testClient contains the following test vulnerabilities
 //   golang.org/amod/avuln.{VulnData.Vuln1, vulnData.Vuln2}
 //   golang.org/bmod/bvuln.{Vuln}
 var testClient = &mockClient{
 	ret: map[string][]*osv.Entry{
 		"golang.org/amod": []*osv.Entry{
 			{
 				ID: "VA",
 				Affected: []osv.Affected{{
 					Package:           osv.Package{Name: "golang.org/amod/avuln"},
 					Ranges:            osv.Affects{{Type: osv.TypeSemver, Events: []osv.RangeEvent{{Introduced: "1.0.0"}, {Fixed: "1.0.4"}, {Introduced: "1.1.2"}}}},
 					EcosystemSpecific: osv.EcosystemSpecific{Symbols: []string{"VulnData.Vuln1", "VulnData.Vuln2"}},
 				}},
 			},
 		},
 		"golang.org/bmod": []*osv.Entry{
 			{
 				ID: "VB",
 				Affected: []osv.Affected{{
 					Package:           osv.Package{Name: "golang.org/bmod/bvuln"},
 					Ranges:            osv.Affects{{Type: osv.TypeSemver}},
 					EcosystemSpecific: osv.EcosystemSpecific{Symbols: []string{"Vuln"}},
 				}},
 			},
 		},
 	},
 }

 func moduleVulnerabilitiesToString(mv moduleVulnerabilities) string {
 	var s string
 	for _, m := range mv {
 		s += fmt.Sprintf("mod: %v\n", m.mod)
 		for _, v := range m.vulns {
 			s += fmt.Sprintf("\t%v\n", v)
 		}
 	}
 	return s
 }

 func vulnsToString(vulns []*osv.Entry) string {
 	var s string
 	for _, v := range vulns {
 		s += fmt.Sprintf("\t%v\n", v)
 	}
 	return s
 }

 func impGraphToStrMap(ig *ImportGraph) map[string][]string {
 	m := make(map[string][]string)
 	for _, n := range ig.Packages {
 		for _, predId := range n.ImportedBy {
 			pred := ig.Packages[predId]
 			m[pred.Path] = append(m[pred.Path], n.Path)
 		}
 	}
 	return m
 }

 func reqGraphToStrMap(rg *RequireGraph) map[string][]string {
 	m := make(map[string][]string)
 	for _, n := range rg.Modules {
 		for _, predId := range n.RequiredBy {
 			pred := rg.Modules[predId]
 			m[pred.Path] = append(m[pred.Path], n.Path)
 		}
 	}
 	return m
 }

 func loadPackages(e *packagestest.Exported, patterns ...string) ([]*packages.Package, error) {
 	e.Config.Mode |= packages.NeedModule | packages.NeedName | packages.NeedFiles |
 		packages.NeedCompiledGoFiles | packages.NeedImports | packages.NeedTypes |
 		packages.NeedTypesSizes | packages.NeedSyntax | packages.NeedTypesInfo | packages.NeedDeps
 	return packages.Load(e.Config, patterns...)
 }
	// Copyright 2021 The Go Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style
	// license that can be found in the LICENSE file.

	package vulncheck

	import (
	"fmt"

	"golang.org/x/tools/go/packages"
	"golang.org/x/tools/go/packages/packagestest"
	"golang.org/x/vulndb/osv"
	)

	type mockClient struct {
	ret map[string][]*osv.Entry
	}

	func (mc mockClient) GetByModule(a string) ([]osv.Entry, error) {
	return mc.ret[a], nil
	}

	func (mc mockClient) GetByID(a string) (osv.Entry, error) {
	return nil, nil
	}

	// testClient contains the following test vulnerabilities
	// golang.org/amod/avuln.{VulnData.Vuln1, vulnData.Vuln2}
	// golang.org/bmod/bvuln.{Vuln}
	var testClient = &mockClient{
	ret: map[string][]*osv.Entry{
	"golang.org/amod": []*osv.Entry{
	{
	ID: "VA",
	Affected: []osv.Affected{{
	Package: osv.Package{Name: "golang.org/amod/avuln"},
	Ranges: osv.Affects{{Type: osv.TypeSemver, Events: []osv.RangeEvent{{Introduced: "1.0.0"}, {Fixed: "1.0.4"}, {Introduced: "1.1.2"}}}},
	EcosystemSpecific: osv.EcosystemSpecific{Symbols: []string{"VulnData.Vuln1", "VulnData.Vuln2"}},
	}},
	},
	},
	"golang.org/bmod": []*osv.Entry{
	{
	ID: "VB",
	Affected: []osv.Affected{{
	Package: osv.Package{Name: "golang.org/bmod/bvuln"},
	Ranges: osv.Affects{{Type: osv.TypeSemver}},
	EcosystemSpecific: osv.EcosystemSpecific{Symbols: []string{"Vuln"}},
	}},
	},
	},
	},
	}

	func moduleVulnerabilitiesToString(mv moduleVulnerabilities) string {
	var s string
	for _, m := range mv {
	s += fmt.Sprintf("mod: %v\n", m.mod)
	for _, v := range m.vulns {
	s += fmt.Sprintf("\t%v\n", v)
	}
	}
	return s
	}

	func vulnsToString(vulns []*osv.Entry) string {
	var s string
	for _, v := range vulns {
	s += fmt.Sprintf("\t%v\n", v)
	}
	return s
	}

	func impGraphToStrMap(ig *ImportGraph) map[string][]string {
	m := make(map[string][]string)
	for _, n := range ig.Packages {
	for _, predId := range n.ImportedBy {
	pred := ig.Packages[predId]
	m[pred.Path] = append(m[pred.Path], n.Path)
	}
	}
	return m
	}

	func reqGraphToStrMap(rg *RequireGraph) map[string][]string {
	m := make(map[string][]string)
	for _, n := range rg.Modules {
	for _, predId := range n.RequiredBy {
	pred := rg.Modules[predId]
	m[pred.Path] = append(m[pred.Path], n.Path)
	}
	}
	return m
	}

	func loadPackages(e packagestest.Exported, patterns ...string) ([]packages.Package, error) {
	e.Config.Mode \|= packages.NeedModule \| packages.NeedName \| packages.NeedFiles \|
	packages.NeedCompiledGoFiles \| packages.NeedImports \| packages.NeedTypes \|
	packages.NeedTypesSizes \| packages.NeedSyntax \| packages.NeedTypesInfo \| packages.NeedDeps
	return packages.Load(e.Config, patterns...)
	}