internal/govulncheck: add Legacy prefix to legacy structs
We plan to replace structs with a new API design in a follow up CL.
Prefix the legacy structs with Legacy as a first step for this
transition, to make renaming easier.
Also rename run.go to legacy_run.go, since the current implementation of
Run will be replaced by Source and Binary.
For golang/go#56042
Change-Id: I2fc80048bd937ad81ee1263aaac83495ea2e0876
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/443070
Run-TryBot: Julie Qiu <julie@golang.org>
Reviewed-by: Jonathan Amsterdam <jba@google.com>
Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com>
Reviewed-by: Julie Qiu <julieqiu@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
diff --git a/cmd/govulncheck/main.go b/cmd/govulncheck/main.go
index 3ece7fa..4a567d1 100644
--- a/cmd/govulncheck/main.go
+++ b/cmd/govulncheck/main.go
@@ -76,7 +76,7 @@
}
ctx := context.Background()
- _, err := govulncheck.Run(ctx, govulncheck.Config{
+ _, err := govulncheck.LegacyRun(ctx, govulncheck.LegacyConfig{
AnalysisType: mode,
OutputType: outputType,
Patterns: patterns,
diff --git a/exp/govulncheck/govulncheck.go b/exp/govulncheck/govulncheck.go
index ed52a93..12fa6b6 100644
--- a/exp/govulncheck/govulncheck.go
+++ b/exp/govulncheck/govulncheck.go
@@ -12,11 +12,11 @@
)
// Config is the configuration for Main.
-type Config = govulncheck.Config
+type Config = govulncheck.LegacyConfig
// Main is the main function for the govulncheck command line tool.
func Main(cfg Config) error {
ctx := context.Background()
- _, err := govulncheck.Run(ctx, cfg)
+ _, err := govulncheck.LegacyRun(ctx, cfg)
return err
}
diff --git a/internal/govulncheck/config.go b/internal/govulncheck/config.go
index 709b396..424f205 100644
--- a/internal/govulncheck/config.go
+++ b/internal/govulncheck/config.go
@@ -37,8 +37,8 @@
vulndbHost = "https://vuln.go.dev"
)
-// Config is the configuration for Main.
-type Config struct {
+// LegacyConfig is the configuration for Main.
+type LegacyConfig struct {
// AnalysisType specifies the vulncheck analysis type.
AnalysisType string
diff --git a/internal/govulncheck/run.go b/internal/govulncheck/legacy_run.go
similarity index 98%
rename from internal/govulncheck/run.go
rename to internal/govulncheck/legacy_run.go
index 813a210..52292fb 100644
--- a/internal/govulncheck/run.go
+++ b/internal/govulncheck/legacy_run.go
@@ -20,8 +20,8 @@
"golang.org/x/vuln/vulncheck"
)
-// Run is the main function for the govulncheck command line tool.
-func Run(ctx context.Context, cfg Config) (*Result, error) {
+// LegacyRun is the main function for the govulncheck command line tool.
+func LegacyRun(ctx context.Context, cfg LegacyConfig) (*Result, error) {
dbs := []string{vulndbHost}
if db := os.Getenv(envGOVULNDB); db != "" {
dbs = strings.Split(db, ",")
diff --git a/internal/govulncheck/source.go b/internal/govulncheck/source.go
index 846f559..7210856 100644
--- a/internal/govulncheck/source.go
+++ b/internal/govulncheck/source.go
@@ -31,7 +31,7 @@
// the cfg mode flags that vulncheck needs for analysis.
// If the packages contain errors, a PackageError is returned containing a list of the errors,
// along with the packages themselves.
-func loadPackages(cfg Config) ([]*vulncheck.Package, error) {
+func loadPackages(cfg LegacyConfig) ([]*vulncheck.Package, error) {
patterns := cfg.Patterns
cfg.SourceLoadConfig.Mode |= packages.NeedName | packages.NeedImports | packages.NeedTypes |
packages.NeedSyntax | packages.NeedTypesInfo | packages.NeedDeps |
diff --git a/internal/govulncheck/summary.go b/internal/govulncheck/summary.go
index 7102cff..0cd8d2b 100644
--- a/internal/govulncheck/summary.go
+++ b/internal/govulncheck/summary.go
@@ -9,19 +9,19 @@
"golang.org/x/vuln/vulncheck"
)
-// Summary is the govulncheck result.
+// LegacySummary is the govulncheck result.
//
-// TODO(https://go.dev/issue/56042): replace Summary with Result
-type Summary struct {
+// TODO(https://go.dev/issue/56042): replace LegacySummary with Result
+type LegacySummary struct {
// Vulnerabilities affecting the analysis target binary or source code.
- Affecting []Vuln
+ Affecting []LegacyVuln
// Vulnerabilities that may be imported but the vulnerable symbols are
// not called. For binary analysis, this will be always empty.
- NonAffecting []Vuln
+ NonAffecting []LegacyVuln
}
-// Vuln represents a vulnerability relevant to a (module, package).
-type Vuln struct {
+// LegacyVuln represents a vulnerability relevant to a (module, package).
+type LegacyVuln struct {
OSV *osv.Entry
PkgPath string // Package path.
ModPath string // Module path.
@@ -30,33 +30,33 @@
// Trace contains a call stack for each affecting symbol.
// For vulnerabilities found from binary analysis, and vulnerabilities
// that are reported as Unaffecting ones, this will be always empty.
- Trace []Trace
+ Trace []LegacyTrace
}
-// Trace represents a sample trace for a vulnerable symbol.
-type Trace struct {
- Symbol string // Name of the detected vulnerable function or method.
- Desc string // One-line description of the callstack.
- Stack []StackEntry // Call stack.
- Seen int // Number of similar call stacks.
+// LegacyTrace represents a sample trace for a vulnerable symbol.
+type LegacyTrace struct {
+ Symbol string // Name of the detected vulnerable function or method.
+ Desc string // One-line description of the callstack.
+ Stack []LegacyStackEntry // Call stack.
+ Seen int // Number of similar call stacks.
}
-// StackEntry represents a call stack entry.
-type StackEntry struct {
+// LegacyStackEntry represents a call stack entry.
+type LegacyStackEntry struct {
FuncName string // Function name is the function name, adjusted to remove pointer annotation.
CallSite string // Position of the call/reference site. It is one of the formats token.Pos.String() returns or empty if unknown.
}
// summary summarize the analysis result.
-func summary(ci *callInfo, unaffected []*vulncheck.Vuln) Summary {
- var affecting, unaffecting []Vuln
+func summary(ci *callInfo, unaffected []*vulncheck.Vuln) LegacySummary {
+ var affecting, unaffecting []LegacyVuln
for _, vg := range ci.vulnGroups {
// All the vulns in vg have the same PkgPath, ModPath and OSV.
// All have a non-zero CallSink.
v0 := vg[0]
stacks := summarizeCallStacks(vg, ci)
- affecting = append(affecting, Vuln{
+ affecting = append(affecting, LegacyVuln{
OSV: vg[0].OSV,
PkgPath: v0.PkgPath,
ModPath: v0.ModPath,
@@ -66,7 +66,7 @@
})
}
for _, vuln := range unaffected {
- unaffecting = append(unaffecting, Vuln{
+ unaffecting = append(unaffecting, LegacyVuln{
OSV: vuln.OSV,
PkgPath: vuln.PkgPath,
ModPath: vuln.ModPath,
@@ -74,28 +74,28 @@
FixedIn: fixedVersion(vuln.ModPath, vuln.OSV.Affected),
})
}
- return Summary{
+ return LegacySummary{
Affecting: affecting,
NonAffecting: unaffecting,
}
}
-func summarizeCallStacks(vg []*vulncheck.Vuln, ci *callInfo) []Trace {
- cs := make([]Trace, 0, len(vg))
+func summarizeCallStacks(vg []*vulncheck.Vuln, ci *callInfo) []LegacyTrace {
+ cs := make([]LegacyTrace, 0, len(vg))
// report one full call stack for each vuln.
for _, v := range vg {
css := ci.callStacks[v]
if len(css) == 0 {
continue
}
- stack := make([]StackEntry, 0, len(css))
+ stack := make([]LegacyStackEntry, 0, len(css))
for _, e := range css[0] {
- stack = append(stack, StackEntry{
+ stack = append(stack, LegacyStackEntry{
FuncName: FuncName(e.Function),
CallSite: FuncPos(e.Call),
})
}
- cs = append(cs, Trace{
+ cs = append(cs, LegacyTrace{
Symbol: v.Symbol,
Desc: SummarizeCallStack(css[0], ci.topPackages, v.PkgPath),
Stack: stack,