internal/govulncheck: unexport CallInfo, GetCallInfo and LoadPackages
These are not used outside this package.
Change-Id: I1388e61658c531dd7ede90622eac514e169e4f69
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/437855
Reviewed-by: Jonathan Amsterdam <jba@google.com>
Reviewed-by: Julie Qiu <julieqiu@google.com>
diff --git a/internal/govulncheck/run.go b/internal/govulncheck/run.go
index 881eca5..ff521ee 100644
--- a/internal/govulncheck/run.go
+++ b/internal/govulncheck/run.go
@@ -49,7 +49,7 @@
return err
}
case AnalysisTypeSource:
- pkgs, err = LoadPackages(cfg)
+ pkgs, err = loadPackages(cfg)
if err != nil {
// Try to provide a meaningful and actionable error message.
if !fileExists(filepath.Join(cfg.SourceLoadConfig.Dir, "go.mod")) {
@@ -84,10 +84,10 @@
return writeJSON(r)
case OutputTypeText, OutputTypeVerbose:
// set of top-level packages, used to find representative symbols
- ci := GetCallInfo(r, pkgs)
+ ci := getCallInfo(r, pkgs)
writeText(r, ci, unaffected, cfg.OutputType == OutputTypeVerbose)
case OutputTypeSummary:
- ci := GetCallInfo(r, pkgs)
+ ci := getCallInfo(r, pkgs)
return writeJSON(summary(ci, unaffected))
default:
return fmt.Errorf("%w: %s", ErrInvalidOutputType, cfg.OutputType)
@@ -113,7 +113,7 @@
lineLength = 55
)
-func writeText(r *vulncheck.Result, ci *CallInfo, unaffected []*vulncheck.Vuln, verbose bool) {
+func writeText(r *vulncheck.Result, ci *callInfo, unaffected []*vulncheck.Vuln, verbose bool) {
uniqueVulns := map[string]bool{}
for _, v := range r.Vulns {
uniqueVulns[v.OSV.ID] = true
@@ -126,7 +126,7 @@
default:
fmt.Printf("Found %d known vulnerabilities.\n", len(uniqueVulns))
}
- for idx, vg := range ci.VulnGroups {
+ for idx, vg := range ci.vulnGroups {
fmt.Println()
// All the vulns in vg have the same PkgPath, ModPath and OSV.
// All have a non-zero CallSink.
@@ -176,9 +176,9 @@
`, idx, id, indent(details, 2), callstack, found, fixed, platforms, id)
}
-func foundVersion(modulePath, pkgPath string, ci *CallInfo) string {
+func foundVersion(modulePath, pkgPath string, ci *callInfo) string {
var found string
- if v := ci.ModuleVersions[modulePath]; v != "" {
+ if v := ci.moduleVersions[modulePath]; v != "" {
found = packageVersionString(pkgPath, v[1:])
}
return found
@@ -192,11 +192,11 @@
return fixed
}
-func defaultCallStacks(vg []*vulncheck.Vuln, ci *CallInfo) string {
+func defaultCallStacks(vg []*vulncheck.Vuln, ci *callInfo) string {
var summaries []string
for _, v := range vg {
- if css := ci.CallStacks[v]; len(css) > 0 {
- if sum := SummarizeCallStack(css[0], ci.TopPackages, v.PkgPath); sum != "" {
+ if css := ci.callStacks[v]; len(css) > 0 {
+ if sum := SummarizeCallStack(css[0], ci.topPackages, v.PkgPath); sum != "" {
summaries = append(summaries, strings.TrimSpace(sum))
}
}
@@ -213,13 +213,13 @@
return b.String()
}
-func verboseCallStacks(vg []*vulncheck.Vuln, ci *CallInfo) string {
+func verboseCallStacks(vg []*vulncheck.Vuln, ci *callInfo) string {
// Display one full call stack for each vuln.
i := 1
nMore := 0
var b strings.Builder
for _, v := range vg {
- css := ci.CallStacks[v]
+ css := ci.callStacks[v]
if len(css) == 0 {
continue
}
diff --git a/internal/govulncheck/source.go b/internal/govulncheck/source.go
index 47e6bcc..846f559 100644
--- a/internal/govulncheck/source.go
+++ b/internal/govulncheck/source.go
@@ -27,11 +27,11 @@
return b.String()
}
-// LoadPackages loads the packages matching patterns using cfg, after setting
+// loadPackages loads the packages matching patterns using cfg, after setting
// the cfg mode flags that vulncheck needs for analysis.
// If the packages contain errors, a PackageError is returned containing a list of the errors,
// along with the packages themselves.
-func LoadPackages(cfg Config) ([]*vulncheck.Package, error) {
+func loadPackages(cfg Config) ([]*vulncheck.Package, error) {
patterns := cfg.Patterns
cfg.SourceLoadConfig.Mode |= packages.NeedName | packages.NeedImports | packages.NeedTypes |
packages.NeedSyntax | packages.NeedTypesInfo | packages.NeedDeps |
@@ -52,33 +52,33 @@
return vpkgs, err
}
-// CallInfo is information about calls to vulnerable functions.
-type CallInfo struct {
- // CallStacks contains all call stacks to vulnerable functions.
- CallStacks map[*vulncheck.Vuln][]vulncheck.CallStack
+// callInfo is information about calls to vulnerable functions.
+type callInfo struct {
+ // callStacks contains all call stacks to vulnerable functions.
+ callStacks map[*vulncheck.Vuln][]vulncheck.CallStack
- // VulnGroups contains vulnerabilities grouped by ID and package.
- VulnGroups [][]*vulncheck.Vuln
+ // vulnGroups contains vulnerabilities grouped by ID and package.
+ vulnGroups [][]*vulncheck.Vuln
- // ModuleVersions is a map of module paths to versions.
- ModuleVersions map[string]string
+ // moduleVersions is a map of module paths to versions.
+ moduleVersions map[string]string
- // TopPackages contains the top-level packages in the call info.
- TopPackages map[string]bool
+ // topPackages contains the top-level packages in the call info.
+ topPackages map[string]bool
}
-// GetCallInfo computes call stacks and related information from a vulncheck.Result.
+// getCallInfo computes call stacks and related information from a vulncheck.Result.
// It also makes a set of top-level packages from pkgs.
-func GetCallInfo(r *vulncheck.Result, pkgs []*vulncheck.Package) *CallInfo {
+func getCallInfo(r *vulncheck.Result, pkgs []*vulncheck.Package) *callInfo {
pset := map[string]bool{}
for _, p := range pkgs {
pset[p.PkgPath] = true
}
- return &CallInfo{
- CallStacks: vulncheck.CallStacks(r),
- VulnGroups: groupByIDAndPackage(r.Vulns),
- ModuleVersions: moduleVersionMap(r.Modules),
- TopPackages: pset,
+ return &callInfo{
+ callStacks: vulncheck.CallStacks(r),
+ vulnGroups: groupByIDAndPackage(r.Vulns),
+ moduleVersions: moduleVersionMap(r.Modules),
+ topPackages: pset,
}
}
diff --git a/internal/govulncheck/summary.go b/internal/govulncheck/summary.go
index e251426..1538706 100644
--- a/internal/govulncheck/summary.go
+++ b/internal/govulncheck/summary.go
@@ -46,9 +46,9 @@
}
// summary summarize the analysis result.
-func summary(ci *CallInfo, unaffected []*vulncheck.Vuln) Summary {
+func summary(ci *callInfo, unaffected []*vulncheck.Vuln) Summary {
var affecting, unaffecting []Vuln
- for _, vg := range ci.VulnGroups {
+ for _, vg := range ci.vulnGroups {
// All the vulns in vg have the same PkgPath, ModPath and OSV.
// All have a non-zero CallSink.
v0 := vg[0]
@@ -78,11 +78,11 @@
}
}
-func summarizeCallStacks(vg []*vulncheck.Vuln, ci *CallInfo) []Trace {
+func summarizeCallStacks(vg []*vulncheck.Vuln, ci *callInfo) []Trace {
cs := make([]Trace, 0, len(vg))
// report one full call stack for each vuln.
for _, v := range vg {
- css := ci.CallStacks[v]
+ css := ci.callStacks[v]
if len(css) == 0 {
continue
}
@@ -95,7 +95,7 @@
}
cs = append(cs, Trace{
Symbol: v.Symbol,
- Desc: SummarizeCallStack(css[0], ci.TopPackages, v.PkgPath),
+ Desc: SummarizeCallStack(css[0], ci.topPackages, v.PkgPath),
Stack: stack,
Seen: len(css),
})